Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/gtiwari333/maven-starter-project-with-static-analysis-spock

Maven Starter Project with several static analyis and testing libraries
https://github.com/gtiwari333/maven-starter-project-with-static-analysis-spock

archunit checkstyle-plugin error-prone-plugin java maven maven-starter modernizer owasp-dependencycheck sonarqube spock-framework spotbugs-plugin

Last synced: 26 days ago
JSON representation

Maven Starter Project with several static analyis and testing libraries

Host: GitHub
URL: https://github.com/gtiwari333/maven-starter-project-with-static-analysis-spock
Owner: gtiwari333
Created: 2022-08-14T22:22:11.000Z (about 2 years ago)
Default Branch: main
Last Pushed: 2023-12-07T20:21:27.000Z (11 months ago)
Last Synced: 2023-12-07T21:27:43.088Z (11 months ago)
Topics: archunit, checkstyle-plugin, error-prone-plugin, java, maven, maven-starter, modernizer, owasp-dependencycheck, sonarqube, spock-framework, spotbugs-plugin
Language: Java
Homepage:
Size: 145 KB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# A maven 'starter' project with several static analysis plugins integrated

## Included Plugins:
- spotbugs with findsecbugs and sb-contrib
- checkstyle
- modernizer
- error-prone
- owasp dependency check

- git-commit-id
- jacoco
- failsafe and surefire

## Code Quality

#### The `error-prone` runs at compile time.
#### The `modernizer` `checkstyle` and `spotbugs` plugin are run as part of maven `test-compile` lifecycle phase. Owasp plugin can be run ad-hoc

### SonarQube scan

Run sonarqube server using docker

docker run -e SONAR_ES_BOOTSTRAP_CHECKS_DISABLE=true -p 9000:9000 sonarqube:latest

Perform scan:

./mvnw sonar:sonar
./mvnw sonar:sonar -Dsonar.login=admin -Dsonar.password=admin

View Reports in SonarQube web ui:

- visit http://localhost:9000
- default login and password are `admin`, you will be asked to change password after logging in with default
username/password
- (optional) change sonarqube admin password without logging
in: `curl -u admin:admin -X POST "http://localhost:9000/api/users/change_password?login=admin&previousPassword=admin&password=NEW_PASSWORD"`
- if you change the password, make sure the update `-Dsonar.password=admin` when you run sonarqube next time

#### Running unit tests only (it uses maven surefire plugin)

./mvnw compiler:testCompile resources:testResources surefire:test
#### Running integration tests only (it uses maven-failsafe-plugin)

./mvnw compiler:testCompile resources:testResources failsafe:integration-test

### Dependency/plugin version checker

./mvnw versions:display-dependency-updates
./mvnw versions:display-plugin-updates

## Future plan:

- configure graalvm native plugin
- docker plugin
- add examples of a native CLI app, a lambda etc in separate branches