I have PMD and FindBugs configured in eclipse as well as Gradle. The Gradle reports are consumed by Jenkins, which lists a set of violations, which seem to be different than those reported by Eclipse.
I would like to set my Eclipse FindBugs and PMD settings to be the same as the defaults for the corresponding Gradle Plugins.
What are the default PMD RuleSets and FindBugs effort configured for the Gradle Plugins ?
See the documentation for the findBugs gradle plugin here and PMD plugin here.
For findbugs, it uses effort = 'default'. See the documentation for findBugs to see what that entails.
For PMD, it looks like it uses "basic". You can check out the PMD docs to see what that entails.
Related
I have setup SonarQube Ver 4.3.3 , but when i navigate to Quality Profile -> Sonar Way with find bugs -> Coding Rules -> Repository i do not see any PMD rule repository.
I can only see Common Sonar, FindBugs and Sonar Qube rule repositories.
Does it means that my SONAR is not is not checking PMD rules ?
You do not see any PMD rule repository because the java plugin reimplemented the PMD rules (not a 1 on 1 match).
For more details, please read this.
Please note the sonar-pmd-plugin is still supported. I advice to install a more recent version of the java plugin.
If you specifically want to see the PMD rules, please install the PMD plugin
I am new to SonarQube and using SonarQube 5.1. I read from somewhere that it is a replacement for FindBugs and CheckStyle. So does it mean it internally runs FindBugs and CheckStyle? But I counldn't find any FindBugs and CheckStyle plugins inbuilt. From where does Sonar take the rules?
You can install Checkstyle and FindBugs plugins separately, enable their rules in your profile and thus use them in your analysis. However, #SonarSource has made a concerted effort to replace such rules with 'native' rules, and if you do install these extra plugins, you will find many of their rules marked Deprecated.
You can see the replacement progress in the deprecation reports for FindBugs, Checkstyle and PMD.
You can install FindBugs and CheckStyle from the Update Center, on the administration section of SonarQube (default: login as user "admin" with password "admin" )
Once installed the plugins, when you do a sonar analysis in your code (for example: mvn sonar:sonar ), the machine running the analysis will get the .jars from Sonar itself, run locally, and then upload the results back to Sonar.
I'm calling sonar from maven:
mvn clean install sonar:sonar
How can I configure the findbugs rules?
Do I have to configure the rules in maven as suggested in Import FindBugs configuration from Sonar to Maven?
Where can I find a documenentation how to write the configuration file?
Is the configuration in sonar still relevant?
The documentation doesn't help.
How can I configure the findbugs rules?
Use the SonarQube web GUI. Click on "Quality Profiles" in the black area at the top, then choose "Java". The Maven plugin will download your definitions from there and use them.
Do I have to configure the rules in maven as suggested in Import FindBugs configuration from Sonar to Maven?
Nope. Configure them only in SonarQube, and you're all set.
Where can I find a documenentation how to write the configuration file?
That would be the FindBugs docs. But you don't need to do that if you're using SonarQube.
Is the configuration in sonar still relevant? The documentation doesn't help.
Yes it is relevant. The SonarQube documentation is generally not very helpful, but configuring rules is quite straightforward using the GUI. You should have a good chance even without documentation.
I want to learn how to use CheckStyle.
I am doing static code analysis in Hudson, as first part, I installed Static Analyser and CheckStyle plugins in Hudson. But I am not able to find out how to use it in official Hudson checkstyple page also.
official page : http://wiki.hudson-ci.org/display/HUDSON/Checkstyle+Plugin
I saw some documents in Maven checkstyle plugin that we have to mention some configuration in pom file and run the targets.
Then, I got doubt, if I am doing with Maven, why we need the CheckStyle plugin install in hudson?
Is it possible to configure CheckStyle in Hudson job for a Java project instead of changing in pom or not? It here is both ways, then which one is better?
Do you have the steps to configure CheckStyle plugin in Hudson?
If you've installed the plugin in Jenkins/Hudson, you should now be able to add the checkstyle goal to your project/job.
In the goals section of your Jenkins Maven job, add "checkstyle:checkstyle" to enable the checkstyle plugin to analyse your project.
Is there a way to get sonar to use the checkstyle configuration from my pom file? I have the maven checkstyle plugin setup, and I have the maven sonar plugin (version 2.7) setup, but sonar seems to use its default checkstyle configuration. I know I can create a new quality profile and upload the checkstyle file, but I would think that the maven plugin should use the one from the pom. Any help here is appreciated.
thanks,
Jeff
It used to be possible from Sonar 1.11 to Sonar 2.2 by using a parameter sonar.reuseExistingRulesConfiguration. It was removed from Sonar 2.3.
See SONAR-583
See SONAR-1706