diff options
| author |   vempo <vitaliy.emporopulo@amdocs.com> | 2017-08-29 18:15:04 +0300 |
|---|---|---|
| committer | vempo <vitaliy.emporopulo@amdocs.com> | 2017-08-29 18:21:34 +0300 |
| commit | 09d4f069e48a0b4ab7359bbcc3b299d222721230 (patch) | |
| tree | 25d5c0677ebe0984e1f74f31ecd1100953b82228 | |
| parent | 7cd1156c3cab009146ca02989df394412d209483 (diff) | |
Set up static analysis for on-boarding
Configured PMD Maven plugin in the onboarding pom.xml, with a custom ruleset.
Currently disabled by default, can be ran on demand.
Change-Id: I0e7ba1aeb1aefcea86fc2534ebc62343057f7c34
Issue-ID: SDC-246
Signed-off-by: vempo <vitaliy.emporopulo@amdocs.com>
| -rw-r--r-- | build-tools/pom.xml | 35 | ||||
| -rw-r--r-- | build-tools/src/main/resources/build-pmd-ruleset.xml | 42 | ||||
| -rw-r--r-- | onboarding/pom.xml | 56 | ||||
| -rw-r--r-- | pom.xml | 1 |
4 files changed, 134 insertions, 0 deletions
diff --git a/build-tools/pom.xml b/build-tools/pom.xml new file mode 100644 index 0000000000..952ebef380 --- /dev/null +++ b/build-tools/pom.xml @@ -0,0 +1,35 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + + <!-- This dependency must be referenced from a plugin configuration only --> + + <modelVersion>4.0.0</modelVersion> + + <artifactId>build-tools</artifactId> + + <parent> + <groupId>org.openecomp.sdc</groupId> + <artifactId>sdc-main</artifactId> + <version>1.1.0-SNAPSHOT</version> + </parent> + + <properties> + <pmd.version>5.8.1</pmd.version> + </properties> + + <dependencies> + <dependency> + <groupId>net.sourceforge.pmd</groupId> + <artifactId>pmd-core</artifactId> + <version>${pmd.version}</version> + </dependency> + <dependency> + <groupId>net.sourceforge.pmd</groupId> + <artifactId>pmd-java</artifactId> + <version>${pmd.version}</version> + </dependency> + </dependencies> + +</project>
\ No newline at end of file diff --git a/build-tools/src/main/resources/build-pmd-ruleset.xml b/build-tools/src/main/resources/build-pmd-ruleset.xml new file mode 100644 index 0000000000..dd8984a970 --- /dev/null +++ b/build-tools/src/main/resources/build-pmd-ruleset.xml @@ -0,0 +1,42 @@ +<?xml version="1.0"?> +<ruleset name="SDC Essential Rule-set" + xmlns="http://pmd.sourceforge.net/ruleset/2.0.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 http://pmd.sourceforge.net/ruleset_2_0_0.xsd http://pmd.sourceforge.net/ruleset/2.0.0 "> + + <description> + Essential rules according to SonarQube. Note that it is impossible to make PMD rules exactly match the + SonarQube ones, but they will probably catch about 90% of violations before they get into the source control. + The advantage is that PMD can be ran locally on any development setup and does not require a license. + </description> + + <!-- + All available Java rule-sets: https://pmd.github.io/pmd-5.6.1/pmd-java/rules/index.html + --> + + <!-- Blocker severity in SonarQube --> + <rule ref="rulesets/java/strictexception.xml/AvoidCatchingThrowable"/> + <rule ref="rulesets/java/empty.xml/EmptyCatchBlock"> + <properties> + <property name="allowCommentedBlocks" value="true"/> + </properties> + </rule> + + <!-- THERE IS NO GOOD RULE TO CATCH NULL DEREFERENCING IN PMD --> + <rule ref="rulesets/java/basic.xml/MisplacedNullCheck"/> + <rule ref="rulesets/java/basic.xml/BrokenNullCheck"/> + + + <rule ref="rulesets/java/design.xml/CloseResource"> + <properties> + <property name="types" + value="java.sql.Connection,java.sql.Statement,java.sql.ResultSet,java.io.OutputStream,java.net.URLConnection,java.io.InputStream,java.io.FileInputStream,java.io.FileOutputStream,java.util.zip.ZipOutputStream,java.util.zip.ZipInputStream,java.util.jar.JarInputStream,java.util.jar.JarOutputStream,java.io.BufferedReader,java.io.BufferedWriter"/> + </properties> + </rule> + <rule ref="rulesets/java/basic.xml/OverrideBothEqualsAndHashcode"/> + + <!-- + Critical severity in SonarQube. Should be empty until all Critical have been fixed. + --> + +</ruleset>
\ No newline at end of file diff --git a/onboarding/pom.xml b/onboarding/pom.xml index 0e600287bf..36a36ee325 100644 --- a/onboarding/pom.xml +++ b/onboarding/pom.xml @@ -93,5 +93,61 @@ <ws.rs.version>2.0.1</ws.rs.version> <!-- New version 2.0.1 to fix blackduck violation Failing with comiplation issues--> <zusammen.version>0.2.0</zusammen.version> <zusammen-state-store.version>0.2.1</zusammen-state-store.version> + <skipSA>true</skipSA> + <build.tools.version>1.1.0-SNAPSHOT</build.tools.version> </properties> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jxr-plugin</artifactId> + <version>2.5</version> + <configuration> + <skip>${skipSA}</skip> + </configuration> + <executions> + <execution> + <id>jxr-generation</id> + <phase>validate</phase> + <goals> + <goal>jxr</goal> + <goal>test-jxr</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-pmd-plugin</artifactId> + <version>3.8</version> + <configuration> + <skip>${skipSA}</skip> + <aggregate>false</aggregate> + <targetJdk>${maven.compiler.target}</targetJdk> + <rulesets> + <ruleset>build-pmd-ruleset.xml</ruleset> + </rulesets> + </configuration> + <executions> + <execution> + <id>pmd-check</id> + <phase>validate</phase> + <goals> + <!-- violations fail build --> + <goal>check</goal> + </goals> + </execution> + </executions> + <dependencies> + <dependency> + <groupId>org.openecomp.sdc</groupId> + <artifactId>build-tools</artifactId> + <version>${build.tools.version}</version> + </dependency> + </dependencies> + </plugin> + </plugins> + </build> + </project> @@ -340,6 +340,7 @@ <activeByDefault>true</activeByDefault> </activation> <modules> + <module>build-tools</module> <module>onboarding</module> <module>security-utils</module> <module>common-app-api</module> |