Commit f2533448 authored by Carsten Heidmann's avatar Carsten Heidmann
Browse files

Add static code analysis as part of the build

Motivation:

There was no continuous static code analysis until now. This is an important part of the quality assurance and should be covered in all builds

Modifications:

* add configuration for static code analysis as part of the Maven build
* add the neccessary GitLab configuration

Result

Static code analysis can be executed from the command line and the execution as part of the CI is prepared and only needs to be aenabled

Target: master

Request:

Acked-by: @femiadeyemi

Pull-request: !3
parent dbbd0188
Pipeline #33064 failed
...@@ -16,4 +16,5 @@ cache: ...@@ -16,4 +16,5 @@ cache:
- ".m2/repository" - ".m2/repository"
include: include:
- local: .gitlab/ci/create-docker-image-ci.yml - local: .gitlab/ci/create-docker-image-ci.yml
\ No newline at end of file - local: .gitlab/ci/static-code-analysis.yml
ci_build:
stage: test_sonar
image: maven:3-jdk-11
script: "mvn -P static-code-analysis clean verify sonar:sonar"
...@@ -17,6 +17,8 @@ ...@@ -17,6 +17,8 @@
<properties> <properties>
<java.version>11</java.version> <java.version>11</java.version>
<version.spring-webmvc>5.2.6.RELEASE</version.spring-webmvc> <version.spring-webmvc>5.2.6.RELEASE</version.spring-webmvc>
<!--suppress UnresolvedMavenProperty -->
<sonar.token>${env.SONAR_AUTH_TOKEN}</sonar.token>
</properties> </properties>
<dependencies> <dependencies>
...@@ -54,6 +56,58 @@ ...@@ -54,6 +56,58 @@
<artifactId>spring-boot-maven-plugin</artifactId> <artifactId>spring-boot-maven-plugin</artifactId>
</plugin> </plugin>
</plugins> </plugins>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId>
<version>3.7.0.1746</version>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.5</version>
</plugin>
</plugins>
</pluginManagement>
</build> </build>
<profiles>
<profile>
<id>static-code-analysis</id>
<properties>
<sonar.login>${sonar.token}</sonar.login>
<sonar.host.url>https://sonar.desy.de</sonar.host.url>
<sonar.projectKey>${project.groupId}:${project.artifactId}</sonar.projectKey>
<sonar.projectName>${project.name}</sonar.projectName>
<sonar.sources>src/main</sonar.sources>
<sonar.tests>src/test</sonar.tests>
<sonar.projectVersion>${project.version}</sonar.projectVersion>
<sonar.sourceEncoding>UTF-8</sonar.sourceEncoding>
<sonar.qualitygate.wait>true</sonar.qualitygate.wait>
<sonar.qualitygate.timeout>30</sonar.qualitygate.timeout>
</properties>
<build>
<plugins>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<executions>
<execution>
<id>prepare-agent</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>report</id>
<goals>
<goal>report</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project> </project>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment