Skip to content
This repository has been archived by the owner on Mar 2, 2024. It is now read-only.

A plugin for Gradle that will find report files from static code analysis and comment merge requests in GItLab with them. Edit Add topics

License

Notifications You must be signed in to change notification settings

tomasbjerre/violation-comments-to-gitlab-gradle-plugin

Repository files navigation

There are very few users of this tool, so I am archiving it and referring to:


Violation Comments to GitLab Gradle Plugin

Build Status Maven Central

This is a Gradle plugin for Violation Comments to GitLab Lib.

It can parse results from static code analysis and comment merge requests in GitLab with them.

An alternative is also to have violations-command-line convert the violations to CodeClimate format and upload that to GitLab. It is explained in readme of violations-command-line.

The merge must be performed first in order for the commented lines in the MR to match the lines reported by the analysis tools!

Example of supported reports are available here.

A number of parsers have been implemented. Some parsers can parse output from several reporters.

Reporter Parser Notes
ARM-GCC CLANG
AndroidLint ANDROIDLINT
AnsibleLint FLAKE8 With -p
Bandit CLANG With bandit -r examples/ -f custom -o bandit.out --msg-template "{abspath}:{line}: {severity}: {test_id}: {msg}"
CLang CLANG
CPD CPD
CPPCheck CPPCHECK With cppcheck test.cpp --output-file=cppcheck.xml --xml
CPPLint CPPLINT
CSSLint CSSLINT
Checkstyle CHECKSTYLE
CodeClimate CODECLIMATE
CodeNarc CODENARC
Detekt CHECKSTYLE With --output-format xml.
DocFX DOCFX
Doxygen CLANG
ERB CLANG With erb -P -x -T '-' "${it}" | ruby -c 2>&1 >/dev/null | grep '^-' | sed -E 's/^-([a-zA-Z0-9:]+)/${filename}\1 ERROR:/p' > erbfiles.out.
ESLint CHECKSTYLE With format: 'checkstyle'.
Findbugs FINDBUGS
Flake8 FLAKE8
FxCop FXCOP
GCC CLANG
Gendarme GENDARME
Generic reporter GENERIC Will create one single violation with all the content as message.
GoLint GOLINT
GoVet GOLINT Same format as GoLint.
GolangCI-Lint CHECKSTYLE With --out-format=checkstyle.
GoogleErrorProne GOOGLEERRORPRONE
HadoLint CHECKSTYLE With -f checkstyle
IAR IAR With --no_wrap_diagnostics
Infer PMD Facebook Infer. With --pmd-xml.
JCReport JCREPORT
JSHint JSLINT With --reporter=jslint or the CHECKSTYLE parser with --reporter=checkstyle
JUnit JUNIT It only contains the failures.
KTLint CHECKSTYLE
Klocwork KLOCWORK
KotlinGradle KOTLINGRADLE Output from Kotlin Gradle Plugin.
KotlinMaven KOTLINMAVEN Output from Kotlin Maven Plugin.
Lint LINT A common XML format, used by different linters.
MSBuildLog MSBULDLOG With -fileLogger use .*msbuild\\.log$ as pattern or -fl -flp:logfile=MyProjectOutput.log;verbosity=diagnostic for a custom output filename
MSCpp MSCPP
Mccabe FLAKE8
MyPy MYPY
NullAway GOOGLEERRORPRONE Same format as Google Error Prone.
PCLint PCLINT PC-Lint using the same output format as the Jenkins warnings plugin, details here
PHPCS CHECKSTYLE With phpcs api.php --report=checkstyle.
PHPPMD PMD With phpmd api.php xml ruleset.xml.
PMD PMD
Pep8 FLAKE8
PerlCritic PERLCRITIC
PiTest PITEST
ProtoLint PROTOLINT
Puppet-Lint CLANG With -log-format %{fullpath}:%{line}:%{column}: %{kind}: %{message}
PyDocStyle PYDOCSTYLE
PyFlakes FLAKE8
PyLint PYLINT With pylint --output-format=parseable.
ReSharper RESHARPER
RubyCop CLANG With rubycop -f clang file.rb
SbtScalac SBTSCALAC
Scalastyle CHECKSTYLE
Simian SIMIAN
Sonar SONAR With mvn sonar:sonar -Dsonar.analysis.mode=preview -Dsonar.report.export.path=sonar-report.json. Removed in 7.7, see SONAR-11670 but can be retrieved with: curl --silent 'http://sonar-server/api/issues/search?componentKeys=unique-key&resolved=false' | jq -f sonar-report-builder.jq > sonar-report.json.
Spotbugs FINDBUGS
StyleCop STYLECOP
SwiftLint CHECKSTYLE With --reporter checkstyle.
TSLint CHECKSTYLE With -t checkstyle
XMLLint XMLLINT
XUnit XUNIT It only contains the failures.
YAMLLint YAMLLINT With -f parsable
ZPTLint ZPTLINT

Missing a format? Open an issue here!

Usage

There is a running example here and it is invoked here.

Here is and example:

buildscript {
 repositories {
  maven { url 'https://plugins.gradle.org/m2/' }
 }
 dependencies {
  classpath "se.bjurr.violations:violation-comments-to-gitlab-gradle-plugin:X"
 }
}

apply plugin: "se.bjurr.violations.violation-comments-to-gitlab-gradle-plugin"

task violationCommentsToGitLab(type: se.bjurr.violations.comments.gitlab.plugin.gradle.ViolationCommentsToGitLabTask) {
 gitLabUrl = System.properties['GITLAB_URL'];
 mergeRequestIid = System.properties['GITLAB_MERGEREQUESTIID'];
 projectId = System.properties['GITLAB_PROJECTID'];

 commentOnlyChangedContent = true;
 commentOnlyChangedContentContext = 0;
 createCommentWithAllSingleFileComments = true;
 createSingleFileComments = true;
 keepOldComments = false;
 minSeverity = "INFO";
 maxNumberOfComments = 99999;
 //commentTemplate = """
 // See https://github.com/tomasbjerre/violation-comments-lib
 //""" 

 apiTokenPrivate = true;
 apiToken = System.properties['GITLAB_APITOKEN'];
 ignoreCertificateErrors = true;

 shouldSetWip = false;
 
 //proxyServer = ""
 //proxyUser = ""
 //proxyPassword = ""
 
 violations = [
  ["FINDBUGS",   ".", ".*/findbugs/.*\\.xml\$",   "Findbugs"],
  ["PMD",        ".", ".*/pmd/.*\\.xml\$",        "PMD"],
  ["CHECKSTYLE", ".", ".*/checkstyle/.*\\.xml\$", "Checkstyle"],
  ["JSHINT",     ".", ".*/jshint/.*\\.xml\$",     "JSHint"],
  ["CSSLINT",    ".", ".*/csslint/.*\\.xml\$",     "CssLint"]
 ]
}

You may also have a look at Violations Lib.

Developer instructions

To build the code you need to run build.sh in root of repo. You may also have a look at .travis.yml.

To do a release you need to do ./gradlew release -Dgradle.publish.key=... -Dgradle.publish.secret=... and release the artifact from staging. More information here.

About

A plugin for Gradle that will find report files from static code analysis and comment merge requests in GItLab with them. Edit Add topics

Resources

License

Stars

Watchers

Forks

Sponsor this project

Packages

No packages published

Languages