Skip to content

Commit

Permalink
Close camunda-community-hub#203: use spotbugs to identify possible co…
Browse files Browse the repository at this point in the history
…de problems

* added spotbugs gradle plugin
* added seperate job in GHA continous-integration that spotbugs analysis is always executed when a PR is created
* defined exclude rule that all generated classes beginning with $ are ignored
  • Loading branch information
arolfes committed Feb 19, 2021
1 parent f8882be commit c718798
Show file tree
Hide file tree
Showing 5 changed files with 66 additions and 1 deletion.
32 changes: 31 additions & 1 deletion .github/workflows/continous-integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,4 +39,34 @@ jobs:
restore-keys: |
${{ runner.os }}-gradle-
- name: Build with Gradle Wrapper
run: ./gradlew build --warning-mode=fail -Pmicronaut.runtime=${{ matrix.runtime }}
run: ./gradlew build --warning-mode=fail -Pmicronaut.runtime=${{ matrix.runtime }} -Pspotbugs.ignoreFailures=true

spotbugs:
runs-on: ubuntu-latest
steps:
- name: Git Checkout
uses: actions/checkout@v2
- name: Set up JDK 8
uses: actions/setup-java@v1
with:
java-version: 8
- name: Cache Dependencies #see https://github.com/actions/cache/blob/master/examples.md#java---gradle
uses: actions/cache@v2
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-spotbugs-gradle-${{ hashFiles('**/*.gradle*') }}
restore-keys: |
${{ runner.os }}-spotbugs-gradle-
- name: Spotbugs Checks
id: spotbugs_checks
# ignoreFailures set to true that the xmlReport can parsed and uploaded by next step otherwise this step will fail and the findings are not visible
# xmlReport set to true that the next step can parse the xml and upload the findings
run: ./gradlew spotbugsMain -Pspotbugs.ignoreFailures=true -Pspotbugs.xmlReport=true
- name: Publish Spotbugs Results
uses: arolfes/spotbugs-github-action@master
with:
path: '**/spotbugs/main.xml'
name: 'Spotbugs Checks'
title: 'Spotbugs Check Results'
# TODO enable when PR jwgmeligmeyling/spotbugs-github-action#10 is integrated
threshold: 0 # apply zero-warning policy
1 change: 1 addition & 0 deletions gradle.properties
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ camundaVersion=7.14.0
# Latest Jersey, that implements JAX-RS 2.1 API: see https://eclipse-ee4j.github.io/jersey/download.html
jerseyVersion=2.33
shadowJarVersion=6.1.0
spotbugsVersion=4.6.0
# Prevent upload of maven-metadata.xml.sha256/sha512 files to oss.sonatype.org
# see https://issues.sonatype.org/browse/OSSRH-53695?focusedCommentId=887733&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-887733
# see https://github.com/gradle/gradle/issues/11308#issuecomment-554317655
Expand Down
27 changes: 27 additions & 0 deletions micronaut-camunda-bpm-feature/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ plugins {
id("org.jetbrains.kotlin.plugin.allopen")
id("maven-publish")
id("signing")
id("com.github.spotbugs")
}

group = "info.novatec"
Expand Down Expand Up @@ -131,3 +132,29 @@ signing {
configurations {
testArtifacts
}

// When spotbugs is executed locally, it will fail when there is one finding
// When spotbugs is executed in "continous integration" it will not fail and we can upload the spotbug results to PR
boolean ignoreFailuresProperties = project.hasProperty('spotbugs.ignoreFailures') ? project.getProperty('spotbugs.ignoreFailures') == 'true' : true
// When spotbugs is executed locally, it will produce a nice HTML report
// When spotbugs is executed in "continous integration" it will generate XML that can be parsed and uploaded to PR
boolean xmlReport = project.hasProperty('spotbugs.xmlReport') ? project.getProperty('spotbugs.xmlReport') == 'true' : false
spotbugs {
ignoreFailures = ignoreFailuresProperties
effort = com.github.spotbugs.snom.Effort.MAX
excludeFilter = file("${projectDir}/config/spotbugs/exclude.xml")
}
// Example to configure HTML report
spotbugsMain {
reports {
xml {
enabled = xmlReport
}
html {
enabled = !xmlReport
destination = file("$buildDir/reports/spotbugs/main/spotbugs.html")
stylesheet = 'fancy-hist.xsl' // comes from spotbugs
}
}
}
spotbugsTest.enabled = false
6 changes: 6 additions & 0 deletions micronaut-camunda-bpm-feature/config/spotbugs/exclude.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
<FindBugsFilter>
<Match>
<!-- Exclude all Micronaut generated Classes from Annotations -->
<Class name="~.*\.\$.*" />
</Match>
</FindBugsFilter>
1 change: 1 addition & 0 deletions settings.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ pluginManagement {
id("com.github.johnrengelman.shadow") version "$shadowJarVersion"
id("io.micronaut.application") version "$micronautApplicationPluginVersion"
id("io.micronaut.library") version "$micronautLibraryPluginVersion"
id("com.github.spotbugs") version "$spotbugsVersion"
}
}

Expand Down

0 comments on commit c718798

Please sign in to comment.