Add the following to your pom.xml
<build> <plugins> <plugin> <groupId>de.manuzid</groupId> <artifactId>static-code-review-plugin</artifactId> <version>2.0.0</version> <executions> <execution> <phase>verify</phase> <goals> <goal>report</goal> </goals> </execution> </executions> </plugin> </plugins> </build>Execute the following command to run the plugin
mvn verify -DprojectId=$CI_PROJECT_ID \ -DmergeRequestIid=$CI_MERGE_REQUEST_IID \ -Dauth.token=$GITLAB_AUTH_TOKENTo exclude analyzer use the exclusion tag
<plugin> <groupId>de.manuzid</groupId> <artifactId>static-code-review-plugin</artifactId> <version>2.0.0</version> <configuration> <exclusions> <exclusion>spotbugs</exclusion> </exclusions> </configuration> <executions> <execution> <phase>verify</phase> <goals> <goal>report-detekt</goal> </goals> </execution> </executions> </plugin>| Property | Default | Description |
|---|---|---|
gitUrl | If GitHub is activated: | The URL of the GitLab server |
One of the two must be given, either the | ||
projectId | None | The project in the form of an Integer(ID) or String(path) |
repository | None | Is a combination of |
mergeRequestIid | None | The internal ID of the merge request |
static-code-review.skip | false | If true, execution will be skipped entirely. |
isGitHub | false | If false then GitLab is selected as the Git server, otherwise GitHub is the Git server. |
One of the two must be given, either the | ||
auth.token | None | The private token to use for access to the GitLab API |
auth.username | None | The username for basic auth with the GitLab server. |
auth.password | None | The password for basic auth with the GitLab server. |
| Property | Default | Description |
|---|---|---|
proxy.serverAddress | None | The URI of the proxy server. |
proxy.username | None | The username for basic auth with the proxy server. |
proxy.password | None | The password for basic auth with the proxy server. |
applicationSources |
| Application/Library sources. |
exclusions | empty list | A list of strings containing the analyzers to be excluded. |
exclusion | None | Analyzer that should be excluded. Valid values: |
SpotBugs Settings | ||
compiledClasses |
| Compiled Application/Library sources. |
priorityThresholdLevel | 3 | It specifies the confidence/priority threshold for reporting issues. 1 = High, 2 = Normal, 3 = Low, 4 = Ignored, 5 = Experimental. |
-
Configuration Output
To be able to check at runtime how the plugin is configured, you need to run the maven command with debug output (-X).
mvn verify -X -DprojectId=$CI_PROJECT_ID \ -DmergeRequestIid=$CI_MERGE_REQUEST_IID \ -Dauth.token=$GITLAB_AUTH_TOKENThen look for the following line [DEBUG] Configuring mojo 'de.manuzid:static-code-review-plugin and you should see the following output.
[DEBUG] Configuring mojo 'de.manuzid:static-code-review-plugin:1.1.0:report-detekt' with basic configurator --> [DEBUG] (f) applicationSourcePath = src/main/kotlin [DEBUG] (f) authToken = <api-token> [DEBUG] (f) compiledClassPath = classes [DEBUG] (f) exclusions = [detekt] [DEBUG] (f) gitUrl = https://gitlab.com/ [DEBUG] (f) mergeRequestIid = 1 [DEBUG] (f) project = MavenProject: de.manuzid:static-code-review-plugin-sample-kotlin:1.0.0 @ /Users/manuzid/public-projects/static-code-review-plugin-sample/static-code-review-plugin-sample-kotlin/pom.xml [DEBUG] (f) projectId = 17068115 [DEBUG] (f) skip = false [DEBUG] -- end configuration ---
Detekt Configuration
In order to resolve the path to the file to be commented on correctly, it is mandatory that the applicationSources is specified when analyzing Kotlin files.