Add the following to your pom.xml
<build>
<plugins>
<plugin>
<groupId>de.manuzid</groupId>
<artifactId>static-code-review-plugin</artifactId>
<version>2.0.0</version>
<executions>
<execution>
<phase>verify</phase>
<goals>
<goal>report</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>Execute the following command to run the plugin
mvn verify -DprojectId=$CI_PROJECT_ID \
-DmergeRequestIid=$CI_MERGE_REQUEST_IID \
-Dauth.token=$GITLAB_AUTH_TOKENTo exclude analyzer use the exclusion tag
<plugin>
<groupId>de.manuzid</groupId>
<artifactId>static-code-review-plugin</artifactId>
<version>2.0.0</version>
<configuration>
<exclusions>
<exclusion>spotbugs</exclusion>
</exclusions>
</configuration>
<executions>
<execution>
<phase>verify</phase>
<goals>
<goal>report-detekt</goal>
</goals>
</execution>
</executions>
</plugin>| Property | Default | Description |
|---|---|---|
gitUrl |
If GitHub is activated: |
The URL of the GitLab server |
One of the two must be given, either the |
||
projectId |
None |
The project in the form of an Integer(ID) or String(path) |
repository |
None |
Is a combination of |
mergeRequestIid |
None |
The internal ID of the merge request |
static-code-review.skip |
false |
If true, execution will be skipped entirely. |
isGitHub |
false |
If false then GitLab is selected as the Git server, otherwise GitHub is the Git server. |
One of the two must be given, either the |
||
auth.token |
None |
The private token to use for access to the GitLab API |
auth.username |
None |
The username for basic auth with the GitLab server. |
auth.password |
None |
The password for basic auth with the GitLab server. |
| Property | Default | Description |
|---|---|---|
proxy.serverAddress |
None |
The URI of the proxy server. |
proxy.username |
None |
The username for basic auth with the proxy server. |
proxy.password |
None |
The password for basic auth with the proxy server. |
applicationSources |
|
Application/Library sources. |
exclusions |
empty list |
A list of strings containing the analyzers to be excluded. |
exclusion |
None |
Analyzer that should be excluded. Valid values: |
SpotBugs Settings |
||
compiledClasses |
|
Compiled Application/Library sources. |
priorityThresholdLevel |
3 |
It specifies the confidence/priority threshold for reporting issues. 1 = High, 2 = Normal, 3 = Low, 4 = Ignored, 5 = Experimental. |
-
Configuration Output
To be able to check at runtime how the plugin is configured, you need to run the maven command with debug output (-X).
mvn verify -X -DprojectId=$CI_PROJECT_ID \
-DmergeRequestIid=$CI_MERGE_REQUEST_IID \
-Dauth.token=$GITLAB_AUTH_TOKENThen look for the following line [DEBUG] Configuring mojo 'de.manuzid:static-code-review-plugin and
you should see the following output.
[DEBUG] Configuring mojo 'de.manuzid:static-code-review-plugin:1.1.0:report-detekt' with basic configurator -->
[DEBUG] (f) applicationSourcePath = src/main/kotlin
[DEBUG] (f) authToken = <api-token>
[DEBUG] (f) compiledClassPath = classes
[DEBUG] (f) exclusions = [detekt]
[DEBUG] (f) gitUrl = https://gitlab.com/
[DEBUG] (f) mergeRequestIid = 1
[DEBUG] (f) project = MavenProject: de.manuzid:static-code-review-plugin-sample-kotlin:1.0.0 @ /Users/manuzid/public-projects/static-code-review-plugin-sample/static-code-review-plugin-sample-kotlin/pom.xml
[DEBUG] (f) projectId = 17068115
[DEBUG] (f) skip = false
[DEBUG] -- end configuration ---
Detekt Configuration
In order to resolve the path to the file to be commented on correctly, it is mandatory that the applicationSources is
specified when analyzing Kotlin files.