使用 Gradle 插件进行代码分析
来源:互联网 发布:js call bind apply 编辑:程序博客网 时间:2024/05/17 01:53
转自:http://www.codeceo.com/article/analysis-code-with-gradle.html
代码分析在大多数项目中通常是作为最后一个步骤(如果做了的话)完成的。其通常难以配置及与现有代码整合。
本文旨在勾勒出使用 Gradle 整合 PMD 与 FindBugs 的步骤,并将其与一个现有的 Sonar 构建工具进行整合。
PMD、CheckStyle 和 FindBugs
首先要做的就是在我们的 build.gradle 文件中添加插件:
apply plugin: 'checkstyle'apply plugin: 'pmd'apply plugin: 'findbugs'
这些插件能在我们的代码中启用 PMD、CheckStyle 和 FindBugs。
默认情况下,这些插件将对测试程序和主程序都进行分析。对于我们,需要避免在测试程序上运行FindBugs和PMD,我们使用如下命令:
findbugs{ findbugsTest.enabled=false}pmd { pmdTest.enabled=false}
下面,我们从Gradle中执行:
./gradlew clean findBugsMain pmdMain
这将对工程进行清理,然后对源代码执行FindBugs和PMD。
输出结果如下:
:clean:compileJavaNote: Some input files use unchecked or unsafe operations.Note: Recompile with -Xlint:unchecked for details.:processResources:classes:findbugsMain FAILEDFAILURE: Build failed with an exception.* What went wrong:Execution failed for task ':findbugsMain'.> FindBugs rule violations were found. See the report at: file:///myprojects/build/reports/findbugs/main.xml* Try:Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output.BUILD FAILEDTotal time: 24.597 secs
由于违背FindBugs规则,还没运行PMD构建已经失败。FindBugs和PMD的输出格式为XML。
结果报告保存在<proj_home>/build/reports文件夹。
为了生成可读的HTML文档并忽略错误继续构建,我们在build.gradle文件中加入:
findbugs{ ignoreFailures=true findbugsTest.enabled=false}tasks.withType(FindBugs) { reports { xml.enabled = false html.enabled = true }}tasks.withType(Pmd){ reports{ xml.enabled=true html.enabled=true }}pmd { ignoreFailures = true pmdTest.enabled=false}
task.withType用于对每种任务进行配置,您可以对PMD启用HTML和XML报告,对FindBugs启用HTML报告。
注意:在输出报告时,FindBugs仅支持一种可用的输出格式。
./gradlew clean findBugsMain pmdMain:clean:compileJavaNote: Some input files use unchecked or unsafe operations.Note: Recompile with -Xlint:unchecked for details.:processResources:classes:findbugsMainFindBugs rule violations were found. See the report at: file:///myprojects/build/reports/findbugs/main.html:pmdMainRemoved misconfigured rule: LoosePackageCoupling cause: No packages or classes specifiedRemoved misconfigured rule: LoosePackageCoupling cause: No packages or classes specified174 PMD rule violations were found. See the report at: file:///myprojects/build/reports/pmd/main.htmlBUILD SUCCESSFULTotal time: 6.013 secs
对于PMD,您可以使用ruleSet选项设置规则集。下面是一些常用的规则集。
pmd { ignoreFailures = true pmdTest.enabled=false ruleSets = [ 'java-basic', 'java-braces', 'java-clone', 'java-codesize', 'java-comments', 'java-controversial', 'java-coupling', 'java-design', 'java-empty', 'java-finalizers', 'java-imports', 'java-optimizations', 'java-strictexception', 'java-strings', 'java-typeresolution', 'java-unnecessary', 'java-unusedcode' ]}
一个输出示例如下:
与Sonar整合
PMD,Checkstyle和Sonar都是很有用的工具。但是,从一个组织的角度,我们需要追踪项目代码质量的变化和一段时间内的技术债务。我们需要能够对照其它类似的团队。
为了能够做到这些,我们使用Sonar。本文假设您已经安装好了Sonar。
对于这种情况,Altassian提供了相应的Sonar插件。为了使用它,我们需要添加必要的插件。
buildscript { repositories { mavenCentral() maven { url "http://mvnrepo.nordstrom.net/nexus/content/groups/public" } maven { url "http://repo.maven.apache.org/maven2" } } dependencies { classpath "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:1.2" }}
构建脚本安装完毕,我们队sonarqube进行配置:
apply plugin: "org.sonarqube"sonarqube{ check properties { // Sonar Specific properties property 'sonar.projectName', 'Project Services' // This is the display project name property 'sonar.host.url','http://sonar:8080/' // This is the Sonar Server property 'sonar.projectKey', 'com.wordpress.mrvivekr:project' // The Key using which the project details are tracked // JDBC Properties property 'sonar.jdbc.url','jdbc:jtds:sqlserver://ABCD:1433/SonarDB;domain=MYCOMP;SelectMethod=Cursor' property 'sonar.jdbc.username','userName' property 'sonar.jdbc.password','Secr#%' //Which Sonar Profile to use - this is optional property 'sonar.profile','JavaProfile' }}
注意:sonar.profile是预配置sonar配置(和规则),应由您的公司预先配置完成。但这是可选而非必须。我的JDBC连接使用SQLServer连接。
./gradlew sonarqube
:compileJava UP-TO-DATE:processResources UP-TO-DATE:classes UP-TO-DATE:compileTestJava:processTestResources:testClasses:test....... ommitted .....11:27:36.713 INFO - Java Main Files AST scan done: 812 ms11:27:36.714 INFO - 13/13 source files have been analyzed11:27:36.715 INFO - Java bytecode scan...11:27:36.762 INFO - Java bytecode scan done: 47 ms11:27:36.762 INFO - Java Test Files AST scan...11:27:36.762 INFO - 5 source files to be analyzed11:27:36.885 INFO - Java Test Files AST scan done: 123 ms11:27:36.885 INFO - 5/5 source files have been analyzed11:27:36.888 INFO - Package design analysis...11:27:39.868 INFO - Package design analysis done: 2980 ms11:27:39.884 INFO - Sensor JavaSquidSensor (done) | time=4307ms11:27:39.884 INFO - Sensor Lines Sensor11:27:39.888 INFO - Sensor Lines Sensor (done) | time=4ms11:27:39.888 INFO - Sensor QProfileSensor11:27:39.891 INFO - Sensor QProfileSensor (done) | time=3ms11:27:39.891 INFO - Sensor InitialOpenIssuesSensor11:27:45.592 INFO - Sensor InitialOpenIssuesSensor (done) | time=5701ms11:27:45.592 INFO - Sensor ProjectLinksSensor11:27:45.730 INFO - Sensor ProjectLinksSensor (done) | time=138ms11:27:45.730 INFO - Sensor VersionEventsSensor11:27:47.690 INFO - Sensor VersionEventsSensor (done) | time=1960ms11:27:47.690 INFO - Sensor org.sonar.plugins.findbugs.FindbugsSensor@7894f00711:27:47.694 INFO - Execute Findbugs 3.0.1...11:27:48.557 INFO - Found findbugs plugin: /myprojects/build/sonar/findbugs/fb-contrib.jar11:27:48.596 INFO - Found findbugs plugin: /myprojects/build/sonar/findbugs/findsecbugs-plugin.jar11:27:48.612 INFO - Findbugs output report: /myprojects/build/sonar/findbugs-result.xmlThe following classes needed for analysis were missing: javax.crypto.spec.SecretKeySpec11:27:50.846 INFO - Execute Findbugs 3.0.1 done: 3153 ms11:29:31.499 INFO - Sensor org.sonar.plugins.findbugs.FindbugsSensor@7894f007 (done) | time=103809ms11:29:31.499 INFO - Sensor SurefireSensor11:29:31.500 INFO - parsing /myprojects/build/test-results11:29:31.558 INFO - Sensor SurefireSensor (done) | time=59ms11:29:31.558 INFO - Sensor JaCoCoOverallSensor11:29:31.565 WARN - You are not using the latest JaCoCo binary format version, please consider upgrading to latest JaCoCo version.11:29:31.565 INFO - Analysing /myprojects/build/jacoco/test.exec11:29:31.601 WARN - You are not using the latest JaCoCo binary format version, please consider upgrading to latest JaCoCo version.......... Ommitted .............11:30:38.654 INFO - ANALYSIS SUCCESSFUL, you can browse http://sonar:8080/dashboard/index/com.wordpress.mrvivekr:project11:30:38.654 INFO - Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report.11:30:38.655 INFO - Executing post-job class org.sonar.plugins.buildbreaker.AlertBreaker11:30:38.657 INFO - Executing post-job class org.sonar.plugins.buildbreaker.ForbiddenConfigurationBreakerBUILD SUCCESSFULTotal time: 5 mins 16.499 secs
您应该看到类似的输出:
享受代码分析吧!
- 使用 Gradle 插件进行代码分析
- Gradle中配置使用sonar进行代码分析
- thrift使用gradle插件进行编译
- 在Gradle中使用阿里巴巴Java开发规约插件进行代码检查
- 手把手教你使用gradle mulchannel插件,进行多渠道打包
- eclipse 使用 gradle 插件
- Replugin host gradle插件分析
- 使用VSTS 2010进行静态代码分析
- 使用SOOT进行代码分析(一)
- iOS使用sonar进行代码分析
- 使用Lint工具进行代码分析
- 一、myeclipse整合Gradle插件进行开发
- Jenkins+Gradle+findbugs对Android工程源码进行静态代码分析
- Jenkins+Gradle+checkstyle对Android工程源码进行静态代码分析
- Jenkins+Gradle+pmd对Android工程源码进行静态代码分析
- Jenkins+ Gradle +Lint对Android工程源码进行静态代码分析
- Jenkins+ Gradle +Lint对Android工程源码进行静态代码分析
- Jenkins+Gradle+findbugs对Android工程源码进行静态代码分析
- 谈谈AngularJS中的一次性数据绑定
- java 读取文件方法大全
- Android事件传递机制解析
- intellij idea windows版本设置编辑器的背景颜色
- android学习笔记——关于Activity的启动模式(更新)
- 使用 Gradle 插件进行代码分析
- 几个主要的git代码托管平台
- AndroidStudio 打包及引用aar
- [Android] AS 中 Gradle 配置运行浅析
- oracle检查点
- 秒杀系统架构分析与实战
- iOS 运行时
- LUA学习(四)函数
- ZOJ3498-Javabeans