Overview
Jenkins is a highly extensible platform and, in some cases, plugins are the foundation for further plugins.
One such example is the plugin for static code analysis . This plugin provides the necessary foundation for reporting and presenting of static analysis produced from building jobs, but does not in and of itself do any analysis. That is the responsibility of additional plugins which analyze files in the build workspace, such as source code and, if appropriate, the results of building that source code.
For example, there is the FindBugs plugin , that runs
after building, the results can be viewed by clicking on the "Open Tasks" link on the left hand side of the screen:
We can observe that the Jenkins code base has 15 high priority tasks ("FIXME"), 330 normal priority tasks ("TODO") and 425 low priority tasks ("@deprecated "). It is not surprising that there are so many @deprecated tasks, Jenkins has maintained backwards compatibility for a long time.
Given a particular task, it is possible to drill down and view the source:
The (Compiler) Warnings plugin can scan, using selected parsers, the build console log and workspace files and report compiler warnings. There are many parsers, if Cobol is your language of choice (or not as the case is highly likely to be) there is a parser for that.
In this case, I have configured the previous Jenkins job to scan for compiler warnings in the console log:
To ensure that such warnings are generated by the Java compiler, I need to tweak the Jenkins pom file:
maven-compiler-plugin
2.3.2
true
true
1.5
1.5
After building, a summary of the results can viewed from the build status page:
The plugin detected 213 warnings. Notice that the status of the open tasks from the Task Scanner plugin are also displayed.
A summary of the warnings can be viewed by clicking on the "Compiler Warnings" link on the left hand side:
As presented these plugins are rather useful to track tasks and warnings in source code. They are quick to set up, even for a large project such as Jenkins.
Finally, the results of both the tasks and compiler warnings can be combined with the Static Analysis Collector plugin . Combine it with the DashBoard View plugin and a summary can be presented:
- Static code analysis page
- Task Scanner plugin page
- Warnings plugin page
- Static analysis collector page Collector plugin
- DashBoard view page