Static Code Analysis – Jenkins

Static Code Analysis – Jenkins

Introduction

Jenkins is an open source, continuous integration tool written in Java. The project was forked from Hudson after a dispute with Oracle. It provides continuous integration services for software development. It is a server-based system which runs in a servlet container such as Apache Tomcat.

Use Case

Nowadays we are writing tons of code. How do we check our code quality and maintain good code for good performance? How do we integrate codes, do we have any metrics tools for code? All these questions arise in our minds when we see large chunks of code. Jenkins is the key to all the questions. The automated, continuous build increases the productivity.

Solution

Pre-requisites:

  • JDK 1.5 and above version
  • Tomcat 6 and above version
  • Please download appropriate plugin jars based on the project.

Jenkins setup:

Jenkins uses variety of plugins based on the different purpose and usage in the code. All these are maintained for the coding standard of their organization. There are a few plugins mentioned below with their appropriate usage in the project.

Check Style Plug-in:

Check style is a development tool. It is used to automate the process of checking the code that adheres to a coding standard. Jenkins supports a number of static code analysis plug-ins for the betterment of code quality. It will plot trendy graph for check style result.
Steps to configure check style with Ant task:

  • Download and place the checkstyle-all.jar in the class path.
  • Create the checkstyletask.properties with the following key and value pair and place it in the class path,
  • Create the task definition in the build.xml.
    The task definition specifies that when a checkstyle element is seen in build.xml, it should use the indicated class to execute the task.
  • Create checkstyle target with the configuration for checking the coding standard.
    Parameters explanation:
    Config: Specifies the location of the file that defines the configuration modules.
    failOnViolation: Specifies whether the build will continue even if there are violations. Defaults to “true”.

Steps to configure the check style plug-in with the Jenkins.

Start the Jenkins window service. Click on the manage Jenkins link on the Jenkins dashboard.

check style plugin with Jenkins

Click on the “Manage Plug-ins” in the manage Jenkins. Click on the “Available” tab on the dashboard. Find for the Checkstyle plug-in in the list. Select the checkbox prior to the plug-in name. Click on the button Install Without Restart.

plugin manager

Find bug Plug-in:

The FindBugs plug-in scans for findbugs.xml files in the build workspace and reports the number of warnings found.

Find bug plugin

  • Download and place the findbug jar file in the class path.
  • Create the task definition in the build.xml. like the one given below
  • Add Target as shown below in build.xml
     
PMD Plug-in: 

PMD is java source code analysis Tool. It checks the code for unused fields, empty, try / catch / if / while / finally, block, unused method parameters and stuff like that. It will find them it will report as file that can be viewed by graph like format or other readable text format.

Steps to configure the PMD plug-in with the Jenkins:

  • Download and place the PMD jar in the class path.
  • Click on the configure button on the left hand side(as shown in the image given below)

PMD plugin configuration

  • Then setup the build option like the image given below.

Build PMD plugin

  • Enter details of Ant version field that we have already configured.
  • Then enter the default Ant Target for this Job to be run.

Invoke Ant

  • Enter the details of “Add Post-build action” >> then select Publish PMD analysis results.

build invoke ant

  • Enter the results file name we want in PMD results field like “pmd_results.xml”.
  • We can also combined the results by selecting the “Add Post-build action”>> “Publish Combined analysis reports”. Then select the check box for the desired output.
  • Then Click “Save” button.

Steps to execute PMD based plug-in with Jenkins.

  • Click on the workspace listed in left side.
  • We can see the list of project files with build.xml (if we get error no workspace means, click on the “Run a build” then workspace will be created. Go to that physical location of the Job and then paste the project file including build.xml file).
  • Download pmd.jar and add the classpath to build.xml
  • Create task definition in build.xml
  • Now click on the “build now”

build now jenkins

  • Then click on the latest build history to view the output of the Execution.
  • We can get details about failure and warnings of the PMD by clicking the PMD Warnings link placed in left side.

Static Analysis Warnings:
This plug-in is an add-on for the plug-ins Checkstyle, FindBugs, PMD the plug-in collects the different analysis results and shows the results in a combined trend graph. Additionally, the plug-in provides health reporting and build stability based on these combined results.

Steps to configure the Static Analysis Warnings with Ant task:

  • Download and place the all jars related Checkstyle, FindBugs, PMD in the class path.
  • Now click on the “build now”
  • Then click on the latest build history to view the output of the Execution.
  • We can get details about warnings of the PMD,Checkstyle, FindBugs by clicking the Static Analysis Warnings link placed in left side.

Static analysis result

  • We can also see the total number of warnings in a job can be visualized in every view by adding a new column “Number of warnings”.

project name

  • Install the plug-in Dashboard View, Job Type Column. Then click on the “+” tab in main page.

Dashboard view

  • Then enter the view name then click on the “Dashboard View” and click OK.
  • Now click on the tab which is newly created. We can see an empty tab. Click on the edit view in left side. Select the status filter to “all selected jobs”. Then select the project which we want to display.

job filters

  • Click the “Add Dashboard Portlet to bottom of the view” and add the “FindBugs warning per project” like below then click OK.

dashboard portlet

  • Click the “Add Dashboard Portlet to the top of the view”.  This is for the section where we want to display the results.

 

dashboard portlets

  • Finally click ok. Then we can see the image as shown below:

bug warning

Server Configuration:

Server Authentication:

Check style is a development tool. It is used to automate the process of checking the code that adheres to a coding standard. Jenkins support number of static code analysis plug-ins for the better code quality. It will plot trendy graph to get the check style result.

Steps to configure the Jenkin server for authentication:

  • Click on the manage Jenkins like the image shown below.

manage jenkins

  • Click on the Configure Global Security

configure global security

  • Then click on the Enable Security

enable security

  • Then under Security Realm click on the Jenkin’s own user database. And also make sure the checkbox (Allow users to sign up) was ticked.

security realm

  • Click on the Matrix-based security for authorized person only can log in and work on the Jenkins.
  • Enter the user/group to add text box for username.

Authorisation

  • Then enter the role name as shown below and provide authorization like below.

SCM

  • Please make sure all checkbox are ticked for administrator login. Remove all check for anonymous.
  • Once we have defined all users login credentials, click on save then click on the top right corner link for sign up.
  • Now enter the required details for signup (for the username we have entered as user/group for log in the previous screen) then click signup button.
  • Now log in as administrator and go to manage jenkin >>  Configure Global Security >> Security Realm. Now uncheck the Allow Users to signup. This will disable anonymous and will create a log in for themselves.
  • Now save and log in as different user to view different settings.

sign up

Conclusion

Jenkins is the best solution to maintain code standard and code performance. It supports SCM tools including AccuRev, CVS, Subversion, Git, Mercurial, Perforce, Clearcase and RTC, and can execute Apache Ant and Apache Maven based projects as well as arbitrary shell scripts and Windows batch commands.

Plugins have been released in Jenkins, that extend its use to projects written in languages other than Java. Plugins are available for integrating Jenkins with most version control systems and big databases. Many build tools are supported via their respective plugins. Plugins can also change the way Jenkins looks or add new functionality. Builds can generate test reports in various formats (JUnit is supported out-of-the-box, others via plugins) and Jenkins can display the reports and generate trends and render them in the GUI.

References

·

12905 Views 13 Views Today
  • Neeta Angne

    how to configure checkstyle plugin to do php code analysis in jenkins?
    I have added build.xml file.

    Facing error :

    ERROR: Cannot find executable from the chosen Ant installation .

    • http://www.treselle.com/ Treselle Systems Blog

      It looks like you have installed Ant and provided a path that does not exist or not available on the machine. The build would have been running on in global Jenkins config. The easiest way to use Ant with Jenkins is to use the default “Install automatically” option and let Jenkins download Ant for you when required.