Awesome
imhotep_pmd
An Imhotep plugin for PMD, the static analyzer.
PMD talks to Imhotep via the Static Analysis Results Interchange Format (sarif), which is simply a JSON with a specific schema.
Installation
- Install Imhotep itself from PyPI, since
imhotep_pmd
is merely a binding/plugin for Imhotep:pip install imhotep
- Install
imhotep_pmd
from PyPI:pip install imhotep_pmd
- Install PMD. Please refer to their website for instructions.
Unless you've unzipped the PMD archive file to ~/bin/pmd-bin-6.44.0/
, you'll have to tell imhotep_pmd
where to find the executable. This can be achieved by providing a imhotep_pmd.toml
at the root directory of the repo you want to run PMD against. The file should contain this line that specifies the command used to invoke PMD:
pmd_command = "~/bin/pmd-bin-6.44.0/bin/run.sh pmd"
Usage
To use the plugin, you'll have to pass a path to the linter in question to the imhotep runtime.
imhotep --linter imhotep_pmd.plugin:PmdLinter
Demo
Let's take #1 as an example.
$ imhotep \
--repo_name="tslmy/imhotep_pmd" \
--github-username="tslmy" \
--github-password="$GITHUB_PASSWORD" \
--pr-number=1 \
--linter imhotep_pmd.plugin:PmdLinter
Screenshots:
Before | After |
---|---|
Integrate with Jenkins
This section walks you through the process of setting up a Jenkins job that automatically run PMD and post review comments to new pull requests (PRs) in a specific GitHub repository.
- Install the Jenkins plugin GitHub Pull Request Builder:
- In GitHub, create a personal access token (PAT):
- In Jenkins, create a freestyle project:
- Under General, tick This project is parameterized, and then add these parameters:
- Under Source Code Management, tick Git, and then configure it like this:
- Under Build Triggers, tick GitHub Pull Request Builder, and then configure it your way.
- Under Build Environment, map your GitHub PAT to the environment variable
GITHUB_PASSWORD
: If you haven't, you can add the credential to Jenkins like this: - Under Build, add a step Execute shell. Populate it with the content of
jenkins.sh
. - Your Jenkins jobs should now automatically run PMD and post review comments whenever a PR is opened.
Development
This project uses Poetry to manage dependencies and to package itself.
To upload a new version to PyPI:
poetry build
poetry publish
When prompted, enter your PyPI credentials.