Home

Awesome

imhotep_pmd

Code style: black pre-commit CodeQL

An Imhotep plugin for PMD, the static analyzer.

PMD talks to Imhotep via the Static Analysis Results Interchange Format (sarif), which is simply a JSON with a specific schema.

Installation

  1. Install Imhotep itself from PyPI, since imhotep_pmd is merely a binding/plugin for Imhotep:
    pip install imhotep
    
  2. Install imhotep_pmd from PyPI:
    pip install imhotep_pmd
    
  3. Install PMD. Please refer to their website for instructions.

Unless you've unzipped the PMD archive file to ~/bin/pmd-bin-6.44.0/, you'll have to tell imhotep_pmd where to find the executable. This can be achieved by providing a imhotep_pmd.toml at the root directory of the repo you want to run PMD against. The file should contain this line that specifies the command used to invoke PMD:

pmd_command = "~/bin/pmd-bin-6.44.0/bin/run.sh pmd"

Usage

To use the plugin, you'll have to pass a path to the linter in question to the imhotep runtime.

imhotep --linter imhotep_pmd.plugin:PmdLinter

Demo

Let's take #1 as an example.

$ imhotep \
   --repo_name="tslmy/imhotep_pmd" \
   --github-username="tslmy" \
   --github-password="$GITHUB_PASSWORD" \
   --pr-number=1 \
   --linter imhotep_pmd.plugin:PmdLinter

Screenshots:

BeforeAfter
Screen Shot 2022-04-03 at 14 04 45Screen Shot 2022-04-03 at 14 27 11

Integrate with Jenkins

This section walks you through the process of setting up a Jenkins job that automatically run PMD and post review comments to new pull requests (PRs) in a specific GitHub repository.

  1. Install the Jenkins plugin GitHub Pull Request Builder: GitHub Pull Request Builder
  2. In GitHub, create a personal access token (PAT): create a personal access token
  3. In Jenkins, create a freestyle project: Create a freestyle project
  4. Under General, tick This project is parameterized, and then add these parameters: This project is parameterized
  5. Under Source Code Management, tick Git, and then configure it like this: Source Code Management
  6. Under Build Triggers, tick GitHub Pull Request Builder, and then configure it your way. Build Triggers
  7. Under Build Environment, map your GitHub PAT to the environment variable GITHUB_PASSWORD: Build Environment If you haven't, you can add the credential to Jenkins like this: add the credential to Jenkins
  8. Under Build, add a step Execute shell. Populate it with the content of jenkins.sh.
  9. Your Jenkins jobs should now automatically run PMD and post review comments whenever a PR is opened. result

Development

This project uses Poetry to manage dependencies and to package itself.

To upload a new version to PyPI:

poetry build
poetry publish

When prompted, enter your PyPI credentials.