Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: adjust spotbugs error level and exclude configuration, with CI change of annotation configuration on GitHub Actions Spotbugs task #1296

Open
wants to merge 19 commits into
base: master
Choose a base branch
from
Open

chore: adjust spotbugs error level and exclude configuration, with CI change of annotation configuration on GitHub Actions Spotbugs task #1296

wants to merge 19 commits into from

Conversation

miurahr
Copy link
Member

@miurahr miurahr commented Mar 17, 2025
edited
Loading

Update spotbugs staitc code analysis configuration.

1 . Not limit to HIGH severity but DEFAULT level
2. Update problem-matcher.json for GitHub Actions
3. Improve SpotBugs configurations of Gradle plugin
4. Exclude some errors which requires overhall of core application design
5. Exclude generated code which is located in src/gen/core path.

Pull request type

Please mark github LABEL of the type of change your PR introduces:

  • Build and release changes -> [build/release]

Which ticket is resolved?

What does this PR change?

  • GitHub workflow: Added a SpotBugs report step triggered on failures.
  • SpotBugs configuration: Adjusted reporting levels and removed redundant tasks while optimizing configurations (reportLevel, onlyAnalyze, excludeFilter).
  • New exclusion file: Introduced exclude.xml to handle specific SpotBugs warnings.
  • Gradle upgrade: Updated Gradle Wrapper version to 8.12.1.
  • Script adjustments: Minor changes to gradlew and gradlew.bat for better compliance and maintainability.
  • Problem matcher: Improved SpotBugs regex patterns for better error capturing and added severity levels.

This PR is to make all SpotBugs error as build error.
The PR can be merged when All the fixes are merged because the CI build become failed.

Other information

Fixes

@miurahr
chore: Remove SpotBugs configuration from Java conventions
fd2a5d9 
The SpotBugs configuration has been removed to simplify the build logic. This change eliminates the specific report level setting while retaining support for generating SpotBugs reports through tasks. Future SpotBugs configurations can now be added explicitly where needed.

Signed-off-by: Hiroshi Miura <[email protected]>
@github-actions GitHub Actions
Copy link

❌ Quality checks failed.

Please look a Gradle Scan page for details:
https://gradle.com/s/frkmjpz5pobvo

@miurahr miurahr mentioned this pull request Mar 17, 2025
Draft
This was referenced Mar 17, 2025
Open
Merged
Merged
Merged
@miurahr miurahr force-pushed the topic/miurahr/build-system/adjust-spotbugs-enable-annotation branch from c0faf01 to fd2a5d9 Compare March 17, 2025 23:27
@github-actions GitHub Actions
Copy link

❌ Quality checks failed.

Please look a Gradle Scan page for details:
https://gradle.com/s/zjipne2tenvry

@miurahr

This comment was marked as outdated.

Sign in to view
@miurahr
Add SpotBugs configuration and refactor related Gradle tasks
b6bda02 
- Introduce a SpotBugs exclusion file and update the Gradle build logic to streamline SpotBugs integration.
- Refactor SpotBugs task definitions by consolidating configuration in `verification-conventions.gradle`, removing redundancy from `java-conventions.gradle`, and adding appropriate reporting setup.

Signed-off-by: Hiroshi Miura <[email protected]>
@github-actions GitHub Actions

This comment was marked as outdated.

Sign in to view
miurahr added 7 commits March 19, 2025 23:18
@miurahr
Refactor SpotBugs configuration and enhance reporting.
6ea564b 
Moved and streamlined SpotBugs setup from verification-conventions to java-conventions for better organization. Replaced redundant SpotBugs task with a more versatile reporting function and retained necessary SpotBugs settings in java-conventions. Improved log readability by adding project context and formatted output.

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
Add conditional spotbugsReport step for pull requests
e3fea8e 
This change introduces a step to run spotbugsReport only on pull requests when a failure occurs. It ensures better visibility into SpotBugs findings during CI workflows.

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
Refine SpotBugs workflow and report formatting.
c080ab9 
Updated the workflow to ensure the SpotBugs report step fails the CI on errors. Improved report output formatting for better readability with consistent separators.

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
chore: improve problem matcher for GitHub
0bb7636 
Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
chore: Ignore Core class spotbugs warnings which causes by applicatio…
8e5247c 
…n class design issue

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
Add new problem matchers for SpotBugs to GitHub CI
0cbd77b 
Updated `problem-matcher.json` to revert previous wrong change.

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
Update SpotBugs configuration with additional exclusions
95d253d 
Added excludeFilter in SpotBugs configuration to utilize a new exclusion file. Updated exclude.xml to refine bug pattern matching and address application design issues in core classes. These changes aim to suppress non-critical warnings caused by known design constraints.

Signed-off-by: Hiroshi Miura <[email protected]>
This was referenced Mar 22, 2025
Open
Open
Open
@miurahr miurahr changed the title chore: adjust spotbugs error level to default chore: adjust spotbugs error level and exclude configuration, with CI change of annotation configuration on GitHub Actions Spotbugs task Mar 22, 2025
miurahr added 4 commits March 23, 2025 02:01
@miurahr
chore: Bump gradle [email protected]
1ec8b5a 
Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
chore: fix exclude.xml not found error on subproject
2503f2d 
Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
chore: exclude deprecated classes from spotbugs check target
8a9bef3 
Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
chore: exclude spotbugs error in filters3 XML classes, PluginUtils an…
675dbd8 
…d preferences view classes

- filters3 XML classes stores mutable object internally
- PluginUtils provides getXXXClasses which expose mutable expose object.
- o.o.g.p.view.*Contoller class expose internal object by getGui() method override in design

Signed-off-by: Hiroshi Miura <[email protected]>
This was referenced Mar 23, 2025
Merged
Merged
This was referenced Mar 23, 2025
Open
Draft
miurahr added 6 commits March 23, 2025 14:53
@miurahr
Simplify regex patterns in problem-matcher.json
6819098 
Revised regex patterns to eliminate unnecessary groups and improve clarity. Updated patterns now match the expected input more precisely and reduce redundancy, ensuring better maintainability and accuracy.

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
Update Gradle wrapper validation action in workflow
f7b1dd1 
Replaced the deprecated `gradle/wrapper-validation-action` with `gradle/actions/wrapper-validation` in the GitHub Actions workflow. This ensures compatibility with the latest action and improves maintainability.

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
chore: Remove Gradle wrapper validation workflow
83a13a0 
The Gradle wrapper validation workflow was deleted to streamline CI processes. This action is no longer required, and its removal reduces redundancy in the project's GitHub Actions configuration.
- gradle-setup@v4 validate wrapper now, so we don't need to validate separately.

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
chore: Update regexp in problem matcher to include new context
db57e2e 
Modified the regular expression to account for "Method invoked at" in addition to existing terms like "Dereferenced at" or "At." This ensures proper matching for a broader range of error messages in CI outputs.

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
Expand problem-matcher regex to handle additional cases.
46924ab 
Updated the regex pattern to include new scenarios such as "Obligation to clean up resource created at" and "Redundant null check at." This enhances the matcher’s ability to detect and report these specific issues in logs.

Signed-off-by: Hiroshi Miura <[email protected]>
@miurahr
Update problem matchers for SpotBugs in CI
be10ee2 
Added new matchers for resource cleanup, method invocation, unsynchronized access, and restructured existing ones for better error categorization. Each matcher includes file, line, message, and code capture groups to improve diagnostic accuracy. This enhances CI's ability to parse and report SpotBugs issues effectively.

Signed-off-by: Hiroshi Miura <[email protected]>
This was referenced Mar 29, 2025
Merged
Open
This was referenced Apr 6, 2025
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brandelune brandelune brandelune approved these changes

Assignees
No one assigned
Labels
build/release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@miurahr @brandelune