Development Process – Code Analysis & Reporting: Maven vs. Jenkins

development-processJenkinsmavenreport generationreporting

My team (~10 devs) has recently migrated to Maven (multi-module project, ca. 50 modules) and we now use Jenkins for continuous integration. As the overall setup is running, we are planning to include code analysis and reporting tools (e.g., Checkstyle and Corbertura).

As far as I can see, we basically have two options to generate such reports: either use Maven's reporting plug-ins to generate a site and/or use Jenkins plug-ins to do the reporting.

Which approach is better, and for which reasons?

It seems both have their merits:

Maven-Reporting:

  • everything is configured in a single place (the pom files)
  • report generation on a local machine (i.e., without Jenkins) is straightforward and does not require any additional steps

    Jenkins-Reporting:

  • adjusting the reporting configuration seems more intuitive than with Maven and does not interfere with the main task of maven in our setup (building and deploying)
  • a single web-interface to check the overall status of the project, so that the reported issues are easier to find and harder to ignore (i.e., no need to click through the maven site, some nice history plots, notifications, etc.)

    Has anyone made a similar decision in the past, or is this a non-issue for some reason? (How well does it work? Any regrets?)

    Is it advisable to go both ways, or is that setup too tedious to maintain?

    Are there aspects of the problem that I am unaware of, or some advantages I have not noticed (e.g., is Maven-based reporting integrated nicely with m2eclipse)?

    Any pitfalls or typical problems that we are likely to encounter?

    EDIT:

    We tried out Sonar, as suggested below (including its Jenkins plug-in). So far, it works pretty well. Sonar is relatively simple to install and works on top of our Maven setup (one just invokes mvn sonar:sonar or re-configures a Jenkins job, that's all). This means we do not have to maintain a duplicate configuration, as all our Maven settings are used automatically (the only exception being exclude patterns). The web-interface is nice, and — even better — there is an Eclipse plug-in that retrieves all issues automatically, so that no one really has to browse to the Sonar website, as all issues can be automatically displayed in the IDE.

    • Best Answer

    Since you already have your projects ready for Maven and Jenkins is installed, you may go one step further and install Sonar. It is an incredible code quality related tool, it performs Cobertura, Checkstyle, FindBug, and many other analysis tools at the same time. That way, the code quality reporting is done by Sonar, not by Maven or Jenkins.

    You can install Sonar on the same machine where Jenkins is installed or somewhere else. If you just want to test it, you can just perform the standard install (it uses its own HSQLDB if you don't configure the database yourself) and you are almost ready to go. The last thing you need is to configure the relationship between Jenkins and Sonar.

    There is done via the Sonar plugin for Jenkins. Once you have installed the plugin:

    1. Indicate where Sonar can be located on the Jenkins configuration
    2. For each build job you want to be analysed, go into the job configuration and check the "Sonar" checkbox.

    Be careful for one thing: the analysis may be quite long for big projects. But then again, you may configure special nightly Sonar builds in addition to standard builds.

    Hope that helped.

    Related Topic