Maven and Gradle build tasks support powerful code analysis tools

Over the last few months we have been steadily building up the capabilities of the Maven and Gradle build tasks to offer insights into code quality through popular code analysis tools. We are pleased to announce additional much-requested features that we are bringing to these tasks, which will make it easier to understand and control technical debt.

Maven Code Analysis fields

Continuous Integration builds: SonarQube integration feature parity with MSBuild

Back in July, our Managing Technical Debt planning update for 2016 Q3 announced a plan to support SonarQube analysis in Java to a level that is equivalent with our strong integration for MSBuild. This is well underway and nearing completion: both Maven and Gradle can now perform SonarQube analysis by selecting a checkbox in the build definition. This will create a build summary of issues that are detected.

We also added the option to break a build when SonarQube quality gates fail. This gives instant feedback and helps you stop the technical debt leak. Finally, there is a new build summary that provides detailed information from SonarQube on why the quality gate failed so that it is easy to identify problems. You can then drill-down and get even more data by navigating to the SonarQube server through the link provided.

SonarQube Build Breaker

Broader support for Java-based static analysis tools

We understand that in the past we lacked integration features for some standalone code analysis tools that are widely used. We have heard your feedback and have added support for three such tools: PMD, Checkstyle and FindBugs. You can enable them simply and quickly through a checkbox in the “Code Analysis” section of your build configuration, and they will run on any agent whether through the Hosted agent pool or on a dedicated agent of your choice (Windows, Linux or Mac!).

Code Analysis Report

Towards Full Parity Java/MSBuild: Pull Request with Code Analysis for Java

For some time we have supported showing you code analysis issues directly on pull requests in Visual Studio Team Services for projects using MSBuild. We hope to support this for Maven and Gradle builds too in future.

Limitations, Feedback, and Troubleshooting

If you are working on-premises with TFS 2016, FindBugs support for Gradle will not ship at RTM but will be added in Update 1. For users on Visual Studio Team Services, most of these features are already live and waiting for you, with the rest due to roll out as part of Sprint 107 in the next few weeks.

As always, we would love to hear from you. Please raise issues and suggestions on the issues tab of the vsts-tasks repository in GitHub: https://github.com/microsoft/vsts-tasks/issues and add the label “Area: Analysis”.