Hi Jayanga, Can't you just setup checkstyle-plugin only and achieve this?
Thanks, Senaka. On Wed, Feb 12, 2014 at 12:15 PM, Jayanga Dissanayake <[email protected]>wrote: > Hi, > > I am currently involved in the Development Governance project for C5. As > to increase the quality of the products, we are planning to introduce some > maven plug-in based mechanism to validate rules. Validations related to C5 > components are done by Uvindra and I am trying to extend this to be used in > the web services and web applications. > > In my initial research on this and discussions I had with some people > involved in the C5 development I found out that most of the validations > that are needed for C5 admin web services are same as that of the C5 > components, except for some additional validations to check whether, > > i. Proper annotations in the code > > ii. All admin services use secure connections - There might be a lot of > other custom validations, that will come up when designing and developing > the RESTful services for C5. > > According to the above requirements it seems most of the requirement are > related to source code analysis. To do that we can use SonarQube[1] like > tool. Our maven plug-in is intended to do validations in POM.xml level. But > we can try to trigger a SonarQube job in maven. But I thing these two > should be separate processes. > > So my suggestions are to: > > i. Use Sonar like tool to analyze the code related to web services and > applications. > > ii. We can even use a central SonarQube to analyze whole code base, and > attach it with Jenkins(when it arrives). So that we have a complete code > analysis on our whole code base. > > We can include the relevant link of SonarQube project to our Development > Governance portal. So that anyone interested can have nice view of the > state of the project. > > If we need additional validation in the code we can add it as a rule in > the SonarQube[2]. I believe it make more sense to add code validation logic > as SonarQube rules than trying to integrate code validation rules in the > maven enforcer plug-in. > > Please comment on this approach, raise any concerns and suggest any > validation rule that you think we should have. > > [1] http://nemo.sonarqube.org/dashboard/index/176190 > > [2] http://checkstyle.sourceforge.net/config_annotation.html > > > Thanks, > *Jayanga Dissanayake* > Senior Software Engineer > WSO2 Inc. - http://wso2.com/ > lean . enterprise . middleware > email: [email protected] > mobile: +94772207259 > -- *[image: http://wso2.com] <http://wso2.com> Senaka Fernando* Senior Technical Lead; WSO2 Inc.; http://wso2.com * Member; Apache Software Foundation; http://apache.org <http://apache.org>E-mail: senaka AT wso2.com <http://wso2.com>**P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando <http://linkedin.com/in/senakafernando>*Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
