Open in app

Sign in

Write

Sign in

Publish AndroidLint violations to GitHub

Rihan Farman
Travelex Tech Blog

--

If you are an Android app developer, I am sure you won’t deny that you should be running lint or detekt (for Kotlin) on your code as often as possible. Ideally, you would want to run the static code analysis tools on CI builds as well.

Continue reading if you use Github…

To ensure that you don’t merge code which has static code analysis issues lets try and post the issues as comments to pull requests on Github. You can use this solution with any build system that you use, as the plugin that we are going to use works with Gradle.

We are going to use violation-comments-to-github-gradle-plugin which will report the static analysis tool violations as comments in the pull requests.

To set it up, let’s add the following to our build.gradle

buildscript {
    repositories {
        mavenLocal()
        mavenCentral()
    }
    dependencies {
        classpath "se.bjurr.violations:violation-comments-to-github-gradle-plugin:1.49"
    }
}

Now we need to set up a task in our Gradle build script

apply plugin: 'se.bjurr.violations.violation-comments-to-github-gradle-plugin'task violationCommentsToGitHub(type: se.bjurr.violations.comments.github.plugin.gradle.ViolationCommentsToGitHubTask) {
    repositoryOwner = "repositoryOwner"
    repositoryName = "repositoryName"
    pullRequestId = System.properties['GITHUB_PULLREQUESTID']
    username = System.properties['GITHUB_USERNAME']
    password = System.properties['GITHUB_PASSWORD']
    oAuth2Token = System.properties['GITHUB_OAUTH2TOKEN']
    gitHubUrl = "https://api.github.com/"
    createCommentWithAllSingleFileComments = false
    createSingleFileComments = true
    commentOnlyChangedContent = true
    minSeverity = se.bjurr.violations.lib.model.SEVERITY.INFO
    keepOldComments = false
    commentTemplate = """
**Reporter**: {{violation.reporter}}{{#violation.rule}}**Rule**: {{violation.rule}}{{/violation.rule}}
**Severity**: {{violation.severity}}
**File**: {{violation.file}} L{{violation.startLine}}{{#violation.source}}**Source**: {{violation.source}}{{/violation.source}}{{violation.message}}
 """
    violations = [
            ["ANDROIDLINT", ".", ".*/build/reports/.*\\.xml\$", "AndroidLint"]
    ]
}

In the above script, replace the repositoryOwner and repositoryName with your own values.

To run this, do the following

./gradlew violationCommentsToGitHub -DGITHUB_PULLREQUESTID=$GITHUB_PULL_REQUEST -DGITHUB_USERNAME=... -DGITHUB_PASSWORD=...

If you have 2FA enabled in GitHub, set up a personal access token and use that token instead of the password.

When the task violationCommentsToGitHub is run, it will post the static analysis issues as comments in the PR. For example,

This is great as it draws the attention of the code committer and the reviewer to the issues in the code.

Let us know in comments about your thoughts on this, or if you have any suggestions 😃

--

--

Rihan Farman
Travelex Tech Blog

Written by Rihan Farman

17 Followers
Writer for

Head of Mobile @KidsLoopUK