Skip to content



Executes Spotbugs Maven plugin as well as Pmd Maven plugin for static code checks. SpotBugs is a program to find bugs in Java programs. It looks for instances of “bug patterns” — code instances that are likely to be errors. For more information please visit PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Apex and Visualforce, PLSQL, Apache Velocity, XML, XSL. For more information please visit The plugins should be configured in the respective pom.xml. For SpotBugs include- and exclude filters as well as maximum allowed violations are conifgurable via .pipeline/config.yml. For PMD the failure priority and the max allowed violations are configurable via .pipeline/config.yml.


name mandatory default possible values
dockerEnvVars No []
dockerImage No maven:3.6-jdk-8
dockerName No mvn
dockerOptions No []
dockerPullImage No false
dockerWorkspace No \<empty>
globalSettingsFile No
logSuccessfulMavenTransfers No false true, false
m2Path No
mavenModulesExcludes No
pmd No true true, false
pmdFailurePriority No 0
pmdMaxAllowedViolations No 0
projectSettingsFile No
script Yes
spotBugs No true true, false
spotBugsExcludeFilterFile No
spotBugsIncludeFilterFile No
spotBugsMaxAllowedViolations No 0
verbose No false true, false
  • dockerEnvVars: Environment variables to set in the container, e.g. [http_proxy: "proxy:8080"].
  • dockerImage: Name of the docker image that should be used. If empty, Docker is not used and the command is executed directly on the Jenkins system.
  • dockerName: Kubernetes only: Name of the container launching dockerImage. SideCar only: Name of the container in local network.
  • dockerOptions: Docker options to be set when starting the container.
  • dockerPullImage: Set this to 'false' to bypass a docker image pull. Usefull during development process. Allows testing of images which are available in the local registry only.
  • dockerWorkspace: Kubernetes only: Specifies a dedicated user home directory for the container which will be passed as value for environment variable HOME.
  • globalSettingsFile: Path to the mvn settings file that should be used as global settings file.
  • logSuccessfulMavenTransfers: Configures maven to log successful downloads. This is set to false by default to reduce the noise in build logs.
  • m2Path: Path to the location of the local repository that should be used.
  • mavenModulesExcludes: Maven modules which should be excluded by the static code checks. By default the modules 'unit-tests' and 'integration-tests' will be excluded.
  • pmd: Parameter to turn off PMD.
  • pmdFailurePriority: What priority level to fail the build on. PMD violations are assigned a priority from 1 (most severe) to 5 (least severe) according the the rule's priority. Violations at or less than this priority level are considered failures and will fail the build if failOnViolation=true and the count exceeds maxAllowedViolations. The other violations will be regarded as warnings and will be displayed in the build output if verbose=true. Setting a value of 5 will treat all violations as failures, which may cause the build to fail. Setting a value of 1 will treat all violations as warnings. Only values from 1 to 5 are valid.
  • pmdMaxAllowedViolations: The maximum number of failures allowed before execution fails. Used in conjunction with failOnViolation=true and utilizes failurePriority. This value has no meaning if failOnViolation=false. If the number of failures is greater than this number, the build will be failed. If the number of failures is less than or equal to this value, then the build will not be failed.
  • projectSettingsFile: Path to the mvn settings file that should be used as project settings file.
  • script: The common script environment of the Jenkinsfile running. Typically the reference to the script calling the pipeline step is provided with the this parameter, as in script: this. This allows the function to access the commonPipelineEnvironment for retrieving, e.g. configuration parameters.
  • spotBugs: Parameter to turn off SpotBugs.
  • spotBugsExcludeFilterFile: Path to a filter file with bug definitions which should be excluded.
  • spotBugsIncludeFilterFile: Path to a filter file with bug definitions which should be included.
  • spotBugsMaxAllowedViolations: The maximum number of failures allowed before execution fails.
  • verbose: verbose output

Step Configuration

We recommend to define values of step parameters via config.yml file.

In following sections of the config.yml the configuration is possible:

parameter general step/stage
dockerEnvVars X
dockerImage X
dockerName X
dockerOptions X
dockerPullImage X
dockerWorkspace X
globalSettingsFile X X
logSuccessfulMavenTransfers X X
m2Path X X
mavenModulesExcludes X
pmd X
pmdFailurePriority X
pmdMaxAllowedViolations X
projectSettingsFile X X
spotBugs X
spotBugsExcludeFilterFile X
spotBugsIncludeFilterFile X
spotBugsMaxAllowedViolations X
verbose X