Plugin for danger/kotlin which helps to parse and report detekt violations from its Checkstyle XML or SARIF report files.

Depends on you. We constrained only with danger/kotlin file and line appearance, and repository hosting (e.g. GitHub) markdown capabilities. Anything else is customizable.

Dangerfile.df.kts is the main configuration file of any danger/kotlin setup. To use this plugin you should add it as a dependency on top of this file and call register. Latest version could be found in Maven Central

@file:DependsOn("xyz.pavelkorolev.danger.detekt:plugin:x.y.z")

register.plugin(DetektPlugin)

This does what it says. If you have one detekt report and don't want any customization - that's probably your choice.

DetektPlugin.parseAndReport(reportFile)

Actually parameters of all parse functions are varargs, so you could provide it as many report files as you want.

DetektPlugin.parseAndReport(reportFile1, reportFile2, reportFile3)

or

val files: Array<File> = findReportFilesByYourself()
DetektPlugin.parseAndReport(*files)

You could also parse files without immediate reporting.

val report: DetektReport = DetektPlugin.parse(files)

This DetektReport contains everything from parsed detekt reports, so it could be useful you want to check something before actual reporting.

You could also report it like this

DetektPlugin.report(report)

Please note, in order to make danger report files correctly you should configure detekt to return paths relative to working directory.

detekt {
    basePath = rootDir.absolutePath
}

@file:DependsOn("xyz.pavelkorolev.danger.detekt:plugin:x.y.z")

import systems.danger.kotlin.*
import systems.danger.kotlin.models.github.*
import xyz.pavelkorolev.danger.detekt.DetektPlugin
import java.io.File

register.plugin(DetektPlugin)

danger(args) {
    warnDetekt()
}

fun warnDetekt() {
    val file = File("build/reports/detekt/report.xml") // or report.sarif
    if (!file.exists()) {
        warn(
            "🙈 No detekt report found",
        )
        return
    }
    with(DetektPlugin) {
        val report = parse(file)
        val count = report.count
        if (count == 0) {
            message("👏👏👏 Good job! Detekt found no violations here!")
            return
        }
        fail(
            "🙁 Detekt violations found: **${report.count}**.\n" +
                    "Please fix them to proceed. We have zero-warning policy"
        )
        report(report)
    }
}

Functions DetektPlugin.report and DetektPlugin.parseAndReport have reporter: DetektViolationReporter parameter, which is in fact a functional interface with report(violation: DetektViolation) function.

By implementing this you could customize reporting logic and appearance as you want.

By default, there is DefaultDetektViolationReporter which has its own opinionated way to create messages and respect violations severities.

DefaultDetektViolationReporter uses inline comments if file and line provided for error. If you want to use only global report without inline comments then use DefaultDetektViolationReporter(context, isInlineEnabled = false) instead.

Let's say you want to send everything found into fail table with emojis at the end. Write it like this.

class FailReporter(private val context: DangerContext) : DetektViolationReporter {

    override fun report(violation: DetektViolation) {
        val message = violation.message ?: return
        context.fail("$message 💥💥💥")
    }
}

And use it like this

DetektPlugin.report(report, reporter = FailReporter(context))

Or you could implement the same as inline reporter thanks to its functional interface nature like so.

plugin.report(report) { violation ->
    violation.message?.let(context::fail)
}

• You may want to send some warning if there are no detekt reports at all. Maybe something went wrong and detekt didn't even run for this build.
• You may want to check violations count before reporting. If nothing found say "Good job" to PR author. Be grateful for such moments, appreciate your colleagues work.
• You may want to check violations count to NOT send huge comments into PR. GitHub for example has a limitation on comment size. If there are many violations then Danger will fail sending them. Set a reasonable limit and print some generic message instead.
• You even may want to check if some violations reported in someone's module or directory to mention them automatically.
• Add a ton of emojis. Everyone loves them. Just kidding 😁. Or not 🤔.

This plugin is heavily inspired by AckeeCZ/danger-kotlin-detekt which is great, but lacks of customization and preliminary checks capabilities.