Eclipse / SonarQube Integration: How to handle Checkstyle / PMD / FindBugs

Question

If I work with Eclipse and want to use SonarQube as single source of code rules, I understand I need to use the SonarLint plugin. However, SonarLint will only check squid rules, no Checkstyle/PMD/Findbugs rules (although they can be used in SonarQube).

My question: If a project has been using a Checkstyle/PMD/Findbugs rule set, how should these rules be handled so that they can also be seen by the Eclipse developers?

Please consider these points:

• I don't want to manually export rules from SonarQube and install Eclipse plugins for Checkstyle/PMD/Findbugs and configure them with the exported rules. That's too cumbersome.
• I see that some Checkstyle/PMD/Findbugs are marked as deprecated and there are squid-replacements. Thats ok. But what do I do with all the rules that are not deprecated?

Answer 1

This is how we solved this issue (90% solution):

1. Replaced all deprecated Checkstyle/PMD/FindBugs rules with recommended squid rules. -> This left over 80 Checkstyle, 16 PMD and 0 FindBugs rules (and 60 squid rule), eliminating FindBugs.
2. Use SonarLint + Checkstyle plugins in Eclipse. For Checkstyle, we export the rules XML from SonarQube, put them in our version control and configure Checkstyle plugin to use that.
3. Ignore PMD in Eclipse and use direct browser access to SonarQube to see PMD rule violations in code reviews. This saves us from installing/confguring PMD for "only 16 rules".

The solution makes about 90% of our rules visible in Eclipse. The price we pay:

• Install & configure 2 plugins for rules checking instead of 1.
• Manually keep Checkstyle rules XML up to date whenever SonarQube updates lead to changes.
• squid rule violations only visible for opened classes, and in a separate "SonarLint On-the-fly" view.
• Only 90% of rules visible directly in Eclipse.

We would be very happy if one day SonarLint would display all SonarQube rules violations in Eclipse's standard "Problems" view, covering workspace and selection scopes. Then we would only need a single Eclipse plugin and SonarQube would be the only rules repository.