When establishing a centralized build environment, it is often useful to bundle the Checkstyle rules into a dedicated
jar file. This allows the creation of a Checkstyle configuration that can be easily shared across more than one project. It also removes the rules from the direct control of a specific project’s dev team. This split of responsibility is always a good thing from a security perspective, as it prevents unauthorized “shortcuts” and allows for centralized auditing of code quality rules.
To create a central Checkstyle configuration artifact, create a new Maven project and store the Checkstyle configuration file (e.g.
checkstyle.xml) in the
src/main/resources folder. There is no need to configure the Checkstyle plugin for this Maven project as it does not hold any source code: It is a mere container to store the Checkstyle configuration file and make it available on a Maven repository server for consumption by other projects. Once you have created the artifact, perform a “
mvn deploy” and push the (versioned) artifact to a repository server.