Use properties to configure plugins

Author: jonathanaustin

build-tools/src/main/resources/bordertech/bt-pmd-rules.xml

@@ -11,6 +11,7 @@
 	</rule>
 	<rule ref="category/java/design.xml">
 		<exclude name="LawOfDemeter"/>
+		<exclude name="LoosePackageCoupling"/>
 	</rule>
 	<rule ref="category/java/documentation.xml">
 		<exclude name="CommentSize"/>

qa-parent/pom.xml

@@ -30,10 +30,15 @@
 		<!-- Config file -->
 		<checkstyle.config.location>bordertech/bt-checkstyle.xml</checkstyle.config.location>
 		<!-- PMD -->
+		<pmd.printFailingErrors>true</pmd.printFailingErrors>
 		<!-- Priority: 1 (High) - 5 (Low) -->
 		<pmd.failurePriority>2</pmd.failurePriority>
+		<!-- Print details of check failures to build output -->
+		<pmd.verbose>true</pmd.verbose>
 		<!-- Rules file -->
 		<bt.pmd.rules.file>bordertech/bt-pmd-rules.xml</bt.pmd.rules.file>
+		<!-- CPD (Default to report only) -->
+		<cpd.failOnViolation>false</cpd.failOnViolation>
 
 		<!-- Spotbugs -->
 		<!-- Effort -->
@@ -43,13 +48,20 @@
 		<!-- Rank: Scariest (1-4), Scary (5-9), Troubling (10-14), Of concern (15-20) -->
 		<spotbugs.maxRank>14</spotbugs.maxRank>
 
-		<!-- OWASP -->
+		<!-- OWASP (Default to Critical) -->
 		<!-- Check every 12 hours (default is 4) -->
 		<cveValidForHours>12</cveValidForHours>
 		<!-- Min cvss score to fail on. Range 0-10 : LOW: 0-3.9, MEDIUM: 4-6.9, HIGH: 7.0-8.9, Critical: 9.0-10.0 (Default is 11 which means it never fails) -->
-		<failBuildOnCVSS>4</failBuildOnCVSS>
+		<failBuildOnCVSS>9</failBuildOnCVSS>
 		<!-- If set, owasp uses the proxy id in maven settings to download its db. -->
 		<mavenSettingsProxyId />
+		<!-- Disable retirejs analyzer -->
+		<retireJsAnalyzerEnabled>false</retireJsAnalyzerEnabled>
+		<!-- Disable swift analyzer -->
+		<swiftPackageManagerAnalyzerEnabled>false</swiftPackageManagerAnalyzerEnabled>
+		<!-- Disbale .net analyzers -->
+		<nuspecAnalyzerEnabled>false</nuspecAnalyzerEnabled>
+		<assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
 
 		<!-- Versions -->
 		<bt.junit.version>5.6.0</bt.junit.version>
@@ -130,11 +142,6 @@
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-checkstyle-plugin</artifactId>
 				<version>${bt.checkstyle.plugin.version}</version>
-				<configuration>
-					<failsOnError>true</failsOnError>
-					<linkXRef>false</linkXRef>
-					<consoleOutput>true</consoleOutput>
-				</configuration>
 				<dependencies>
 					<!-- Latest checkstyle version -->
 					<dependency>
@@ -169,9 +176,6 @@
 					<rulesets>
 						<ruleset>${bt.pmd.rules.file}</ruleset>
 					</rulesets>
-					<printFailingErrors>true</printFailingErrors>
-					<linkXRef>false</linkXRef>
-					<verbose>true</verbose>
 				</configuration>
 				<dependencies>
 					<!-- Latest pmd version -->
@@ -215,9 +219,6 @@
 					<execution>
 						<id>checkCpd</id>
 						<phase>verify</phase>
-						<configuration>
-							<failOnViolation>false</failOnViolation>
-						</configuration>
 						<goals>
 							<goal>cpd-check</goal>
 						</goals>
@@ -276,12 +277,6 @@
 				<groupId>org.owasp</groupId>
 				<artifactId>dependency-check-maven</artifactId>
 				<version>${bt.owasp.plugin.version}</version>
-				<configuration>
-					<retireJsAnalyzerEnabled>false</retireJsAnalyzerEnabled>
-					<nuspecAnalyzerEnabled>false</nuspecAnalyzerEnabled>
-					<swiftPackageManagerAnalyzerEnabled>false</swiftPackageManagerAnalyzerEnabled>
-					<assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
-				</configuration>
 				<executions>
 					<execution>
 						<id>checkDependencies</id>