Don't boil the Ocean
Even a journey of a thousand miles starts with a single step, so let's break down the task into manageable chunks to divide and rule.
There are 2 dimensions you can use: Type of code and priority levels. Using them you can turn your Clean Code journey into manageable stages.
- Legacy code: all code that doesn't fall in any of the two other categories
- Changed code: code that needs change due to business requirements
- New code: new code written for new or changed functionality (applies to copy & paste too)
- 1 = security and performance, will fail build
- 2 = bad code, will fail build
- 3 & 4 = hard to maintain code, will generate warning
- 5 = ugly code, will generate hint
PMD rules for code types should have different priorities. A different number of tests will fail a build:
- 11 for legacy code (all around performance and security)
- 33 for changed code
- 44 for new code
This will require to run PMD with different rulesets on subsets of your code base