CodeNarc is a rule-based code quality analysis tool for Groovy-based projects. Installing CodeNarc in your Groovy ecosystem projects is as easy as using the Gradle CodeNarc Plugin. Great thing that Grails 3 is now build with Gradle.
@cjstehno's post shows how to configure different rules or have different configurations for your main code and your test code with two simple blocks in your build.gradle.
Are you looking for a rules set to start? I've borrowed @JennStrater's groovy ruleset files while installing CodeNarc at Shoptimix codebase. Installation is really 5 minutes
@sethlaw and @cmalekpour show how to use CodeNarc to improve security. In particular they show how to use CodeNarc to check for Insecure Redirects. Really interesting to use CodeNarc as a security checklist.
If you are using a previous version of Grails, before the move to Gradle, you can install CodeNarc with a Grails 2 Plugin. @farjinaarad shows how to configure the plugin and use a couple of extra tricks. For example, how to suppress warning on specific methods.