16. Alexey Sidorenko - Sharing Is Caring: Share Your Data And Code #pdfua
CiklumJavaSat15112011:Alexey Trusov-Code quality management
-
Upload
ciklum -
Category
Technology
-
view
893 -
download
2
description
Transcript of CiklumJavaSat15112011:Alexey Trusov-Code quality management
http://www.sonarsource.org
Quality Management Platform
What is ‘Code quality platform’?Sonar is an open platform to manage code quality. As such, it covers the 7 axes of code quality: Architecture & Design, Comments, Coding rules, Potential bugs, Complexity, Unit tests, Duplications.
Benefit of using ‘Code quality platform’ - quality is central and you can easily manage it.
Quality Management Platform
Sonar has been a very popular quality management platform. The platform is billed as to continuously analyze and measure the code quality.
Sonar is an aggregate tool for complex source code management and quality measures. It uses Clover2, Cobertura, PMD, Checkstyle, and Findbugs under the hood.
What is Sonar ?
o Many languages are covered (Java, C, .Net, Flex, PHP, PL/SQL, Cobol, JSP, JSF, Visual Basic 6);
o Extended with plugins;o All quality in one central place; o Web-based application and everything is in 3 clicks;
o All projects are in the open o Easy drill down to source codeo Coding ruleso Unit Testso Standard Metricso TimeMachineo Maven readyo Leverage existing componentso Pluginso Security
Why use Sonar ?
There are several ways Sonar analysis can be performed:
Using the Maven Plugin Using the Ant Task Using the Java Runner Using a CI engine Inject data manually at any time from the Sonar UI.
Any manual measures can be easily managed directly from the component (project, module or package) dashboard
There is a possibility to integrate with Bamboo, CruiseControl, Hudson, TeamCity.
How Sonar works ?
There is a very simple procedure: Create a file named 'pom.xml' into the root directory
of your project Execute the maven2 plugin (#> mvn sonar:sonar) And that’s it!
How Sonar works – 1 ?
There is a very simple procedure: Create/modify a Ant script file named ‘build.xml’ Execute the ant command (#> ant sonar) And that’s it!
How Sonar works – 2 ?
There is a very simple procedure: Download bat/sh files from Sonar site Configure Sonar runner
How Sonar works – 3 ?
Home page | filters | favourites Browsing project | customising dashboards | Rules Compliance Index (RCI) | Treemap | Events |
Alerts The resource viewer | violation tab| duplication tab|
coverage tab | dependencies tab | Quality profiles | Alert configuration Time machine | custom chart Tendencies Coding rule mapping (Checkstyle, PMD, Findbugs) Update center | plug-in Library
Sonar in actions
Physical lines | Lines of code Comment lines | Commented-out lines of code Packages | Files | Classes | Directories Accessors | methods | Public API Duplicated lines | blocks | files Statements | Complexity | complexity by method |
Average complexity by file Unit tests | Line coverage Tags | etc
Sonar metrics
CHECKSTYLE | PMD | FindBugs
Main features: Possible bugs - empty try/catch/finally/switch
statements Dead code - unused local variables, parameters and
private methods Suboptimal code - wasteful String/StringBuffer usage Overcomplicated expressions - unnecessary if
statements, for loops that could be while loops Duplicate code - copied/pasted code means
copied/pasted bugs
PMD (Programming Mistake Detector)
SQALESoftware Quality Assessment based on Lifecycle
Expectations Overview
Pyramid
Time Machine
Sonar - Useful Featureso TimeMachine o Code Review o Changelog of Quality Profiles o Compare Quality profileso Manual Measureso Notificationo Cross Project Duplicationso Coverage of new/updated source code
Sonar is a web application and requires a maven plugin that uses both a databases.
System Requirements
o Java Development Kit v.1.5 or latero Maven 2.x or 3.x (since Sonar 2.4)o Database (Mysql, Oracle, PostgreSQL, MSSQL)o Web Server needs a healthy 500Mb of RAM o Browser should allow Javascript
Thank you! :)
Author: Trusov Aleksey
Any questions?