CiklumJavaSat15112011:Alexey Trusov-Code quality management

1,152 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,152
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
29
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

CiklumJavaSat15112011:Alexey Trusov-Code quality management

  1. 1. http://www. sonarsource.org Quality Management Platform
  2. 2. <ul><li>What is ‘Code quality platform’? </li></ul><ul><li>Sonar is an open platform to manage code quality. As such, it covers the 7 axes of code quality: Architecture & Design, Comments, Coding rules, Potential bugs, Complexity, Unit tests, Duplications. </li></ul><ul><li>B enefit of using ‘Code quality platform’ - q uality is central and you can easily manage it. </li></ul>Quality Management Platform
  3. 3. <ul><li>Sonar has been a very popular quality management platform. The platform is billed as to continuously analyze and measure the code quality . </li></ul><ul><li>Sonar is an aggregate tool for complex source code management and quality measures. It uses Clover2, Cobertura, PMD, Checkstyle, and Findbugs under the hood. </li></ul>What is Sonar ? <ul><ul><li>Many l anguages are covered (Java, C, .Net, Flex, PHP, PL/SQL, Cobol, JSP, JSF, Visual Basic 6) ; </li></ul></ul><ul><ul><li>Extend ed with plugins ; </li></ul></ul><ul><ul><li>All quality in one central place; </li></ul></ul><ul><ul><li>Web-based application and everything is in 3 clicks; </li></ul></ul>
  4. 4. <ul><ul><li>All projects are in the open </li></ul></ul><ul><ul><li>Easy d rill down to source code </li></ul></ul><ul><ul><li>Coding rules </li></ul></ul><ul><ul><li>Unit Tests </li></ul></ul><ul><ul><li>Standard Metrics </li></ul></ul><ul><ul><li>TimeMachine </li></ul></ul><ul><ul><li>Maven ready </li></ul></ul><ul><ul><li>Leverage existing components </li></ul></ul><ul><ul><li>Plugins </li></ul></ul><ul><ul><li>Security </li></ul></ul>Why use Sonar ?
  5. 5. <ul><li>There are several ways Sonar analysis can be performed: </li></ul><ul><li>Using the Maven Plugin </li></ul><ul><li>Using the Ant Task </li></ul><ul><li>Using the Java Runner </li></ul><ul><li>Using a CI engine </li></ul><ul><li>Inject data manually at any time from the Sonar UI. </li></ul><ul><li>Any m anual measures can be easily managed directly from the component (project, module or package) dashboard </li></ul><ul><li>There is a possibility to integrate with Bamboo, CruiseControl, Hudson, TeamCity. </li></ul>How Sonar works ?
  6. 6. <ul><li>There is a very simple procedure: </li></ul><ul><li>Create a file named 'pom.xml' into the root directory of your project </li></ul><ul><li>Execute the maven2 plugin (#> mvn sonar:sonar) </li></ul><ul><li>And that’s it! </li></ul>How Sonar works – 1 ?
  7. 7. <ul><li>There is a very simple procedure: </li></ul><ul><li>Create /modify a Ant script file named ‘ build .xml’ </li></ul><ul><li>Execute the ant command (#> ant sonar) </li></ul><ul><li>And that’s it! </li></ul>How Sonar works – 2 ?
  8. 8. <ul><li>There is a very simple procedure: </li></ul><ul><li>Download bat/sh files from Sonar site </li></ul><ul><li>Configure </li></ul><ul><li>Sonar runner </li></ul>How Sonar works – 3 ?
  9. 9. <ul><li>Home page | filters | favourites </li></ul><ul><li>Browsing project | customising dashboards | </li></ul><ul><li>Rules Compliance Index (RCI) | Treemap | Events | Alerts </li></ul><ul><li>The resource viewer | violation tab| duplication tab| coverage tab | dependencies tab | </li></ul><ul><li>Quality profiles | Alert configuration </li></ul><ul><li>Time machine | custom chart </li></ul><ul><li>Tendencies </li></ul><ul><li>Coding rule mapping ( Checkstyle , PMD , Findbugs ) </li></ul><ul><li>Update center | plug-in Library </li></ul>Sonar in actions
  10. 10. <ul><li>Physical lines | Lines of code </li></ul><ul><li>Comment lines | Commented-out lines of code </li></ul><ul><li>Packages | Files | Classes | Directories </li></ul><ul><li>Accessors | methods | Public API </li></ul><ul><li>Duplicated lines | blocks | files </li></ul><ul><li>Statements | Complexity | complexity by method | Average complexity by file </li></ul><ul><li>Unit tests | Line coverage </li></ul><ul><li>Tags | etc </li></ul>Sonar metrics CHECKSTYLE | PMD | FindBugs
  11. 11. <ul><li>Main features: </li></ul><ul><li>Possible bugs - empty try/catch/finally/switch statements </li></ul><ul><li>Dead code - unused local variables, parameters and private methods </li></ul><ul><li>Suboptimal code - wasteful String/StringBuffer usage </li></ul><ul><li>Overcomplicated expressions - unnecessary if statements, for loops that could be while loops </li></ul><ul><li>Duplicate code - copied/pasted code means copied/pasted bugs </li></ul>PMD ( Programming Mistake Detector )
  12. 12. SQALE Software Quality Assessment based on Lifecycle Expectations Overview Pyramid Time Machine
  13. 13. Sonar - Useful Features <ul><ul><li>TimeMachine </li></ul></ul><ul><ul><li>Code Review </li></ul></ul><ul><ul><li>Changelog of Quality Profiles </li></ul></ul><ul><ul><li>Compare Quality profiles </li></ul></ul><ul><ul><li>Manual Measures </li></ul></ul><ul><ul><li>Notification </li></ul></ul><ul><ul><li>Cross Project Duplications </li></ul></ul><ul><ul><li>Coverage of new/updated source code </li></ul></ul>
  14. 14. <ul><li>Sonar is a web application and requires a maven plugin that uses both a database s . </li></ul>System Requirements <ul><ul><li>Java Development Kit v.1.5 or later </li></ul></ul><ul><ul><li>Maven 2.x or 3.x (since Sonar 2.4) </li></ul></ul><ul><ul><li>Database (Mysql, Oracle, PostgreSQL, MSSQL) </li></ul></ul><ul><ul><li>Web Server needs a healthy 500Mb of RAM </li></ul></ul><ul><ul><li>Browser should allow Javascript </li></ul></ul>
  15. 15. Thank you! :) Author: Trusov Aleksey Any questions?

×