Building better software with maven and sonar

6,002 views
5,838 views

Published on

This presentation talks about using best practices to build a better Software.

These practices talk about
1. CIT builds
2. Software Artifact management
3. TDD
4. Getting PMD, Findbugs etc Reports

We will talk about how to use Maven to solve problems related to build and improve the build process and product quality.

We will also talk about Sonar, a tool which collects and keeps tracks of numerous metrics related to design and code.
Sonar can show us on a timline what improved and what declined in last six months, in a measurable manner.

Best part is using Maven with Sonar is a breeze and it helps us improve quality significantly.

Building better software with maven and sonar

  1. 1. Building better software with Maven & Sonar<br />By Rohit Ghatol<br />
  2. 2. About Me<br />
  3. 3. What is Maven?<br />For Java<br />Build Tool<br />Reporting Tool<br />Software Distribution<br />Project<br />Management<br />
  4. 4. Maven Quick Demo<br />
  5. 5. Requirements for Maven<br />JDK 6+<br />Maven 2.x<br />
  6. 6. mvnarchetype:generate-DarchetypeArtifactId=maven-archetype-quickstart-DinteractiveMode=false-DgroupId=com.mycompany.app-DartifactId=my-app <br />
  7. 7. Directory Structure<br />com/mycompany/app/App.java<br />com/mycompany/app/AppTest.java<br />
  8. 8. mvn install<br />
  9. 9. Directory Structure<br />
  10. 10. Maven Directory Structure<br />Directory NameDescription<br />src/main/java Application/Library sources<br />src/main/resourcesApplication/Library resources<br />src/main/filters Resource filter files<br />src/main/assembly Assembly descriptors<br />src/main/configConfiguration files<br />src/main/webappWeb application sources<br />src/test/javaTest sources<br />src/test/resourcesTest resources<br />src/test/filters Test resource filter files<br />src/siteSite<br />LICENSE.txtProject's license<br />NOTICE.txtNotices and attributions required by libraries that the <br />project depends on<br />README.txtProject's readme<br />
  11. 11. Why Maven?<br />
  12. 12. But Ma, I have Ant?<br />
  13. 13. Project Dependency in Ant<br />C:project1<br />C:project2<br />Project 1<br />Project 2<br />I only need Project 1, but I still need to checkout Project 2<br />C:Project2dist<br />Build.xml<br />Build.xml<br />Using Relative Path<br />
  14. 14. Checking in Dependencies<br />Snapshot builds<br />Project 1<br />Project 2<br />Project 3<br />libs<br />libs<br />libs<br /><ul><li>project2.jar
  15. 15. servlet-api.jar
  16. 16. project3.jar
  17. 17. commons.jar
  18. 18. logging.jar
  19. 19. hamcrest.jar</li></ul>3rd Party Dependencies are checked in!<br />What about CIT?<br />
  20. 20. Convention Vs Configuration<br />Almost Every one is doing following?<br />Is it Time to define a <br />HighLevel<br />Lifecyle ?<br />Clean<br />Prepare<br />Compile<br />Jar<br />Test<br />
  21. 21. Custom Ant Tasks<br />Build Cycle<br />Project 1<br />Clean<br />libs<br />When to call the task Life cycle?<br />Compile<br /><ul><li>project2.jar
  22. 22. servlet-api.jar
  23. 23. android-build.jar</li></ul>Jar<br />Dex<br />APT<br />What about Reuse?<br />What about Distribution?<br />
  24. 24. Reporting<br />Test Run Report<br />Code Coverage Report<br />PMD<br />Can I get these by default?<br />FindBugs<br />Change Log<br />……<br />
  25. 25. Software Distribution<br />Maven<br />Spring<br />Repo<br />Repo<br />Repo1<br />Repo2<br />Repo2<br />Repo<br />Xyz..<br />Synerzip<br />Project1<br />Internet<br />Project2<br />Project3<br />
  26. 26. Going Deeper into Maven<br />
  27. 27. pom.xml<br /><project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi=”….><br /><modelVersion>4.0.0</modelVersion><br /> <groupId>com.mycompany.app</groupId><br /> <artifactId>my-app</artifactId><br /> <packaging>jar</packaging><br /> <version>1.0-SNAPSHOT</version><br /> <name>my-app</name><br /> <url>http://maven.apache.org</url><br /> <dependencies><br /> <dependency><br /> <groupId>junit</groupId><br /> <artifactId>junit</artifactId><br /> <version>3.8.1</version><br /> <scope>test</scope><br /> </dependency><br /> </dependencies><br /></project><br />
  28. 28. pom.xml<br /><project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi=”….><br /><modelVersion>4.0.0</modelVersion><br /> <groupId>com.mycompany.app</groupId><br /> <artifactId>my-app</artifactId><br /> <packaging>jar</packaging><br /> <version>1.0-SNAPSHOT</version><br /> <name>my-app</name><br /> <url>http://maven.apache.org</url><br /> <dependencies><br /> <dependency><br /> <groupId>junit</groupId><br /> <artifactId>junit</artifactId><br /> <version>3.8.1</version><br /> <scope>test</scope><br /> </dependency><br /> </dependencies><br /></project><br />
  29. 29.
  30. 30. Understanding Repositories<br />Synerzip<br />Central<br />Proxy/Internal Repo<br />mvn package<br />mvn install<br />~/.m2/repository<br />mvn deploy<br />Maven Project<br />Download needed dependencies e.gjunit<br />Install the artifact in to local repository (~/.m2/repository<br />Push artifact to Internal/Central repository<br />
  31. 31. Maven Architecture<br />Plugins<br />Core<br />Maven Core<br />compile<br />jar<br />surefire<br />…<br />…<br /><ul><li>Parsing Maven XML File
  32. 32. Maven LifeCycle
  33. 33. Basic Plugins</li></ul>compile<br />jar<br />test<br />….<br />….<br />
  34. 34. Maven Concepts<br />Goals<br />LifeCycle<br />mvnarchetype:generate<br />mvn install<br />mvn <<Plugin>>:<<Goal>><br />mvn <<LifeCycle Phase>><br />
  35. 35. Maven Plugins & Goals<br />Plugin<br />Goals<br />compiler<br />jar<br />surefire<br />jar<br />test-jar<br />sign<br />Sign-verify<br />compile<br />testCompile<br />test<br />Command: mvnhelp:describe –Dplugin:jar<br />
  36. 36. Maven LifeCycle<br />Phases<br />Goals<br />process-resources<br />resources:resources<br />compile<br />compiler:compile<br />process-classes<br />process-test-resources<br />resources:testResources<br />test-compile<br />compiler:testCompile<br />test<br />surefire:test<br />prepare-package<br />package<br />jar:jar<br />
  37. 37. mvn clean install<br />maven-clean-plugin:2.4.1:clean<br />maven-resources-plugin:2.4.3:resources<br />maven-compiler-plugin:2.3.2:compile<br />maven-resources-plugin:2.4.3:testResources<br />maven-compiler-plugin:2.3.2:testCompile<br />maven-surefire-plugin:2.7.2:test<br />maven-jar-plugin:2.3.1:jar<br />maven-install-plugin:2.3.1:install<br />
  38. 38. Standalone Maven Project<br />
  39. 39.
  40. 40.
  41. 41.
  42. 42.
  43. 43.
  44. 44. Effective POM<br />
  45. 45.
  46. 46. Make Changes<br />Add Employee Model Class<br />Add Employee Service (Use Map for persistence)<br />Add Employee Test Cases<br />Add Reporting Plugins to generate site<br />
  47. 47. Maven Site Generation<br />
  48. 48. Maven Reporting<br /><reporting><br /> <plugins><br /> <!-- surefire-reports --><br /><plugin><br /><groupId>org.apache.maven.plugins</groupId><br /><artifactId>maven-surefire-report-plugin</artifactId><br /><version>2.6</version><br /></plugin><br /> <!-- JavaDocPlugin --><br /> <plugin><br /> <groupId>org.apache.maven.plugins</groupId><br /> <artifactId>maven-javadoc-plugin</artifactId><br /> <version>2.8</version><br /></plugin><br /> <!-- jxrsource code browsing plugin --><br /><plugin><br /><groupId>org.codehaus.mojo</groupId><br /> <artifactId>jxr-maven-plugin</artifactId><br /> <version>2.0-beta-1</version><br /></plugin><br /></reporting><br />
  49. 49. Maven Site<br />
  50. 50. Maven Site<br />
  51. 51. Maven Site<br />
  52. 52. Maven Site<br />
  53. 53. Maven Site<br />
  54. 54. Maven Site<br />
  55. 55. Maven Site<br />
  56. 56. Maven Site<br />
  57. 57. Maven Web App Project<br />
  58. 58.
  59. 59.
  60. 60.
  61. 61.
  62. 62.
  63. 63. Web.xml<br />
  64. 64. mvn package tomcat:run-war<br />Look Ma, No need to download Tomcat by myself<br />
  65. 65.
  66. 66. Maven Repositories<br />
  67. 67. Repository Options<br />Archiva<br />Artifactory<br />Nexus<br />
  68. 68. Internal Maven Repositories<br />
  69. 69. <repositories><br /> <repository><br /> <id>archiva.internal</id><br /> <name>ArchivaManagedInternalRepository</name><br /> <url>http://xyz:8080/archiva/repository/internal/</url><br /> <releases><br /> <enabled>true</enabled><br /> </releases><br /> <snapshots><br /> <enabled>false</enabled><br /> </snapshots><br /> </repository><br /> <repository><br /> <id>archiva.snapshots</id><br /> <name>ArchivaManagedSnapshotRepository</name><br /> <url>http://xyz:8080/archiva/repository/snapshots/</url><br /> <releases><br /> <enabled>false</enabled><br /> </releases><br /> <snapshots><br /> <enabled>true</enabled><br /> </snapshots><br /> </repository><br /> </repositories><br />
  70. 70. Maven Distribution<br />
  71. 71. Distribution Management<br /><distributionManagement><br /> <repository><br /> <id>archiva.internal</id><br /> <name>Internal Release Repository</name><br /> <url>dav:http://xyz:8080/archiva/repository/internal/</url><br /> </repository><br /> <snapshotRepository><br /> <id>archiva.snapshots</id><br /> <name>InternalSnapshotRepository</name><br /> <url>dav:http://xyz:8080/archiva/repository/snapshots/</url><br /> </snapshotRepository><br /> <site><br /> <id>website</id><br /> <url>scp://xyz/var/www/mavensite/MavenTraining</url><br /> </site><br /> </distributionManagement><br />
  72. 72. Multi Module Projects<br />
  73. 73. Multi Module Project<br />employee<br /><project ….><br /><modelVersion>4.0.0</modelVersion><br /> <groupId>com.technext.maven</groupId><br /> <artifactId>parent-project</artifactId><br /> <version>1.0-SNAPSHOT</version><br /><packaging>pom</packaging><br /><modules><br /><module>service</module><br /> <module>webapp</module><br /> </modules><br /></project><br />$employee> mvn package<br />[INFO] Scanning for projects...<br />[INFO] Reactor build order: <br />[INFO] Employee Parent Project<br />[INFO] Employee-Backend-Services<br />[INFO] Employee-WebApp<br />pom.xml<br />service<br />pom.xml<br />webapp<br />pom.xml<br />
  74. 74. Parent Child Relationship<br />
  75. 75. Parent Child Relationship<br />employee<br /><project …><br /> <modelVersion>4.0.0</modelVersion><br /> <parent><br /> <artifactId>employee-parent</artifactId><br /> <groupId>com.technext.maven.multimodule</groupId><br /> <version>0.0.1-SNAPSHOT</version><br /> </parent><br /> <groupId>com.technext.maven.multimodule</groupId><br /> <artifactId>employee-service</artifactId><br /> <version>0.0.1-SNAPSHOT</version><br /> <name>Employee-Backend-Services</name><br /></project><br />pom.xml<br />service<br />pom.xml<br />webapp<br />pom.xml<br />
  76. 76. Maven Profiles<br />
  77. 77. How Often you customize your builds?<br />Build Portability<br />Production<br />Vs<br />Development<br />Developer<br />Vs<br />QA<br />Manager<br />Vs<br />Individual Contributer<br />Windows<br />Vs<br />Linux<br />
  78. 78. Welcome Maven Profiles<br />
  79. 79. Lets Declare a Maven Profile<br />
  80. 80.
  81. 81.
  82. 82.
  83. 83. More Details<br />http://maven.apache.org/guides/introduction/introduction-to-profiles.html<br />
  84. 84. Maven Settings.xml<br />
  85. 85. Scenario<br />CVS<br />Archiva Server<br />(Repository Server)<br />pom.xml<br /><project><br /> ...<br /> <distributionManagement><br /> <repository><br /> <id>archiva.internal</id><br /> <name>Internal Release Repository</name><br /> <url>dav:http://reposerver.mycompany.com:8080/archiva/repository/internal/</url><br /> </repository><br /> <snapshotRepository><br /> <id>archiva.snapshots</id><br /> <name>Internal Snapshot Repository</name><br /> <url>dav:http://reposerver.mycompany.com:8080/archiva/repository/snapshots/</url><br /> </snapshotRepository><br /> </distributionManagement><br /> ...<br /> </project><br /><settings><br /> ...<br /> <servers><br /> <server><br /> <id>deployment.webdav</id><br /> <username>{archiva-deployment-user}</username><br /> <password>{archiva-deployment-pwd}</password><br /> </server><br /> ...<br /> </servers><br /> ...<br /> </settings><br />Where to specify Username and<br />Password?<br />settings.xml<br />pom.xml<br />pom.xml<br />pom.xml<br />
  86. 86. More Details<br /><ul><li>http://maven.apache.org/settings.html
  87. 87. http://archiva.apache.org/docs/1.0.1/userguide/deploy.html</li></li></ul><li>Sonar<br />
  88. 88. What is Sonar?<br />Code Quality Analysis tool<br />
  89. 89. Install Sonar<br />Download Sonar - http://www.sonarsource.org/downloads/<br />Change DB Settings if needed<br />$>sonar start<br />http://xyz:9000<br />
  90. 90. Using Sonar with Maven<br />Provide Sonar DB Settings in maven’s Settings.xml<br />$>mvn clean package sonar:sonar<br />Visit http://xyz:9000/<br />
  91. 91.
  92. 92.
  93. 93. Sonar Report for EmployeeService<br />
  94. 94. Basic Metrics (Starter pack)<br />Lines of Code/Classes/Methods<br />Rules Compliance Index & Violations<br />Comments and Duplicate Code<br />Package Tangle Index<br />Method/Class Complexity (Cyclometric)<br />LCOM4 and RFC<br />Code Coverage and Test Results<br />
  95. 95. Lines of Code/Classes/Method<br />
  96. 96. Lines of Code/Classes/Method<br />General Demographics about<br />Total lines<br />Total lines of code<br />Total Statements<br />Total Packages<br />Total Classes<br />Total Methods<br />
  97. 97. Rules Compliance Index & Violations<br />
  98. 98. Rules Compliance Index & Violations<br />Compare to PMD, Find Bugs, Code analysis tool<br />Violations Categorized into<br />Blocker<br />Critical<br />Major<br />Minor<br />This all is customizable<br />
  99. 99. Comments and Duplicate Code<br />
  100. 100. Comments and Duplicate Code<br />How many public APIs are documented?<br />How many APIs are undocumented?<br />How much of code is commented?<br />How much code is duplicated?<br />
  101. 101. Package Tangle Index<br />
  102. 102. Package Tangle Index<br />Architectural health<br />Detects Cyclic Dependency between Packages<br />Shows if Architecture is layered architecture<br />
  103. 103. Method/Class Complexity <br />
  104. 104. Method/Class Complexity <br />Cyclometric Complexity<br />Complexity is 1 for empty function<br />Add 1 for every block<br />Addition of all this is complexity of the method<br />More complex the method harder to test<br />Default complexity level = 10 <br />
  105. 105. LCOM4 and RFC<br />
  106. 106. LCOM4<br />Lets Start with SOLID Design Principle<br />S = Single Responsibility Principle<br />A Class should have only one responsibility<br />If Class has more than one<br />Then break the class into smaller classes<br />This ensures<br />Modularity<br />Reusability<br />
  107. 107. How to measure LCOM4<br />If a class as 2+ sets of method totally disjoint, then we can very much say class has 2 responsibility<br />http://www.sonarsource.org/clean-up-design-at-class-level-with-sonar/<br />
  108. 108. RFC – Response for Class<br />Total number of methods/constructor invoked as a result of calling the method of a class<br />
  109. 109. Code Coverage and Test Results<br />
  110. 110. Code Coverage and Test Results<br />Code Coverage is the paths of code covered by unit test <br />Test Results is how many test cases passed or fail<br />
  111. 111. Time Machine<br />
  112. 112. Time Machine<br />Compare any of the metrics over a period of time<br />Instant Dashboard of <br />What’s improving<br />What’s degrading<br />
  113. 113. Design<br />
  114. 114. Design<br />
  115. 115. Design<br />Tells about Cyclic Dependencies in Packages<br />Tells about the state of Layered Architecture<br />
  116. 116. Violations DrillDown<br />
  117. 117. Hotspots<br />
  118. 118. Hotspots<br />One Place to see all risks area<br />Drill Down to the problem areas<br />
  119. 119. And Many More<br />Visit this link for more details http://docs.codehaus.org/display/SONAR/Sonar+Plugin+Library<br />
  120. 120. Sample Sonar Reports<br />http://nemo.sonarsource.org/<br />
  121. 121. References<br />Must Own Book for Maven<br />http://www.sonarsource.org/<br />Buy a Copy Today<br />

×