Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The story of SonarQube told to a DevOps Engineer

7,126 views

Published on

SonarQube is a open source code quality management platform. This talk focuses on the need, setup, CI Infrastructure and administration of the SonarQube to the DevOps community.

Published in: Technology

The story of SonarQube told to a DevOps Engineer

  1. 1. The story of SonarQube told to a DevOps Engineer Manu PK @manupk12 http://blog.manupk.com/ DevOps Bangalore Meetup March 1,2014
  2. 2. About Me
  3. 3. Agenda  Defining & Measuring code quality  DevOps and Code Quality  SonarQube Platform Overview  SonarQube - DevOps View  Lessons Learned
  4. 4. Defining & Measuring code quality  Code Quality or Intrinsic value of a software is typically measured by the term Technical Debt.  Technical debt metaphor referring to the eventual consequences of poor software development practices within a codebase – Wiki  Technical debt and Cost of Change  Parameters considered:- Coding standards breach, Duplications, Lack of unit tests, Bad distribution of complexity, Spaghetti Design etc...
  5. 5. DevOps and Code Quality  Typically managed by Dev Teams with some Tooling support     What’s missing here…     Static code analyzers like findbugs, checkstyle, PMD Design analyzer tools Other tools… Let’s make a fresh start - Finding new violations Centralized Repository to manage and track issues Convincing management for a re-factoring Enter the …
  6. 6. What is SonarQube   SonarQube is an open source platform for Continuous Inspection of code quality. Main Features       Supports over 20 languages including Java, C#, C/C++, PL/SQL, Javascript, PHP, Web, XML, etc. Analyze Code, Report and Take Actions Spot Trends with Continuous Time Series Reporting Identify Defects on Latest Changes with Differential Views Integrate and Automate Read more @   http://www.sonarqube.org/features/ http://www.sonarsource.com/products/features/continuousinspection/
  7. 7. SonarQube Platform Overview
  8. 8. Demo
  9. 9. SonarQube - DevOps View  Database    VM to run the Sonar   MS SQL Server My SQL Windows or Linux Locate the analyzer   Local Analysis from Dev machines(Preview mode) – To be used to check the code before the check-in. Trigger the analysis from CI server – Stores the date to DB
  10. 10. SonarQube - DevOps View  Administration   Security, Access Control, Update Centre    contd… Plug-in based Architecture Co-ordinate with Dev Teams to get the required plugins Dashboards  Setup Basic Dashboards
  11. 11. Where does it fit in  Your CI Environment
  12. 12. Connecting to CI Server (like Hudson )  CI Support   Hudson, Jenkins Download the Plug-in for Hudson    Configure the Sonar properties Set the Trigger for analysis Demo
  13. 13. Continuous Inspection of code
  14. 14. Lessons Learned  Communication     Developers DBAs Web Ops Team Windows Services Issue
  15. 15. Summary  Detect the evil within!  DevOps help an organization rapidly produce Quality software products and services   Measure Quality with SonarQube Help your developers to make the code base cleaner than Inherited 
  16. 16. Questions / Comments / Feedback @manupk12| manu.pk@outlook.com Slides @ http://www.slideshare.net/pkmanu
  17. 17. References  SonarQube on Wiki  Sonar Documentation  DevOps Wiki
  18. 18. Thank You for Listening

×