managing your project code quality
TRANSCRIPT
e.Sponsors.ApplyThanks ( )
Managing your
Project Code Quality
Agenda
•Who Am I
•Why, When, Who and How
• SonarQube
• Create your own Infrastruture
whoami
• Founder of Fundisk Entertainment
• Author @ Revista Programar
• Member @ Comunidade Netponto
• Professional Code Janitor
What?Why?
When?Who?How?
What is Quality?
ISO 8402-1986 standard defines quality as "the totality of features and characteristics of a product or service that bears its ability to satisfy stated or implied needs."http://www.businessdictionary.com/definition/quality.html
Some Code Quality Measures• Average Method Lines Of Code (AMLOC)• Average Cyclomatic Complexity per Method (ACCM)• Response For a Class (RFC)• Depth in Inheritance Tree (DIT)• Number of Children (NOC)• Lack of Cohesion in Methods (LCOM4)• Afferent Connections per Class (ACC)• Coupling Factor (COF)
Why we need Code Quality Management?
• Control the evolution of the code
• Identify, asap, code bugs, bad practices, etc.
• Centralize Code Quality of the projects
•Manage Multiple Projects Quality
•Manage work effort among the projects
When should we do it?
• Anytime is a good enough
• Soon as possible is even better
• Is hard to maintain the project
Who should be doing it?
• Developers should analyze their code
• Integration Infrastructure
• Team leaders
• Projects Managers
• Application owners
• Everyone
How to do it?
• Most IDEs have tools for code analysis• Third parties tools• https://www.owasp.org/index.php/Source_Code_Analysis_Tools
• Code Quality Management Platforms• Sonarqube• Codacy• SQuORE• Teamscale• Etc.
Create your own
Infrastruture +
Docker
Docker
• Docker is the world’s leading software container platform.
• Eliminate “works on my machine” problems.
• Docker automates the repetitive tasks of setting up and configuring
development environments so that developers can focus on what
matters: building great software.• Src: https://www.docker.com/what-docker
SonarQube
SonarQube Features• Community Edition (Free)
• Continuous Code Quality Platform
• Write Clean Code
• Multiple languages support
• Detect bugs
• Devops integration
• Centralize Quality
SonarQube Plugins• Sonarlint
• IDE extension• Visual Studio, Eclipse, IntelliJ IDEA
• Out of the box• C#, Java, Javascript, PHP, Python, XML, etc
• Some plugins are paid
• Others• Github, Google Analytics, Bitbucket Authentication, Azure AD, LDAP• ClearCase, Git, SVN, TFCV
• Etc, etc, etc• https://docs.sonarqube.org/display/PLUG/Plugin+Library
SonarQube Configuration• The SonarQube server requires at least 2GB of RAM to run efficiently and 1GB of free RAM
for the OS.
• SonarQube 5.6+ requires Java 8.
• Recommended a SQL server
• On each project create new file
• sonar-project.properties
• Two minutes start
• https://docs.sonarqube.org/display/SONAR/Get+Started+in+Two+Minutes
Demonstration
SonarQube Install• Download
• https://www.sonarqube.org/downloads/
• SonarQube Scanners• https://docs.sonarqube.org/display/SCAN/Analyzing+Source+Code• SonarQube Scanner: Launch analysis of any language from the command line• SonarQube Scanner for MSBuild: Launch analysis of .Net projects• SonarQube Scanner for Ant: Launch analysis from Ant• SonarQube Scanner for Maven: Launch analysis from Maven with minimal configuration• SonarQube Scanner for Gradle: Launch Gradle analysis• SonarQube Scanner For Jenkins: Launch analysis from Jenkin
• Installing the server• https://docs.sonarqube.org/display/SONAR/Installing+the+Server
Docker Install
• Requirements• https://docs.docker.com/docker-for-mac/install/
• Download• https://www.docker.com/get-docker
• Follow instructions
Questions?
Contacts
Windows 8 Metro Icons by dAKirby309
https://www.linkedin.com/in/nunocancelo
@masterzdran
http://lmgtfy.com/?q=nuno+cancelo