SonarQube is a open source code quality management platform. This talk focuses on the need, setup, CI Infrastructure and administration of the SonarQube to the DevOps community.
4. Defining & Measuring code quality
Code Quality or Intrinsic value of a software is
typically measured by the term Technical Debt.
Technical debt metaphor referring to the eventual
consequences of poor software development
practices within a codebase – Wiki
Technical debt and Cost of Change
Parameters considered:- Coding standards breach,
Duplications, Lack of unit tests, Bad distribution of
complexity, Spaghetti Design etc...
5. DevOps and Code Quality
Typically managed by Dev Teams with some Tooling
support
What’s missing here…
Static code analyzers like findbugs, checkstyle, PMD
Design analyzer tools
Other tools…
Let’s make a fresh start - Finding new violations
Centralized Repository to manage and track issues
Convincing management for a re-factoring
Enter the …
6. What is SonarQube
SonarQube is an open source platform for
Continuous Inspection of code quality.
Main Features
Supports over 20 languages including Java, C#, C/C++,
PL/SQL, Javascript, PHP, Web, XML, etc.
Analyze Code, Report and Take Actions
Spot Trends with Continuous Time Series Reporting
Identify Defects on Latest Changes with Differential Views
Integrate and Automate
Read more @
http://www.sonarqube.org/features/
http://www.sonarsource.com/products/features/continuousinspection/
9. SonarQube - DevOps View
Database
VM to run the Sonar
MS SQL Server
My SQL
Windows or Linux
Locate the analyzer
Local Analysis from Dev machines(Preview mode) – To
be used to check the code before the check-in.
Trigger the analysis from CI server – Stores the date to
DB
10. SonarQube - DevOps View
Administration
Security, Access Control,
Update Centre
contd…
Plug-in based Architecture
Co-ordinate with Dev Teams to get the required plugins
Dashboards
Setup Basic Dashboards
12. Connecting to CI Server (like Hudson )
CI Support
Hudson, Jenkins
Download the Plug-in for Hudson
Configure the Sonar properties
Set the Trigger for analysis
Demo
15. Summary
Detect the evil within!
DevOps help an organization rapidly produce
Quality software products and services
Measure Quality with SonarQube
Help your developers to make the code base cleaner
than Inherited