tech talk #5 : code analysis sonarqube - lương trọng nghĩa
TRANSCRIPT
TechTalk #5:
Nghia Luong
Outline1. What is Sonar? (demo)
2. Features
3. Covering 7 Axes of Code Quality
4. Architecture
5. Community and Ecosystem
6. Q&A
1. What is Sonar?● Is a software quality management platform → Java.
● Enabling developers to access and track code analysis data ranging○ styling errors
○ potential bugs
○ code defects
○ code duplications
○ lack of test coverage
○ excess complexity
● Support more than 20 languages.
2. Features
● Overview of all projects (demo)
● Coding rules:
○ 600+ rules are incorporated, can be fully
parameterized.
○ implement your own.
● Standard software metrics: Lines of code, Documented
API, Cyclomatic complexity, Test coverage, Duplicated
code.
2. Features● Drill down to source code● Time Machine (Technical Debt, Code
Smell … -> SQALE), Motion Chart.
Motion Chart
Technical Debt
2. Features● Security measures● Extensible plugin system
○ Additional languages.○ Additional metrics: Useless code,
Build stability ...○ Visualization/Reporting:
■ PDF Report.■ Timeline: Google Timeline
Chart.○ Integration:
■ Jenkins and Bamboo.○ IDE: Eclipse
3. Covering 7 Axes of Code QualityAka Developers' Seven Deadly Sins
4. Architecture
Sonar Architecture
5. Architecture
Sonar with CI Architecture
6. Community and Ecosytem● Issues: http://jira.codehaus.org/browse/SONAR
● Open Source: https://github.com/SonarSource/sonarqube
● Contribute: http://www.sonarqube.org/development/
Q&A