Ad
More Related Content
What's hot (20)
Viewers also liked (8)
Ad
Similar to Beyond the basics of SonarQube: improve your Java(Script) code even further (20)
![[JOI] TOTVS Developers Joinville - Java #1](https://cdn.slidesharecdn.com/ss_thumbnails/meetupjava-190808181149-thumbnail.jpg?width=560&fit=bounds)
Ad
More from Johan Janssen (18)
![Use voice recognition with Alexa to control your home [JavaOne]](https://cdn.slidesharecdn.com/ss_thumbnails/usevoicerecognitionwithalexatocontrolyourhome-171009102752-thumbnail.jpg?width=560&fit=bounds)
![JavaOne: Welcome alexa, your personal assistant [con1700]](https://cdn.slidesharecdn.com/ss_thumbnails/welcomealexayourpersonalassistantcon1700-160923181032-thumbnail.jpg?width=560&fit=bounds)
![JavaOne: Using actors for the iInternet of (Lego) Trains [con1709]](https://cdn.slidesharecdn.com/ss_thumbnails/usingactorsfortheinternetoflegotrainscon1709-160921210728-thumbnail.jpg?width=560&fit=bounds)
![JavaOne: Using NetBeans RCP to control your Lego [con1702]](https://cdn.slidesharecdn.com/ss_thumbnails/usingnetbeansrcptocontrolyourlegocon1702-160921210546-thumbnail.jpg?width=560&fit=bounds)
![JavaOne: A tour of (advanced) akka features in 60 minutes [con1706]](https://cdn.slidesharecdn.com/ss_thumbnails/atourofadvancedakkafeaturesin60minutescon1706-160921210355-thumbnail.jpg?width=560&fit=bounds)
Recently uploaded (19)
Beyond the basics of SonarQube: improve your Java(Script) code even further
- 1. Johan Janssen (Info Support) @johanjanssen42
- 2. Basic features Analyzing data Code review Hunting bad design and architecture Testing Other languages Leftovers Using SonarQube on existing projects Tips / summary Questions
- 6. Microsoft Applications: "about 10 - 20 defects per 1000 lines of code during in-house testing, and 0.5 defect per 1000 lines of code in released product (Dave Moore 1992).“
- 7. NASA's Spirit rover became unresponsive on January 21, 2004, a few weeks after landing on Mars. (Wikipedia) In January 2009, Google's search engine erroneously notified users that every web site world wide was potentially malicious, including its own. (Wikipedia)
- 9. I’m told to use it. We need to achieve certain results (SIG…) I want to improve my coding standards
- 10. Platform to manage code quality Open source, possible to pay for support and some plugins Since 2006; now they have 200 customers and SonarQube is used in 15.000 organizations Active community: support, plugins, books
- 11. 2013: 5 releases of SonarQube platform 130 releases of ecosystem products 75,000 downloads of SonarQube 13,000+ messages on mailing lists
- 41. “We all need people who will give us feedback. That's how we improve.” - Bill Gates
- 47. mvn clean install mvn sonar:sonar mvn clean org.jacoco:jacoco-maven- plugin:prepare-agent install -Dmaven.test.failure.ignore=true mvn sonar:sonar
- 48. Configure the POM (see next slide) Activate profile to get coverage per test information mvn org.jacoco:jacoco-maven- plugin:prepare-agent clean install -Pcoverage-per-test Analyze the project mvn sonar:sonar
- 52. ! Unit testing
- 56. Add integration test coverage widget to SonarQube Download Jacoco agent Configuration for Tomcat’s catalina.bat: set JACOCO=- javaagent:$path$libjacocoagent.jar, destfile=$resultpath$jacoco.exec, append=false,includes=com.dockerpi.* set JAVA_OPTS=%JAVA_OPTS% %JACOCO%
- 57. Start Tomcat Execute tests (manual, integration, performance…) Stop Tomcat and execute SonarQube analysis mvn clean install sonar:sonar -Dsonar.dynamicAnalysis=reuseReports -Dsonar.jacoco.itReportPath= $resultpath$jacoco.exec
- 62. Enable ‘Survived mutant’ rule in SonarQube Quality Profile Configure Pitest for instance with Maven (see next slides)
- 63. Execute tests and send results to SonarQube mvn org.pitest:pitest- maven:mutationCoverage mvn sonar:sonar -Dsonar.pitest.mode=reuseReport
- 64. Maven configuration inside the build/plugins section <plugin> <groupId>org.pitest</groupId> <artifactId>pitest-maven</artifactId> <version>LATEST</version> <configuration> <inScopeClasses> <param>com.example*</param> </inScopeClasses> <targetClasses> <param>com.example*</param> </targetClasses> <outputFormats> <outputFormat>XML</outputFormat> </outputFormats>
- 74. Ignore files Ignore issues Ignore duplications Ignore code coverage Example: mvn sonar:sonar -Dsonar.exclusions= src/main/webapp/lib/*.js
- 86. Identity hotspots Use action plans Maybe use a less strict quality profile Add tasks/stories in the sprint to improve quality Monitor quality of new code
- 91. Create stories/tasks to improve the quality Perform manual code reviews Agree on a standard for items SonarQube cannot check Fix items or mark them as false positive Use separate logins Settings/reviews are project specific
- 92. Options to use SonarQube o Central server (commit AND nightly) o IDE plugin o Local in your development environment Check code quality before ‘To verify’ step o First merge your code so it is up to date Verifier should also verify the quality
- 94. “Once we accept our limits, we go beyond them.” - Albert Einstein
- 95. Ask me! Sonarqube.org Nemo example dashboard SonarQube books [email protected] @johanjanssen42
Editor's Notes
- #10: Source: http://www.unix-ag.uni-kl.de/~guenther/images/failure-small.jpg
- #38: Source: http://eugenedvorkin.com/wp-content/gallery/cache/220__320x240_code_reviews.jpg
- #85: Package tangle index and duplications from Jenkins
- #86: Package tangle index and duplications from Jenkins