Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

SonarQube

No description
by

Nitesh Gupta

on 18 September 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of SonarQube

SonarQube
Agenda
What is SonarQube?
Why SonarQube?
Features
How to configure and use SonarQube?
What is SonarQube?
Why SonarQube?
What is PMD?
Features
At a Glance
How to Configure & Use SonarQube?
Install
SonarQube (Formally known as Sonar) is an open platform to manage code quality. As such, it covers the 7 axes of code quality:
Developers' Seven Deadly Sins
Bad Distribution of Complexity
Duplications
Lack of Unit Tests
No Coding Standards
Not Enough or Too Many Comments
Potential Bugs
Spaghetti Design
PMD is used for detecting bad practices in code, which is intended decrease the number of bugs in your code.
What is FindBugs?
FindBug scans your code for bugs, breaking down the list of bugs in your code into a ranked list on a 20-point scale. The lower the number the scarier the bug.
What are other Code Quality Tools ?
PMD
FindBug
CheckStyle
What is Checkstyle?
Checkstyle is incredibly useful in a team environment. It helps you maintain your code easier because it’s more readable as a result of adhering to code standards that it introduces, such as complaining about poor formatting in your source code.
What Is What?
Most polished tool in the code quality space.
Literally includes PMD, FindBugs and Checkstyle
Some excellent support for tools in the Java ecosystem.
Also includes Clover, Cobertura, Emma, JaCoCo, etc.
Very convenient to use, especially if we already using Maven.
In a large, enterprise environment, Sonar and some combination of the previous tools is essential.
Then Why?
Seven Deadly Sins
Languages Support
Time Machine
Pre-Commit Check
Zoom to the Source
Automate
Security
Extend
Integrate
To manage code quality at the file, module, project or portfolio level, SonarQube’s numerous dashboards offer quick insight.
Several methods are available to replay the past, showing how your metrics evolved: tables, timelines, dynamic charts, etc. This will ensure progress get tracked over time.
More than 20 different languages, including Java, C#, C/C++, Cobol, PL/SQL, ABAP, Javascript, PHP, Web, XML, etc. are supported. The platform also offers the ability to add your own rules on those languages.
The platform covers the Seven Axes of Quality, also known as Developers’ Seven Deadly Sins: Duplications, Coding standards, Lack of coverage, Potential bugs, Complexity, Documentation and Design.
Source code can be checked before pushing changes to the SCM: either directly in Eclipse or through a batch with the Issues Report plugin. Both let you make sure that you are not introducing new quality issues.
Whatever you are looking at, a project, group of projects, and so on, you can break down any metric in a few clicks, and drill down to the source of the information: the source code!
It can be extended with the 60+ plugins that are available through the SonarQube plugins library. You can also develop your own plugins.
A complete mechanism for authentication and authorization is available out of the box, or through an external system such as LDAP or to use SSO.
Quality analyses can be integrated into continuous integration server to fully automate the process for Continuous Inspection.
Integration comes out of the box with standard ALM components such as Maven, Ant, SVN, Git, Mercurial, etc.
Configure
Go to Window > Preferences > Sonar > Servers.
Linking for the first time
Right-click on the project in the Project Explorer, and then Configure > Associate with Sonar
Browsing SonarQube
Sonar Issues View (displays local or remote information depending on the selected mode)
Sonar Web Browser View (displays remote information only)
Working With SonarQube
Fixing an Issue
A double-click on an issue icon opens the source code editor and highlights the issue:
Reviewing an Issue (Remote)
Checking Code Prior to Commit
Full transcript