the story of sonarqube told to a devops engineer
DESCRIPTION
SonarQube is a open source code quality management platform. This talk focuses on the need, setup, CI Infrastructure and administration of the SonarQube to the DevOps community.TRANSCRIPT
The story of SonarQube told to a DevOps
Engineer
Manu PK
@manupk12
http://blog.manupk.com/
DevOps Bangalore Meetup March 1,2014
About Me
Agenda
Defining & Measuring code quality
DevOps and Code Quality
SonarQube Platform Overview
SonarQube - DevOps View
Lessons Learned
Defining & Measuring code quality
Code Quality or Intrinsic value of a software is typically measured by the term Technical Debt.
Technical debt metaphor referring to the eventual consequences of poor software development practices within a codebase – Wiki
Technical debt and Cost of Change
Parameters considered:- Coding standards breach, Duplications, Lack of unit tests, Bad distribution of complexity, Spaghetti Design etc...
DevOps and Code Quality
Typically managed by Dev Teams with some Tooling
support
Static code analyzers like findbugs, checkstyle, PMD
Design analyzer tools
Other tools…
What’s missing here…
Let’s make a fresh start - Finding new violations
Centralized Repository to manage and track issues
Convincing management for a re-factoring
Enter the …
What is SonarQube
SonarQube is an open source platform for Continuous Inspection of code quality.
Main Features Supports over 20 languages including Java, C#, C/C++,
PL/SQL, Javascript, PHP, Web, XML, etc.
Analyze Code, Report and Take Actions
Spot Trends with Continuous Time Series Reporting
Identify Defects on Latest Changes with Differential Views
Integrate and Automate
Read more @ http://www.sonarqube.org/features/
http://www.sonarsource.com/products/features/continuous-inspection/
SonarQube Platform Overview
Demo
SonarQube - DevOps View
Database
MS SQL Server
My SQL
VM to run the Sonar
Windows or Linux
Locate the analyzer
Local Analysis from Dev machines(Preview mode) – To
be used to check the code before the check-in.
Trigger the analysis from CI server – Stores the date to
DB
SonarQube - DevOps View contd…
Administration
Security, Access Control,
Update Centre
Plug-in based Architecture
Co-ordinate with Dev Teams to get the required plugins
Dashboards
Setup Basic Dashboards
Where does it fit in
Your CI Environment
Connecting to CI Server (like Hudson )
CI Support
Hudson, Jenkins
Download the Plug-in for Hudson
Configure the Sonar properties
Set the Trigger for analysis
Demo
Continuous Inspection of code
Lessons Learned
Communication
Developers
DBAs
Web Ops Team
Windows Services Issue
Summary
Detect the evil within!
DevOps help an organization rapidly produce
Quality software products and services
Measure Quality with SonarQube
Help your developers to make the code base cleaner
than Inherited
Questions / Comments /
Feedback
@manupk12| [email protected]
Slides @
http://www.slideshare.net/pkmanu
References
SonarQube on Wiki
Sonar Documentation
DevOps Wiki
Thank You
for Listening