Continuous Inspection to the Rescue
Agenda
-
Why do you listen to me?
Your, my, our problems...
-
SonarQube
Know your tools
-
Continuous Inspection
... to the Rescue
-
Demo Time!
Hands on
Why do you listen to me?
Maybe you also face problems in your projects like:
- code becomes more cluttered over time
- complexity increases, testability decreases
- hard to find all problematic places in your code base
- impossible to fix all problems at once
SonarQube
It's is a code quality management tool:
- web application running on JVM
- measures different metrics regarding code quality
- integrates different well-known tools like Findbugs, PMD and Checkstyle
- tracks metrics over time: software is not static, it continuously evolves
- easy to see trends
SonarQube - General Hints
- understand what is measured: Metric Definitions
- one analysis per day is enough
- use the widgets you need
- define alerts that helps your team and ensures discipline
SonarQube - General Hints
Different dashboards for different roles.
For developers:
SonarQube - General Hints
And a different one for tech lead of the project:
SonarQube - Pimp it
Upgrade your tool before you start:
- necessary plugin to be ready: scm activity
- nice to have: weighted violations, taglist, security rules, build breaker
- for high level overview: SIG maintainability model, technical debt, quality index
Continuous Inspection
To sum up: feedback loop regarding internal code quality.
To be honest:
- it's nothing new
- BUT: with SonarQube you have the right tool (imho)
Continuous Inspection can be described by a workflow.
CI - Step 1
CI - Step 2
CI - Step 2
Use differential views to see what's new.
CI - Step 2
Create a review for the developer who introduced a new violation.
CI - Step 3
CI - Step 3
Use SonarQube to list and filter your reviews.
CI - Step 4
#
←
→
/