Developers continuously strive to achieve higher levels of source code quality. It is the holy grail in the software development industry. Sonar is an all-out platform confronting quality from numerous aspects as it covers quality on seven axes, provides an abundance of hunting tools to pinpoint code defects, and continuously generates quality reports following the continuous inspection paradigm in an integrated environment. It offers a complete and cost-effective quality management solution, an invaluable tool for every business.
Sonar is an open source platform used by development teams to manage source code quality. Sonar has been developed with this main objective in mind: make code quality management accessible to everyone with minimal effort. As such, Sonar provides code analyzers, reporting tools, manual reviews, defect-hunting modules, and Time Machine as core functionalities. It also comes with a plugin mechanism enabling the community to extend the functionality, making Sonar the one-stop-shop for source code quality by addressing not only the developer's requirements, but also the manager's needs.
Sonar Code Quality Testing Essentials will help you understand the different factors that define code quality and how to improve your own or your team's code using Sonar.
You will learn to use Sonar effectively and explore the quality of your source code on the following axes:
Coding standards
Documentation and comments
Potential bugs and defects
Unit-testing coverage
Design and complexity
Through practical examples, you will customize Sonar components and widgets to identify areas where your source code is lacking. The book goes on to propose good practices and common solutions that you can put to use to improve such code.
You will start with installing and setting up a Sonar server and performing your first project analysis. Then you will go through the process of creating a custom and balanced quality profile exploring all Sonar components through practical examples. After reading the book, you will be able to analyze any project using Sonar and know how to read and evaluate quality metrics.
Hunting potential bugs and eliminating complexity are the hottest topics regarding code quality. The book will guide you through the process of finding such problematic areas, leveraging and customizing the most appropriate components. Knowing the best tool for each task is essential.
While you improve code and design through the book, you will notice that metrics go high and alerts turn green. You will use the Time Machine and the Timeline to examine how your changes affected the quality.
Sonar Code Quality Testing Essentials will enable you to perform custom quality analysis on any Java project and quickly gain insight on even large code bases, as well as provide possible solutions to code defects and complexity matters.
Chapter 1, An Overview of Sonar, covers the Sonar quality management platform and its features. It also discusses the different aspects of quality and the role of metrics.
Chapter 2, Installing Sonar, guides you to successfully installing the Sonar platform, and how to perform basic administration tasks such as backing up project data and installing plugins.
Chapter 3, Analyzing Your First Project, walks you through setting up a project for analysis and showcasing the Sonar dashboard. Finally, you will eliminate violations and further reflect on project quality and progression.
Chapter 4, Following Coding Standards, introduces coding standards and Sonar rules. You will learn how to detect coding standards errors and eliminate code violations through practical examples.
Chapter 5, Managing Measures and Getting Feedback, introduces Sonar quality profiles and discusses different development needs and rule sets. Additionally, the reader will learn how to create custom metric alerts and get visual feedback on quality and review historical data.
Chapter 6, Hunting Potential Bugs, covers code violations that can lead to potential software bugs. You will learn how to use Sonar hunting tools to detect such violations following practical examples.
Chapter 7, Refining Your Documentation, teaches how to find undocumented source code. We then discuss documentation practices and documentation-generation tools.
Chapter 8, Working with Duplicated Code, discusses code duplication and guides you on how to spot duplicated code and possible methods to eliminate it.
Chapter 9, Analyzing Complexity and Design, covers how software complexity is presented in Sonar and further discusses complexity metrics. You will get a good grasp of complexity metrics and learn how to identify and review them with Sonar.
Chapter 10, Code Coverage and Testing, covers how Sonar measures code coverage and how it helps in writing cost-effective unit tests covering complexity that matters.
Chapter 11, Integrating Sonar, introduces you to the Continuous Inspection Paradigm and serves as a reference guide on how to set up and enable an integrated build environment providing constant Sonar quality reporting.
Appendix, Sonar Metrics Index, has reference to software metrics supported by Sonar.
You will need the following software to follow the examples:
Java JDK 1.6+
Sonar latest version (http://www.sonarsource.org)
Eclipse (http://www.eclipse.org)
Apache Maven build tool (http://maven.apache.org/)
Apache Ant build tool (http://ant.apache.org/)
This book is for you if you are a Java developer or a Team Manager familiar with Java and want to ensure the quality of your code using Sonar. You should have a background with Java and unit testing in general. The book follows a step-by-step tutorial enriched with practical examples and the necessary screenshots for easy and quick learning.
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.
Code words in text are shown as follows: "Open a command prompt and type the telnet command."
A block of code is set as follows:
327 if (!Token.containsTokenWithValue(tokens, y) && years != 0) {
while (years != 0) {
months += 12 * years;
years = 0;
}
}
When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:
[INFO] Database dialect class org.sonar.jpa.dialect.MySql [INFO] Initializing Hibernate [INFO] ------------- Analyzing Commons Lang 3 [INFO] Selected quality profile : [name=Sonar way,language=java] [INFO] Configure maven plugins... [INFO] Compare to previous analysis [INFO] Compare over 5 days (2011-11-09) [INFO] Compare over 30 days (2011-10-15) [INFO] Sensor JavaSourceImporter... [INFO] Sensor JavaSourceImporter done: 32279 ms ... [INFO] Sensor TrackerSensor done: 1889 ms [INFO] Execute decorators... [INFO] ANALYSIS SUCCESSFUL, you can browse http://IP_ADDRESS:9000/sonar
Any command-line input or output is written as follows:
$ $SONAR_RUNNER_HOME/bin/sonar-runner -h
usage: sonar-runner [options]
Options:
-h,--help Display help information
-X,--debug Produce execution debug output
-D,--define <arg> Define property
New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "Select Add filter to navigate to filter configuration settings screen".
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title through the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
You can download the example code files for all Packt books you have purchased from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/support, selecting your book, clicking on the errata submission form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website, or added to any list of existing errata, under the Errata section of that title.
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
You can contact us at <[email protected]> if you are having a problem with any aspect of the book, and we will do our best to address it.