394 Pages·2014·17.75 MB·English
IN ACTION G. Ann Campbell Patroklos P. Papapetrou FOREWORD BY Olivier Gaudin M A N N I N G SonarQube in Action SonarQube in Action G. ANN CAMPBELL PATROKLOS P. PAPAPETROU MANNING SHELTER ISLAND For online information and ordering of this and other Manning books, please visit www.manning.com. The publisher offers discounts on this book when ordered in quantity. For more information, please contact Special Sales Department Manning Publications Co. 20 Baldwin Road PO Box 761 Shelter Island, NY 11964 Email: [email protected] ©2014 by Manning Publications Co. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps. Recognizing the importance of preserving what has been written, it is Manning’s policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15 percent recycled and processed without the use of elemental chlorine. Manning Publications Co. Development editor: Susanna Kline 20 Baldwin Road Copyeditor: Tiffany Taylor PO Box 261 Proofreader: Toma Mulligan Shelter Island, NY 11964 Typesetter: Dottie Marsico Cover designer: Marija Tudor ISBN 9781617290954 Printed in the United States of America 1 2 3 4 5 6 7 8 9 10 – EBM – 18 17 16 15 14 13 To the software architects, programmers, testers, project managers, executives, and end users of every piece of software ever written. We hope this book will make your lives easier. brief contents PART 1 WHAT THE NUMBERS ARE TELLING YOU .........................1 1 ■ An introduction to SonarQube 3 2 ■ Issues and coding standards 26 3 ■ Ensuring that your code is doing things right 42 4 ■ Working with duplicate code 64 5 ■ Optimizing source code documentation 82 6 ■ Keeping your source code files elegant 96 7 ■ Improving your application design 113 PART 2 SETTLING IN WITH SONARQUBE................................135 8 ■ Planning a strategy and expanding your insight 137 9 ■ Continuous Inspection with SonarQube 156 10 ■ Letting SonarQube drive code reviews 178 11 ■ IDE integration 205 PART 3 ADMINISTERING AND EXTENDING...............................221 12 ■ Security: users, groups, and roles 223 13 ■ Rule profile administration 237 14 ■ Making SonarQube fit your needs 262 15 ■ Managing your projects 287 16 ■ Writing your own plugin 305 vii contents foreword xvii preface xix acknowledgments xxi about this book xxiii about the cover illustration xxviii PART 1 WHAT THE NUMBERS ARE TELLING YOU ................1 1 An introduction to SonarQube 3 1.1 Why SonarQube 4 Proven technologies 6 ■ Multilingual: SonarQube speaks your language 6 1.2 Running your first analysis 7 Installation considerations 7 ■ Analyzing with SonarQube Runner 8 ■ Analyzing multilanguage projects 9 ■ Seeing the output: SonarQube’s front page 9 ■ Drilling in: the dashboard 10 1.3 Seven Axes of Quality 13 Potential bugs and coding rules 14 ■ Tests 15 ■ Comments and duplications 15 ■ Architecture and design 16 Complexity 18 1.4 The languages SonarQube covers 18 ix

Security: users, groups, and roles 223. 13 □. Rule profile .. Thanks to Christina Rudolph and Michael Stephens, who were the first two people we talked with about the book. and Product Director Freddy Mallet reviewed each chapter, offering invaluable feed- back and insight. The fact that we have
