SlideShare a Scribd company logo

Software Development Quality Control with SONAR

Cornelius Mellino
Cornelius Mellino
1 of 33
Download to read offline
Software Development Quality Control with SONAR Cornelius Mellino, PMP.
From theory ... into practice • Learning experience : IS Management at Binus MMSI. (2008-2010) • Working experience : • IT Manager at Prasetiya Mulia. (2009) • Senior Java Developer at Knowment AIE. (2010) • Project Manager at Telkomsigma (2011-now) Experience without theory is blind, but theory without experience is mere intellectual play. – Immanuel Kant
Scenario 1: • Your team doesn’t collect code metrics from projects. Therefore, your code base could be getting worse and worse without anyone ever noticing. You might start noticing when the technical debt (we will elaborate on this concept later) has reached a certain level where it’s tooexpensive to address them, given the time and budget constraints. http://blogs.sourceallies.com - Akrem Saed
The Answer • Collecting code metrics continuously can give your team the advantage of keeping the technical debt of your code base under control. For example, you can make it a rule that you don’t allow your code base to extend beyond a certain threshold in terms of some metric values. Whenever that threshold is reached you are notified immediately through your continuous build. • Implements LEAD MEASURES
Scenario 2: • Time and time again I’ve witnessed teams that start refactoring because they are convinced the code base was bad in terms of performance, brittleness, instability, difficulty to maintain and/or to extend. While our intentions are good, we don’t know what part of the code base is responsible for the issue we encounter. Hence, there is a good chance changes will be applied to the wrong code. Or we end up refactoring the right code in the wrong way. Or we only fix part of the problem. http://blogs.sourceallies.com - Akrem Saed
The Answer • This is where metrics and tools like Sonar can help. • Sonar points out the parts of the code that are causing problems. • Once these issues are identified they can be prioritized and added to the backlog. • Sonar helps teams identify and address issues with confidence.
Scenario 3: • Another team is the best in the world and has remarkable instincts in identifying and correcting issues, but they fail to track the quantity of issues fixed in their triumphant voyage. • Let’s face it, managers and team leaders would definitely appreciate having a clear idea of how many improvements were made with their resources and budget. • They also want to know which issues still need to be fixed in the future. http://blogs.sourceallies.com - Akrem Saed
The Answer • Now, if you preserve a snapshot of metric values before the voyage, you could report something like this “… before our code base was 75% compliant with the company’s best practices and now it’s at 95%”. • Sonar helps you track yourimprovement progress.
If you can’t measure it, you can’t improve it. - Peter Drucker
Why Sonar? • Free • Quantitative measurements of code quality • A set of measurement metrics • Discourage bad practices
Quantitative measurements of code quality
A set of measurement metrics
Discourage bad practices
Sonar give guidances
Broken Window Theory • Don’t leave “broken windows” (bad designs, wrong decisions, or poor code) unrepaired. Fix each one as soon as it is discovered. If there is insufficient time to fix it properly, then board it up. Perhaps you can comment out the offending code, or display a “Not Implemented” message, or substitute dummy data instead. Take some action to prevent further damage and to show that you’re on top of the situation.
Broken Window Theory • We’ve seen clean, functional systems deteriorate pretty quickly once windows start breaking. There are other factors that can contribute to software rot, and we’ll touch on some of them elsewhere, but neglect accelerates the rot faster than any other factor. • You may be thinking that no one has the time to go around cleaning up all the broken glass of a project. If you continue to think like that, then you’d better plan on getting a dumpster, or moving to another neighborhood. Don’t let entropy win.
• Continuously collecting and reviewing software metrics can help identify andfix “broken windows” before they affect other windows. • The longer a bad design and bad code are left unfixed, the more vulnerable your code is to receiving additional hacks. Leads to bigger Nonconformance Cost. http://blogs.sourceallies.com - Akrem Saed
“Quality is not an act, it is a habit.” ―Aristotle
Sonar is Not Alone • Sonar uses various static code analysis tools such as Checkstyle, PMD, FindBugs, Clover to extract software metrics, which then can be used to improve software quality.
The Metrics
Technical Debt http://c2.com/doc/oopsla92.html http://docs.codehaus.org/display/SONAR/Technical+Debt+Plugin
The Formula • Debt(in man days) = cost_to_fix_duplications + cost_to_fix_violations + cost_to_comment_public_API + cost_to_fix_uncovered_complexity + cost_to_bring_complexity_below_threshold http://c2.com/doc/oopsla92.html http://docs.codehaus.org/display/SONAR/Technical+Debt+Plugin
The Formula • Duplications = cost_to_fix_one_block * duplicated_blocks • Violations = cost_to fix_one_violation * mandatory_violations • Comments = cost_to_comment_one_API * public_undocumented_api • Coverage = cost_to_cover_one_of_complexity * uncovered_complexity_by_tests (80% of coverage is the objective) • Complexity = cost_to_split_a_method * (function_complexity_distribution >= 8) + cost_to_split_a_class * (class_complexity_distribution >= 60) http://c2.com/doc/oopsla92.html http://docs.codehaus.org/display/SONAR/Technical+Debt+Plugin
Duplication
Complexity
Sonar Metric Definitions • http://docs.codehaus.org/display/SONAR/Metric +definitions o Complexity o Design o Documentation o Duplications o Reviews o Rules o Size o Tests
“Quality is everyone's responsibility.” ―W. Edwards Deming
Software Development Quality Control with SONAR

Recommended

Continuous integration using Jenkins and Sonar
Continuous integration using Jenkins and SonarContinuous integration using Jenkins and Sonar
Continuous integration using Jenkins and SonarPascal Larocque
 
Next level of Appium
Next level of AppiumNext level of Appium
Next level of AppiumKeshav Kashyap
 
Automate you Appium test like a pro!
Automate you Appium test like a pro!Automate you Appium test like a pro!
Automate you Appium test like a pro!TestObject - Mobile Testing
 
Sonar qube to impove code quality
Sonar qube to impove code qualitySonar qube to impove code quality
Sonar qube to impove code qualityMani Sarkar
 
Test automation with Cucumber-JVM
Test automation with Cucumber-JVMTest automation with Cucumber-JVM
Test automation with Cucumber-JVMAlan Parkinson
 
Tracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQubeTracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQubePatroklos Papapetrou (Pat)
 
Story Testing Approach for Enterprise Applications using Selenium Framework
Story Testing Approach for Enterprise Applications using Selenium FrameworkStory Testing Approach for Enterprise Applications using Selenium Framework
Story Testing Approach for Enterprise Applications using Selenium FrameworkOleksiy Rezchykov
 
Gerrit is Getting Native with RPM, Deb and Docker
Gerrit is Getting Native with RPM, Deb and DockerGerrit is Getting Native with RPM, Deb and Docker
Gerrit is Getting Native with RPM, Deb and DockerLuca Milanesio
 

Recommended

Continuous integration using Jenkins and Sonar
Continuous integration using Jenkins and SonarContinuous integration using Jenkins and Sonar
Continuous integration using Jenkins and SonarPascal Larocque
 
Next level of Appium
Next level of AppiumNext level of Appium
Next level of AppiumKeshav Kashyap
 
Automate you Appium test like a pro!
Automate you Appium test like a pro!Automate you Appium test like a pro!
Automate you Appium test like a pro!TestObject - Mobile Testing
 
Sonar qube to impove code quality
Sonar qube to impove code qualitySonar qube to impove code quality
Sonar qube to impove code qualityMani Sarkar
 
Test automation with Cucumber-JVM
Test automation with Cucumber-JVMTest automation with Cucumber-JVM
Test automation with Cucumber-JVMAlan Parkinson
 
Tracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQubeTracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQubePatroklos Papapetrou (Pat)
 
Story Testing Approach for Enterprise Applications using Selenium Framework
Story Testing Approach for Enterprise Applications using Selenium FrameworkStory Testing Approach for Enterprise Applications using Selenium Framework
Story Testing Approach for Enterprise Applications using Selenium FrameworkOleksiy Rezchykov
 
Gerrit is Getting Native with RPM, Deb and Docker
Gerrit is Getting Native with RPM, Deb and DockerGerrit is Getting Native with RPM, Deb and Docker
Gerrit is Getting Native with RPM, Deb and DockerLuca Milanesio
 
Introduction to Bdd and cucumber
Introduction to Bdd and cucumberIntroduction to Bdd and cucumber
Introduction to Bdd and cucumberNibu Baby
 
DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)
DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)
DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)Alvaro Sanchez-Mariscal
 
Design First API's with RAML and SoapUI
Design First API's with RAML and SoapUIDesign First API's with RAML and SoapUI
Design First API's with RAML and SoapUIDaniel Feist
 
Gerrit Code Review with GitHub plugin
Gerrit Code Review with GitHub pluginGerrit Code Review with GitHub plugin
Gerrit Code Review with GitHub pluginLuca Milanesio
 
How To Use Selenium Successfully (Java Edition)
How To Use Selenium Successfully (Java Edition)How To Use Selenium Successfully (Java Edition)
How To Use Selenium Successfully (Java Edition)Dave Haeffner
 
Automated Testing With Jasmine, PhantomJS and Jenkins
Automated Testing With Jasmine, PhantomJS and JenkinsAutomated Testing With Jasmine, PhantomJS and Jenkins
Automated Testing With Jasmine, PhantomJS and JenkinsWork at Play
 
Introduction to BDD with Cucumber for Java
Introduction to BDD with Cucumber for JavaIntroduction to BDD with Cucumber for Java
Introduction to BDD with Cucumber for JavaSeb Rose
 
Behavior Driven Development with Cucumber
Behavior Driven Development with CucumberBehavior Driven Development with Cucumber
Behavior Driven Development with CucumberBrandon Keepers
 
Writing Software not Code with Cucumber
Writing Software not Code with CucumberWriting Software not Code with Cucumber
Writing Software not Code with CucumberBen Mabey
 
Automation Testing by Selenium Web Driver
Automation Testing by Selenium Web DriverAutomation Testing by Selenium Web Driver
Automation Testing by Selenium Web DriverCuelogic Technologies Pvt. Ltd.
 
How Git and Gerrit make you more productive
How Git and Gerrit make you more productiveHow Git and Gerrit make you more productive
How Git and Gerrit make you more productiveKarsten Dambekalns
 
Gerrit Code Review
Gerrit Code ReviewGerrit Code Review
Gerrit Code ReviewLuca Milanesio
 
Testing Microservices with a Citrus twist
Testing Microservices with a Citrus twistTesting Microservices with a Citrus twist
Testing Microservices with a Citrus twistchristophd
 
Capybara testing
Capybara testingCapybara testing
Capybara testingFutureworkz
 
Bdd (Behavior Driven Development)
Bdd (Behavior Driven Development)Bdd (Behavior Driven Development)
Bdd (Behavior Driven Development)Helder De Oliveira
 
Testing Java EE apps with Arquillian
Testing Java EE apps with ArquillianTesting Java EE apps with Arquillian
Testing Java EE apps with ArquillianIvan Ivanov
 
Workshop calabash appium
Workshop calabash appiumWorkshop calabash appium
Workshop calabash appiumEnrique Sánchez-Bayuela
 
Arquillian & Citrus
Arquillian & CitrusArquillian & Citrus
Arquillian & Citruschristophd
 
Lunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and CapybaraLunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and CapybaraMarc Seeger
 
Automated Acceptance Tests & Tool choice
Automated Acceptance Tests & Tool choiceAutomated Acceptance Tests & Tool choice
Automated Acceptance Tests & Tool choicetoddbr
 
Resource Strategy 2013
Resource Strategy 2013Resource Strategy 2013
Resource Strategy 2013Cornelius Mellino
 
Mobile Apps Development Competency Building Roadmap
Mobile Apps Development Competency Building RoadmapMobile Apps Development Competency Building Roadmap
Mobile Apps Development Competency Building RoadmapCornelius Mellino
 

More Related Content

Viewers also liked

Introduction to Bdd and cucumber
Introduction to Bdd and cucumberIntroduction to Bdd and cucumber
Introduction to Bdd and cucumberNibu Baby
 
DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)
DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)
DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)Alvaro Sanchez-Mariscal
 
Design First API's with RAML and SoapUI
Design First API's with RAML and SoapUIDesign First API's with RAML and SoapUI
Design First API's with RAML and SoapUIDaniel Feist
 
Gerrit Code Review with GitHub plugin
Gerrit Code Review with GitHub pluginGerrit Code Review with GitHub plugin
Gerrit Code Review with GitHub pluginLuca Milanesio
 
How To Use Selenium Successfully (Java Edition)
How To Use Selenium Successfully (Java Edition)How To Use Selenium Successfully (Java Edition)
How To Use Selenium Successfully (Java Edition)Dave Haeffner
 
Automated Testing With Jasmine, PhantomJS and Jenkins
Automated Testing With Jasmine, PhantomJS and JenkinsAutomated Testing With Jasmine, PhantomJS and Jenkins
Automated Testing With Jasmine, PhantomJS and JenkinsWork at Play
 
Introduction to BDD with Cucumber for Java
Introduction to BDD with Cucumber for JavaIntroduction to BDD with Cucumber for Java
Introduction to BDD with Cucumber for JavaSeb Rose
 
Behavior Driven Development with Cucumber
Behavior Driven Development with CucumberBehavior Driven Development with Cucumber
Behavior Driven Development with CucumberBrandon Keepers
 
Writing Software not Code with Cucumber
Writing Software not Code with CucumberWriting Software not Code with Cucumber
Writing Software not Code with CucumberBen Mabey
 
How Git and Gerrit make you more productive
How Git and Gerrit make you more productiveHow Git and Gerrit make you more productive
How Git and Gerrit make you more productiveKarsten Dambekalns
 
Testing Microservices with a Citrus twist
Testing Microservices with a Citrus twistTesting Microservices with a Citrus twist
Testing Microservices with a Citrus twistchristophd
 
Capybara testing
Capybara testingCapybara testing
Capybara testingFutureworkz
 
Bdd (Behavior Driven Development)
Bdd (Behavior Driven Development)Bdd (Behavior Driven Development)
Bdd (Behavior Driven Development)Helder De Oliveira
 
Testing Java EE apps with Arquillian
Testing Java EE apps with ArquillianTesting Java EE apps with Arquillian
Testing Java EE apps with ArquillianIvan Ivanov
 
Arquillian & Citrus
Arquillian & CitrusArquillian & Citrus
Arquillian & Citruschristophd
 
Lunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and CapybaraLunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and CapybaraMarc Seeger
 
Automated Acceptance Tests & Tool choice
Automated Acceptance Tests & Tool choiceAutomated Acceptance Tests & Tool choice
Automated Acceptance Tests & Tool choicetoddbr
 

Viewers also liked (20)

Introduction to Bdd and cucumber
Introduction to Bdd and cucumberIntroduction to Bdd and cucumber
Introduction to Bdd and cucumber
 
DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)
DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)
DevQA: make your testers happier with Groovy, Spock and Geb (Greach 2014)
 
Design First API's with RAML and SoapUI
Design First API's with RAML and SoapUIDesign First API's with RAML and SoapUI
Design First API's with RAML and SoapUI
 
Gerrit Code Review with GitHub plugin
Gerrit Code Review with GitHub pluginGerrit Code Review with GitHub plugin
Gerrit Code Review with GitHub plugin
 
How To Use Selenium Successfully (Java Edition)
How To Use Selenium Successfully (Java Edition)How To Use Selenium Successfully (Java Edition)
How To Use Selenium Successfully (Java Edition)
 
Automated Testing With Jasmine, PhantomJS and Jenkins
Automated Testing With Jasmine, PhantomJS and JenkinsAutomated Testing With Jasmine, PhantomJS and Jenkins
Automated Testing With Jasmine, PhantomJS and Jenkins
 
Introduction to BDD with Cucumber for Java
Introduction to BDD with Cucumber for JavaIntroduction to BDD with Cucumber for Java
Introduction to BDD with Cucumber for Java
 
Behavior Driven Development with Cucumber
Behavior Driven Development with CucumberBehavior Driven Development with Cucumber
Behavior Driven Development with Cucumber
 
Writing Software not Code with Cucumber
Writing Software not Code with CucumberWriting Software not Code with Cucumber
Writing Software not Code with Cucumber
 
Automation Testing by Selenium Web Driver
Automation Testing by Selenium Web DriverAutomation Testing by Selenium Web Driver
Automation Testing by Selenium Web Driver
 
How Git and Gerrit make you more productive
How Git and Gerrit make you more productiveHow Git and Gerrit make you more productive
How Git and Gerrit make you more productive
 
Gerrit Code Review
Gerrit Code ReviewGerrit Code Review
Gerrit Code Review
 
Testing Microservices with a Citrus twist
Testing Microservices with a Citrus twistTesting Microservices with a Citrus twist
Testing Microservices with a Citrus twist
 
Capybara testing
Capybara testingCapybara testing
Capybara testing
 
Bdd (Behavior Driven Development)
Bdd (Behavior Driven Development)Bdd (Behavior Driven Development)
Bdd (Behavior Driven Development)
 
Testing Java EE apps with Arquillian
Testing Java EE apps with ArquillianTesting Java EE apps with Arquillian
Testing Java EE apps with Arquillian
 
Workshop calabash appium
Workshop calabash appiumWorkshop calabash appium
Workshop calabash appium
 
Arquillian & Citrus
Arquillian & CitrusArquillian & Citrus
Arquillian & Citrus
 
Lunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and CapybaraLunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and Capybara
 
Automated Acceptance Tests & Tool choice
Automated Acceptance Tests & Tool choiceAutomated Acceptance Tests & Tool choice
Automated Acceptance Tests & Tool choice
 

More from Cornelius Mellino

Mobile Apps Development Competency Building Roadmap
Mobile Apps Development Competency Building RoadmapMobile Apps Development Competency Building Roadmap
Mobile Apps Development Competency Building RoadmapCornelius Mellino
 
7 Basic Tools of Quality Control - A Brief Review
7 Basic Tools of Quality Control - A Brief Review7 Basic Tools of Quality Control - A Brief Review
7 Basic Tools of Quality Control - A Brief ReviewCornelius Mellino
 
Software Development Process Improvement
Software Development Process ImprovementSoftware Development Process Improvement
Software Development Process ImprovementCornelius Mellino
 
Business Analysis Tools - Part 2
Business Analysis Tools - Part 2Business Analysis Tools - Part 2
Business Analysis Tools - Part 2Cornelius Mellino
 
Strategy Map - Software Development Improvement
Strategy Map - Software Development ImprovementStrategy Map - Software Development Improvement
Strategy Map - Software Development ImprovementCornelius Mellino
 
Ch09 human resources management v1.2
Ch09 human resources management v1.2Ch09 human resources management v1.2
Ch09 human resources management v1.2Cornelius Mellino
 
Ch01 pmp exam prep guideline v1.1
Ch01 pmp exam prep guideline v1.1Ch01 pmp exam prep guideline v1.1
Ch01 pmp exam prep guideline v1.1Cornelius Mellino
 
93137437 chen-style-taijiquan-practical-boxing-hong-junsheng
93137437 chen-style-taijiquan-practical-boxing-hong-junsheng93137437 chen-style-taijiquan-practical-boxing-hong-junsheng
93137437 chen-style-taijiquan-practical-boxing-hong-junshengCornelius Mellino
 

More from Cornelius Mellino (11)

Resource Strategy 2013
Resource Strategy 2013Resource Strategy 2013
Resource Strategy 2013
 
Mobile Apps Development Competency Building Roadmap
Mobile Apps Development Competency Building RoadmapMobile Apps Development Competency Building Roadmap
Mobile Apps Development Competency Building Roadmap
 
SMART Objective
SMART ObjectiveSMART Objective
SMART Objective
 
7 Basic Tools of Quality Control - A Brief Review
7 Basic Tools of Quality Control - A Brief Review7 Basic Tools of Quality Control - A Brief Review
7 Basic Tools of Quality Control - A Brief Review
 
Software Development Process Improvement
Software Development Process ImprovementSoftware Development Process Improvement
Software Development Process Improvement
 
Business Analysis Tools - Part 2
Business Analysis Tools - Part 2Business Analysis Tools - Part 2
Business Analysis Tools - Part 2
 
PSI Strategy Assessment
PSI Strategy AssessmentPSI Strategy Assessment
PSI Strategy Assessment
 
Strategy Map - Software Development Improvement
Strategy Map - Software Development ImprovementStrategy Map - Software Development Improvement
Strategy Map - Software Development Improvement
 
Ch09 human resources management v1.2
Ch09 human resources management v1.2Ch09 human resources management v1.2
Ch09 human resources management v1.2
 
Ch01 pmp exam prep guideline v1.1
Ch01 pmp exam prep guideline v1.1Ch01 pmp exam prep guideline v1.1
Ch01 pmp exam prep guideline v1.1
 
93137437 chen-style-taijiquan-practical-boxing-hong-junsheng
93137437 chen-style-taijiquan-practical-boxing-hong-junsheng93137437 chen-style-taijiquan-practical-boxing-hong-junsheng
93137437 chen-style-taijiquan-practical-boxing-hong-junsheng
 

Software Development Quality Control with SONAR

  • 2. From theory ... into practice • Learning experience : IS Management at Binus MMSI. (2008-2010) • Working experience : • IT Manager at Prasetiya Mulia. (2009) • Senior Java Developer at Knowment AIE. (2010) • Project Manager at Telkomsigma (2011-now) Experience without theory is blind, but theory without experience is mere intellectual play. – Immanuel Kant
  • 3.
  • 4.
  • 5. Scenario 1: • Your team doesn’t collect code metrics from projects. Therefore, your code base could be getting worse and worse without anyone ever noticing. You might start noticing when the technical debt (we will elaborate on this concept later) has reached a certain level where it’s tooexpensive to address them, given the time and budget constraints. http://blogs.sourceallies.com - Akrem Saed
  • 6.
  • 7. The Answer • Collecting code metrics continuously can give your team the advantage of keeping the technical debt of your code base under control. For example, you can make it a rule that you don’t allow your code base to extend beyond a certain threshold in terms of some metric values. Whenever that threshold is reached you are notified immediately through your continuous build. • Implements LEAD MEASURES
  • 8. Scenario 2: • Time and time again I’ve witnessed teams that start refactoring because they are convinced the code base was bad in terms of performance, brittleness, instability, difficulty to maintain and/or to extend. While our intentions are good, we don’t know what part of the code base is responsible for the issue we encounter. Hence, there is a good chance changes will be applied to the wrong code. Or we end up refactoring the right code in the wrong way. Or we only fix part of the problem. http://blogs.sourceallies.com - Akrem Saed
  • 9. The Answer • This is where metrics and tools like Sonar can help. • Sonar points out the parts of the code that are causing problems. • Once these issues are identified they can be prioritized and added to the backlog. • Sonar helps teams identify and address issues with confidence.
  • 10. Scenario 3: • Another team is the best in the world and has remarkable instincts in identifying and correcting issues, but they fail to track the quantity of issues fixed in their triumphant voyage. • Let’s face it, managers and team leaders would definitely appreciate having a clear idea of how many improvements were made with their resources and budget. • They also want to know which issues still need to be fixed in the future. http://blogs.sourceallies.com - Akrem Saed
  • 11. The Answer • Now, if you preserve a snapshot of metric values before the voyage, you could report something like this “… before our code base was 75% compliant with the company’s best practices and now it’s at 95%”. • Sonar helps you track yourimprovement progress.
  • 12. If you can’t measure it, you can’t improve it. - Peter Drucker
  • 13.
  • 14. Why Sonar? • Free • Quantitative measurements of code quality • A set of measurement metrics • Discourage bad practices
  • 16. A set of measurement metrics
  • 19. Broken Window Theory • Don’t leave “broken windows” (bad designs, wrong decisions, or poor code) unrepaired. Fix each one as soon as it is discovered. If there is insufficient time to fix it properly, then board it up. Perhaps you can comment out the offending code, or display a “Not Implemented” message, or substitute dummy data instead. Take some action to prevent further damage and to show that you’re on top of the situation.
  • 20. Broken Window Theory • We’ve seen clean, functional systems deteriorate pretty quickly once windows start breaking. There are other factors that can contribute to software rot, and we’ll touch on some of them elsewhere, but neglect accelerates the rot faster than any other factor. • You may be thinking that no one has the time to go around cleaning up all the broken glass of a project. If you continue to think like that, then you’d better plan on getting a dumpster, or moving to another neighborhood. Don’t let entropy win.
  • 21. • Continuously collecting and reviewing software metrics can help identify andfix “broken windows” before they affect other windows. • The longer a bad design and bad code are left unfixed, the more vulnerable your code is to receiving additional hacks. Leads to bigger Nonconformance Cost. http://blogs.sourceallies.com - Akrem Saed
  • 22. “Quality is not an act, it is a habit.” ―Aristotle
  • 23. Sonar is Not Alone • Sonar uses various static code analysis tools such as Checkstyle, PMD, FindBugs, Clover to extract software metrics, which then can be used to improve software quality.
  • 25.
  • 27. The Formula • Debt(in man days) = cost_to_fix_duplications + cost_to_fix_violations + cost_to_comment_public_API + cost_to_fix_uncovered_complexity + cost_to_bring_complexity_below_threshold http://c2.com/doc/oopsla92.html http://docs.codehaus.org/display/SONAR/Technical+Debt+Plugin
  • 28. The Formula • Duplications = cost_to_fix_one_block * duplicated_blocks • Violations = cost_to fix_one_violation * mandatory_violations • Comments = cost_to_comment_one_API * public_undocumented_api • Coverage = cost_to_cover_one_of_complexity * uncovered_complexity_by_tests (80% of coverage is the objective) • Complexity = cost_to_split_a_method * (function_complexity_distribution >= 8) + cost_to_split_a_class * (class_complexity_distribution >= 60) http://c2.com/doc/oopsla92.html http://docs.codehaus.org/display/SONAR/Technical+Debt+Plugin
  • 31. Sonar Metric Definitions • http://docs.codehaus.org/display/SONAR/Metric +definitions o Complexity o Design o Documentation o Duplications o Reviews o Rules o Size o Tests
  • 32. “Quality is everyone's responsibility.” ―W. Edwards Deming