JAVA AND MORE kNOWLEDGE SHARING
TECHNICAL SITE INFORMATION
TECHNICAL SITE INFORMATION.xls | |
File Size: | 90 kb |
File Type: | xls |
TOOL FOR J2EE DEVELOPERS
There are many open source tools that we can use to manage and improve code quality of Java projects, such as static code analysis and code coverage tools. It is very important that we standardize on not only set of tools but also code analysis rule sets for each tool that we use to generate code quality metrics(violations, code coverage etc.), so that we will be able to enforce code quality standards that all the projects must meet.
Use Eclipse Check style Plugin
- Check style (http://checkstyle.sourceforge.net)
- Used to find code quality issues that lead to unmanageable code, performance issues etc.
- Identified rule set we will start with; will fine tune as needed. (progressively tighten if needed)
- Testing Entrance Criteria: No "Error Level" issues are present.
Download Eclipse Check style Plug-in: http://sourceforge.net/projects/eclipse-cs/files/
http://sourceforge.net/projects/eclipse-cs/files/Eclipse%20Checkstyle%20Plug-in/v4.4.2/com.atlassw.tools.eclipse.checkstyle_4.4.2-updatesite.zip/download
- Extract the downloaded zip file to a local folder.
- Open Eclipse, go to Help -> Software Updates, and click Add Site....
- Click Local..., select the folder where the zip file is extracted to.
- Expand the local site you just added and select Eclipse Check style Plug-in, and click install...
- Restart Eclipse.
- Open Eclipse, go to Window -> Preferences, and select Check style tab on the left panel.
- Click New... button on the right panel.
- Download default check style sheet xml
- Select Configuration and choose the default check style sheet xml.
- Select the source folder(s) of your Java project in Eclipse, and right click.
- Select Check style -> Check Code with Check Style
- Once the check is completed, open Check style violations view.
- Double click the violations in Check style violations view to take you to the code that contains violations, and fix them.
- Find Bugs (http://findbugs.sourceforge.net)
- Used to find code quality issues that lead to bugs, performance issues etc.
- We have defined the rule set criteria and applied them to the servers.
- Testing Entrance Criteria: No "Error Level" issues are present.
- Install Eclipse find bugs plug-in via update site http://findbugs.cs.umd.edu/eclipse/
- Open Eclipse, go to Help -> Software Updates, and click Add Site....
- Set Location to http://findbugs.cs.umd.edu/eclipse/
- Expand the site you just added, and select Find Bugs Feature, and click Install...
- Restart Eclipse.
- Download Find bugs filter file of default Checks quality profile from internet. Just right click the following link and Save link as... on your file system (say, c:\Eclipse\findbugs.xml) This is to make sure that you will use the same set of Find bugs rules to run code analysis within your Eclipse.
- Open Eclipse, go to Window -> Preference.
- Select Java -> Find bugs on the left panel.
- Go to Report configuration tab on the right panel. Select Maximal as analysis effort, Medium as minimum priority to report, and check all bug categories.
- Go to Filter files tab, click Add... button for Include filter files, and add the file you downloaded at the first step.
- Select the source folder(s) of your Java project in Eclipse, and right click.
- Select Find Bugs -> Find Bugs.
- Once the check is completed, open Bug Explorer view.
- Double click the bugs in Bug Explorer view to take you to the code that contains bugs, and fix them.
Get Code Coverage within Eclipse
- Code Coverage
- Use Eclipse EclEmma plug-in: http://www.eclemma.org/
All Unit Tests should pass
- Test Coverage % - 80%
- Automated Code Analysis should not report any errors
- Currently being used. (Mandatory)
- Any reported issues should be logged as defects for next iteration
- Warnings are allowed
- Manual Code Analysis is optional and is not enforced from a central process.
- Automated Code Analysis compliance to become the entrance criteria for QA/test environments.
Fortify
- Used to detect security vulnerabilities in the code.
- Testing Entrance Criteria: No "High Risk" issues are present.