Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to PHP Continuous Inspection

E2ed7c278c8c49bb3e7fe0b7de039997?s=47 Hugo Hamon
October 15, 2012

Introduction to PHP Continuous Inspection

Sonar is a Java software dedicated to software analysis and quality check. This session will introduce Sonar and the most well known PHP quality tools that work with it. Then, we will see how to configure Sonar and PHP projects to build and gather metrics. Finally, we will look at the multiple charts Sonar creates for you to identify violations and estimate your techical debt.


Hugo Hamon

October 15, 2012


  1. Hugo HAMON | SensioLabs Introduction to PHP Continuous Inspection https://joind.in/talk/view/7282

  2. Hugo HAMON Head of Training at SensioLabs Travel alcoholic Book

    author Speaker at Conferences Symfony contributor PHP fan since 2000 @hhamon
  3. Software Quality, why should you care?

  4. Being aware of the technical debt « Every minute spent

    on not-quite-right code counts as interest on that debt. » Ward Cunninghman
  5. Save money!

  6. Unit Tests Martin Fowler

  7. Continuous Integration

  8. Continuous Integration in practice « Continuous Integration is a software

    development practice where members of a team integrate their work frequently » Martin Fowler
  9. None
  10. Jenkins CI

  11. Continuous Inspection

  12. How to measure code quality?

  13. Standardizing developments

  14. Doing code review sessions

  15. Automating the code analysis

  16. PHP quality tools

  17. PHP LOC

  18. File 1 File 2 PHP Copy Paste Detector

  19. PHP CodeSniffer

  20. PHP CodeSniffer

  21. PHP CodeSniffer

  22. PHP CS Fixer $ php php-cs-fixer.phar fix /path/to/project --level=psr0 $

    php php-cs-fixer.phar fix /path/to/project --level=psr1 $ php php-cs-fixer.phar fix /path/to/project --level=psr2 $ php php-cs-fixer.phar fix /path/to/project --level=all
  23. PHP CS Fixer Before

  24. PHP CS Fixer After

  25. PHP Depend

  26. PHP Mess Detector

  27. Automating static code analysis

  28. Continuous Inspection

  29. Sonar Mantra Ø  Reducing the amount of code Ø  Reusing

    the code Ø  Recycling the code
  30. Running Sonar Source $ cd /path/to/Sonar-3.2 $ bin/<your-os>/sonar.sh start $

    Starting sonar... $ Started sonar.
  31. Running Sonar Source http://localhost:9000

  32. Using MySQL to store metrics # conf/sonar.properties sonar.jdbc.username: sonar sonar.jdbc.password:

    sonar sonar.jdbc.url: jdbc:mysql://localhost:3306/sonar # Shell $ cd extras/database/mysql $ mysql -uroot < create_database.sql
  33. Con guring Sonar Web Server # conf/sonar.properties sonar.web.host: sonar.web.port:

    80 sonar.web.context: /sonar
  34. Global Maven Con guration <!-- ~/.m2/settings.xml --> <settings> <profiles> <profile>

    <id>sonar</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <sonar.jdbc.url>jdbc:mysql://localhost:3306/sonar</sonar.jdbc.url> <sonar.jdbc.driverClassName> com.mysql.jdbc.Driver </sonar.jdbc.driverClassName> <sonar.jdbc.username>sonar</sonar.jdbc.username> <sonar.jdbc.password>sonar</sonar.jdbc.password> </properties> </profile> </profiles> </settings> settings.xml
  35. Project Con guration <project ...> <modelVersion>4.0.0</modelVersion> <groupId>com.propelorm.propel2</groupId> <artifactId>Propel2</artifactId> <name>The Propel2

    PHP ORM</name> <version>2.0.0-DEV</version> <packaging>pom</packaging> <build> <sourceDirectory>src</sourceDirectory> <testSourceDirectory>tests</testSourceDirectory> </build> <properties> <sonar.language>php</sonar.language> <sonar.dynamicAnalysis>true</sonar.dynamicAnalysis> <sonar.phpDepend.shouldRun>true</sonar.phpDepend.shouldRun> <sonar.phpPmd.shouldRun>true</sonar.phpPmd.shouldRun> <sonar.phpPmd.analyzeOnly>false</sonar.phpPmd.analyzeOnly> <sonar.phpCodesniffer.shouldRun>true</sonar.phpCodesniffer.shouldRun> <sonar.phpUnit.analyze.test.directory>false</sonar.phpUnit.analyze.test.directory> <sonar.phpcpd.shouldRun>true</sonar.phpcpd.shouldRun> <sonar.phpcpd.excludes>tests</sonar.phpcpd.excludes> </properties> </project> pom.xml
  36. Installing PHP Quality Tools $ pear upgrade –f $ pear

    config-set auto_discover 1 $ pear install pear.phpunit.de/PHPUnit $ pear install pear.phpunit.de/phploc $ pear install pear.phpunit.de/phpcpd $ pear channel-discover pear.pdepend.org $ pear install pdepend/PHP_Depend-beta $ pear channel-discover pear.phpmd.org $ pear install --alldeps phpmd/PHP_PMD $ pear install PHP_CodeSniffer
  37. Installing Sonar Plugin

  38. Running the Code Analysis $ mvn sonar:sonar

  39. Summary of the Analysis 1st Analysis Sonar Way Pro le

  40. Summary of the Analysis 2nd Analysis PSR-2 Pro le

  41. Summary of the Analysis 3rd Analysis PSR-2 Pro le

  42. Summary of the Analysis 4th Analysis PSR-2 Pro le

  43. Managing Quality Pro les

  44. Violations Drilldown

  45. Violations Drilldown

  46. Violations Drilldown

  47. False Positive Flag

  48. Con guring Violations Severity

  49. Differential Analysis

  50. Technical Debt Estimation

  51. Con guring the technical debt

  52. Technical Debt Estimation

  53. Extending Sonar Source

  54. Writing Custom CodeSniffer Rules class MyStandard_Sniffs_Commenting_DisallowHashCommentsSniff implements PHP_CodeSniffer_Sniff { public

    function register() { return array(T_COMMENT); } public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr) { $tokens = $phpcsFile->getTokens(); if ('#' === $tokens[$stackPtr]['content']{0}) { $error = 'Hash comments are prohibited; found %s'; $data = array(trim($tokens[$stackPtr]['content'])); $phpcsFile->addError($error, $stackPtr, 'Found', $data); } } }
  55. Questions? Hugo HAMON @hhamon hugo.hamon@sensiolabs.com