Holding Down your Technical Debt with SonarQube

Transcript

1. Holding Down your Technical Debt with Patroklos Papapetrou @ppapapetrou76 Holding

   Down your Technical Debt with

2. About me

3. Agenda • Code Quality (what, why, when and how?) •

   The seven axes of quality • Technical Debt • SonarQube Introduction • Demo time

4. private String _ugly_name; private String ANOTHER_$UGLY___NAME; private static String am_i_static;

   public void please_work(ArrayList objects){ for (Object object : objects){ if (object == null){ String toString = object.toString(); } else am_i_static = object.toString(); doSomething(object); } } private void doSomething(Object object) throws NullPointerException { throw new NullPointerException(object.toString()); }

5. What is code quality?

6. What is code quality? “It’s an indicator about how quickly

   developers can add business value to a software system”

7. Why measure? Source code is the heart of every system

8. Why measure? Developers don't write “new” software. They maintain “legacy”

   systems.

9. Why measure? We, the developers are lazy monkeys

10. The broken window theory

11. When it's the right time to measure • From project's

    day #0 • Continuosly • Prevention vs post-actions • Prioritize and plan

12. What we should measure; • Abstract numbers? (Almost) useless •

    Evolution through time? Definitely! • Metrics? Yes but which ones? • Welcome to the seven deadly sins of developers

13. The seven axes of quality

14. The seven axes of quality Design Duplications Documentation Com plexity

    Unit Tests Coding rules Potential Bug Technical Debt

15. Technical Debt “If the debt grows large enough, eventually the

    company will spend more on servicing its debt than it invests in increasing the value of its other assets” Steve McConnell (Author of code complete)

16. This is how the source code looks like when we

    don't pay off technical debt

17. “Good” & “Bad” Technical Debt

18. What is SonarQube; • Free & open source “Code Quality

    Platform” • Provides moment-in-time quality snapshots • Gives trends of lagging and leading indicators • Tracks developers’ seven deadly sins

19. How it works? Reads and analyzes source code files Computes

    hundreds of metrics Associates them with analysis snapshots and stores them Shows the results in dashboards and widgets accessible by any browser

20. SonarQube for everything... • Initially designed for Maven Java projects

    • Today supports more than 20 languages Commercial : ABAP, C, C++, Cobol, Natural, PL/SQL, Visual Basic Open Source : C++, C#, Flex, Groovy, Android, Javascript, PHP, Python, XML, Web(xhtml, jsp , jsf), Erlang

21. For testers / QA stuff. Which parts of the system

    lack unit testing? … and for everyone For developers. Is my code “good”? How can I improve For architects. Is the initial design “broken”? How about complexity? For managers. Give me the numbers!!! Are we going up or down?

22. SonarQube star Features Dashboards

23. SonarQube star Features Historical Data

24. SonarQube star Features Differential Views

25. SonarQube star Features Components drilldown views

26. SonarQube star Features Quality Gates

27. DEMO TIME

28. The big picture Track and reduce Technical Debt on an

    ongoing basis. (Clean up kitchen every day)

29. The big picture Engage all devs from day #1 (Not

    only mums wash the dishes )

30. I have a dream… ...that one day code quality management

    will be as much as important and essential is today source code management

31. Thank you ppapapetrou76 @ppapapetrou76 http://www.linkedin.com/in/ppapapetrou 1