Be the Quality you Want to See in the World - Code Quality Metrics

Transcript

1. Hello

2. Be the quality you want to see in the World

3. Code quality metrics

4. How many of you calculate code metrics in ObjC?

5. It's a long story

6. Introduction What are code metrics?

7. You get what you measure — Joshua Appelman

8. Code metrics are a set of software measures

9. Cool.

10. But.

11. " Why should I bother about that? "

12. Because you want: To understand which methods/classes should be reworked

    Your development team to identify potential risks To track progress during software development

13. And, ultimately, because you — your codebase

14. —

15. " When should I use that? "

16. Basically, when you Have a large codebase Work in heterogeneous

    teams Are writing an audit Want to get a rapid overview of an inherited codebase
17. None

18. " When should I use that? " Practically everyday

19. Which code metrics?

20. # lines of code / # of files

21. Cyclomatic complexity func example(a: Int, b: Int, c:Int, d:Int) {

    // 1 if a == b { // 2 println("Hello") } else if (c == d) { // 3 for index in 1...5 { // 4 println("Hello") } } else { // 5 switch c { case 1: // 6 println("Hello") case 2: // 7 println("Hello") default: // 8 println("Hello") } } }

22. NPath complexity func example(a:Int, b:Int) { if a > 10

    { println(1) } else { println(2) } if a > b { println(3) } else { println(4) } } // Result: 4

23. Code coverage

24. Duplications (CPD)

25. Depth of inheritance

26. Class coupling

27. NCSS

28. HSLOCR

29. HSLOCR Holy Sh*t / Lines of Code Ratio

30. LASER

31. LASER LAser Shark Exposure Rate

32. None

33. —

34. How to generate code metrics?

35. PMD

36. PMD Java static analyzer - a must-have of the Java

    developer Supports Java, JavaScript, XML Identifies: • Unused variables • Empty catch blocks • Unnecessary object creation • Cyclomatic/NPath complexity

37. Clang Static Analyzer

38. Clang Static Analyzer Part of the Clang project Run as

    standalone or included via Xcode Analyzes the different execution paths (Abstract Syntax Tree) Detects wether some paths can lead to problems

39. AppCode

40. AppCode Performs checks for: • Clang analysis • Class errors

    (hidden scopes, missing implementations) • Data flow analysis • Obsolete vs Modern syntax checking • String localisation control • Unavailable/deprecated APIs

41. —

42. gcovr

43. gcovr Generates code coverage reports from .gcda and .gcno files

    Exports to the Cobertura1 XML format .gcda and .gcno files are generated by setting • GCC_GENERATE_TEST_COVERAGE_FILES • GCC_INSTRUMENT_PROGRAM_FLOW_ARCS 1 - Cobertura: an open source tool for measuring Java code coverage

44. OCLint

45. OCLint Inspired by PMD and by the AppCode static analyzer

    Based on Clang Exports to the PMD file format

46. OCLint Detects: • Empty control flow statements • Unused code

    • Complicated code (high cyclomatic/NPath complexity, deep statements) • Redundant if statements • Long methods, long parameter list

47. OCLint Rules are extensible You can write your own

48. OCLint - Installing http://docs.oclint.org/en/dev/intro/installation.html Make the binary available from your

    path

49. Tools

50. SonarQube

51. SonarQube A Web Application for Continuous Inspection of code quality

    Acts as an hub for code metrics Integrates with other tools such as PMD, Cobertura or OCLint

52. SonarQube - Installing $ brew install sonar $ brew install

    sonar-runner # Front end

53. SonarQube Runner

54. SonarQube Runner Is the frontend for executing sonar Reads a

    sonar-project.properties file in the project folder

55. SonarQube Objective-C plugin

56. SonarQube Objective-C plugin Developed by Octo Technologies, Paris github.com/octo-technology/sonar-objective-c Aggregates:

    • OCLint results • Test coverage (via Cobertura) • CPD

57. SonarQube Objective-C plugin - Installing build from sources: $ mvn

    install

58. " When should I use that? " Practically everyday

59. Automate!

60. Automate!!

61. Automate!!!

62. Automate!!!

63. A real life project 1. Jenkins 2. xcodebuild/xctool/xcpretty 3. OCLint

    4. Run Tests 5. Run gcovr 6. Sonar

64. Warning: bash Proceed with caution

65. Let's dive in

66. 1. Jenkins Runs project jobs A job can consist in

    compilation, testing, analysis, deployment tasks Jobs can be parametrized

67. 2. xcodebuild/xctool/xcpretty $ /usr/bin/xcodebuild [params] > xcodebuild.log

68. 3. OCLint $ oclint-xcodebuild # Generates compile_commands.json $ oclint-json-compilation-database >

    -- -report-type pmd -o sonar-reports/oclint.xml

69. 4. Run tests $ GCC_GENERATE_TEST_COVERAGE_FILES=YES > GCC_INSTRUMENT_PROGRAM_FLOW_ARCS=YES > /usr/bin/xcodebuild test

    | xcpretty -tc --report junit > --output "${PWD}/sonar-reports/TEST-report.xml"

70. 5. Run gcovr $ ./scripts/gcovr -r . PATH/TO/DUCKING/DERIVEDDATA/ > --exclude

    .*Tests.* --xml > > "${PWD}/sonar-reports/coverage.xml"

71. 6. Sonar-Runner - Property file sonar.projectKey=nsspaindemo sonar.projectName=NSSpainDemo sonar.language=objc sonar.projectDescription=NSSpainDemo sonar.sources=NSSpainDemo/

    sonar.objectivec.project=NSSpainDemo.xcodeproj

72. Putting it all together #!/bin/bash BUILD_CMD_SUFFIX="-project ${PROJECT_NAME}.xcodeproj -derivedDataPath ${PWD}/DerivedData -configuration

    Debug" \ # Clean the folders rm -rf ${PWD}/sonar-reports rm -rf ${PWD}/DerivedData mkdir ${PWD}/sonar-reports # Build /usr/bin/xcodebuild ${BUILD_CMD_SUFFIX} -scheme "${DEFAULT_SCHEME}" \ -sdk "${DEFAULT_SDK}" > xcodebuild.log # Generate compile commands /usr/local/bin/oclint-xcodebuild /usr/local/bin/oclint-json-compilation-database "${PWD}/${PROJECT_NAME}" \ -- -report-type pmd -o sonar-reports/oclint.xml # Run tests GCC_GENERATE_TEST_COVERAGE_FILES=YES \ GCC_INSTRUMENT_PROGRAM_FLOW_ARCS=YES \ /usr/bin/xcodebuild ${BUILD_CMD_SUFFIX} -scheme "${DEFAULT_SCHEME}" \ -sdk "${DEFAULT_SDK}" test | xcpretty -tc --report junit \ --output "${PWD}/sonar-reports/TEST-report.xml" # Generate coverage report ./scripts/gcovr -r . \ ${PWD}/DerivedData/Build/Intermediates/"${DEFAULT_SCHEME}".build/Debug-iphonesimulator/"${DEFAULT_TARGET}".build/Objects-normal/i386 \ --exclude .*Tests.* --xml > "${PWD}/sonar-reports/coverage.xml" # Send results to SonarQube /usr/local/bin/sonar-runner exit $?
73. None
74. None
75. None

76. Final thoughts

77. Final thoughts • Automate, automate, automate • Code metrics are

    not Gospel • Static analysis alone is not enough • Pick a range of complementary metrics • Be honest with yourself • Aim for all metrics rather than excelling in a single one

78. You get what you measure — Joshua Appelman

79. Share the results with your team Improve continuously

80. Be the quality you want to see in the World

81. —

82. Thank y—u!

83. Simone Civetta @viteinfinite