当前位置:网站首页>Zadig + sonarqube, ensuring the safety of the development process

Zadig + sonarqube, ensuring the safety of the development process

2022-06-28 22:24:00 InfoQ

High quality code 、 Rapid environmental infrastructure 、 Adequate business quality assurance ... Every point can add points to the successful delivery of the product . Invest in code quality at the source of development , Whether it is to identify code risks and prevent them from happening , Or establish team R & D specifications , It is a matter where the benefits far outweigh the costs .
The voice of community partners is also getting higher and higher , Released on International Children's Day  v1.12.0  In the version ,Zadig  Support integrated scanning tools , Provide scanning service for code quality , Ensure the safety of the development process .
This paper takes the most commonly used  SonarQube  Scanning tools and open source  Zadig  Take the code warehouse as an example .

Project background

  • Source code :
    koderover/zadig
  • The goal is : For daily high-frequency changes  
    pkg
      Scan the code under the directory , Sniff the code in time 「 Bad taste 」

How to use

It only needs  3  Step , You can  Zadig  Ability to obtain code scanning in , The specific operation is as follows .

System administrator : Integrate  SonarQube

  • Sign in  SonarQube ->  Click the account avatar in the upper right corner  -> 
    My Account
    .
null
  • Switch to  
    Security
      page , stay  
    Generate Token
      Fill in  Token  After the name, click... On the right  
    Generate
      button .
null
null
  • stay  Zadig  In order to access  
    System settings
     -> 
    Integrated management
     -> 
    Sonar  Integrate
    , Fill in  SonarQube  Server address and  Token  Save after information .
null

The engineer : Configure code scanning

Entry project , New code scan .
null
null
The configuration details are as follows :
  • name
    :zadig-scan
  • Scan tool
    :SonarQube
  • Scanning environment
    :sonar:latest
  • Sonar  Address
    : Integrated in the previous step  SonarQube  Server address
  • Code information
    :Zadig  The code base
  • Parameter configuration
    : Reference resources  
    SonarQube  file
    , The configuration in this example is as follows :
# Sonar  Parameters
sonar.projectKey=zadig-pkg
sonar.projectName=zadig-pkg
sonar.sources=./pkg
sonar.go.file.suffixes=.go
Other code scanning tools can refer to  
Custom build image
, First integrate the scanning tool , Scan tool selection
other
, Specify a custom image in the scanning environment , You can enter a custom scan script .

The engineer : Execute and analyze the results

Click on
perform
Button triggers the code scan run .
null
Wait until the code scanning task is completed , Click on
see
link .
null
The system will automatically jump to  SonarQube  In the system . Engineers can view the scan results and use them to fix problems in the code , Aim at what you want , Improve code quality from the source , Reduce delivery risk .
null

Webhook  be triggered at any moment

In addition to the  Zadig  Manually perform a scan task on to check code quality , Triggers can also be configured based on related code change events , utilize  Webhook  The ability to automate code scanning .
  • Configure code scanning , Add trigger .
null
  • When an event that meets the trigger condition occurs ( such as  pull request), Code scanning will be performed automatically , Reduce manual intervention costs .
null
null

The scanning results shall be fed back in time

Code base changes automatically trigger code scanning , The scanning results will be fed back to the code warehouse , At present, we support  GitLab  Code source , Other code sources also further support . Timely code quality feedback can provide code review for the team 、 Code merging provides data reference , Let quality dissolve in every line of code .
null
Besides , Code scanning results are automatically notified to  IM  The function of is also planned , Code quality feedback can be easily obtained without switching the system , Get through the last kilometer of engineers' daily development work .

Zadig, Let engineers focus more on creating ! Welcome to join  
Make complaints about open source Tucao group
Zadig on Github

https://github.com/koderover/zadig
Zadig on Gitee
https://gitee.com/koderover/zadig
原网站

版权声明
本文为[InfoQ]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/179/202206282151226165.html

边栏推荐

猜你喜欢

随机推荐