Month: June 2018

W7: Metrics

After getting our Gitlab CICD running again, we decided to use SonarQube for analysing our code and JaCoCo for the Code Coverage report. Our Gitlab Pipeline sends SonarQube our code and the code coverage report generated thanks to JaCoCo.

Here are some screenshots from our Job in the Pipeline.

GitlabCICDWithJaCoCo

And

GitlabCICDWithSonarQube

And here SonarQube with Code Coverage

SonarQube Before

We decided to focus on Vunerabilities and Cognitive Complexity. Vulnerabilites are part of security metrics and Cognitive Complexity part of Complexity. SonarQube describes them as following:

  • Security:
    Issues in this domain mark potential weaknesses to hackers.
  • Complexity:
    How simple or complicated the control flow of the application is. Cyclomatic Complexity measures the minimum number of test cases required for full test coverage. Cognitive Complexity is a measure of how difficult the application is to understand

Here you can see our slight improvements after refactoring.

Cognitive Complexity

MetricsComplexity

SonarQubeCodeComplexity

Vulnerabilites

MetricsVulnerability

SonarQubeVulnerability

So after following those measures, we made our code a bit more secure and less complex. Using these measurements helps us quite a lot, because it is faster and done automatically. With such tools we can gain more experience and understand our own code better.

On a sidenote. Codacy does not work with Gitlab for free. So if you have Gitlab and do want to use Codacy you need make your project public and pay for Codacy. That is why we didn’t use it in our CICD

Design a site like this with WordPress.com
Get started