https://www.thecodebuzz.com/continuous-code-quality-of-using-sonar/
Continuous Code Quality using SonarLint in Visual Studio 2017-19
“Any fool can write code that a computer can understand. Good programmers write code that humans can understand” -Martin Fowler
Most of us understand the importance of code quality. Good coding practices are language agnostics and help any organization to deliver clean, highly reliable, secure and maintainable code. Software maintenance is like a big fat elephant and often eats away a big chunk of project budget allocation. Re-engineering and refactoring of buggy code cost organization time, cost and quality. These small looking coding issues become bigger problems in the future and potentially affect the complete architecture and design of your application.
“Code is maintained more often than it is written”
Today in this article we shall see how to use the Sonar Lint IDE extension in Visual Studio 2017(or VS2019)
SonarLint is an IDE extension that helps to detect and fixing the code quality issues as you type the code in IDE.
SonarLint Visual Studio extension combines together all best of the linting process and supports multiple analyzers and multiple languages.
- C# (.NET , .NET Core, .NET Standards) – Roslyn analyzer
- VB.NET- Roslyn analyzer
- JavaScript- SonarJS analyzer
- C/C++ – SonarCFamily
Support for Typescript or Python language is supported through another SonarLint plugin works on Visual Studio Code IDE. Please see more details on below link,
Getting started
Prerequisites:
* Visual Studio 2015 or 2017 or 2019
* Install SonarLint extension
From Menu->Extension->Manage Extension, please search with keyword “Sonar” as below. Here I am installing this extension for VS2019.
Note-The first-time installation requires you to restart the Visual Studio to complete the installation.
After successful installation of the extension, IDE will start analyzing code and shall start reporting the issue as shown below,
As you type your code you shall be able to see best recommendation from SonarLint based on configured rules.
Connected Mode
SonarQube scan can be configured as part build and deploy process within the CICD pipeline. SonarQube provides the overall health of the portfolio within the organization with nice dashboards detailing about the overall health of the code.
SonarLint if used with the SonarQube server streamlines the code analysis process by using uniform rule set across the organization and avoids any ambiguity of issues reported on server vs developers Desktop/IDE. So far above we used the default rule set which comes with plugin installation now we shall see how to use the connected mode of sonar server.
Connected mode configuration is a simple 1-2 step process. Below we shall try connecting the application with a quality profile of the server.
- Click on Team Explorer in Visual Studio and connect to SonarQube as shown below,
- Provide Server URL and Password or Token to connect with sonar server from IDE,
After successful authentication, please select your organization.
Your application will be connected .
Establish the Sonar Server connection for the first time. Please click on “Bind” as shown below,
After successful binding, Quality profiles from Sonar Server will be downloaded locally in your projects which includes ruleset file and creation of .sonarlint folder as shown below,
- Sonar rule set file will be created within project folder (.csproj)
- Folder ‘.sonarlint’ will be created with ruleset file and configuration file as below,
That’s all! Once the project gets connected with the server, Your project will work in connected mode using the same Quality profiles as of Sonar Server. You will be able to see the same coding issues in IDE and in Pipeline and analyze your code against centralized configured rules.
Happy coding !!
Summary :
Today we learned about SonarLint extension set up and configuration for Visual Studio IDE(2017 and 2019). Good coding practices are language agnostics and help the organization to deliver clean, reliable, secure and maintainable code. Buggy code slipping through cracks has the potential to cost a company an entire business. Organizations can address these problems by following best practices of software development like continuous code quality and continuous code review processes.
Pinnacle.co.T. Titanium Spinning Glasses and Tools
ResponderEliminarPinnacle.co.T. titanium Spinning Glasses and Tools. Pinnacle.co.T. Titanium thunder titanium lights Spinning Glasses titanium tubing and Tools. The Titanium oakley titanium sunglasses Spinning Glasses and Tools. ford fusion titanium The Titanium ford edge titanium Spinning