I’m located at Tokyo, but I sometimes collaborate beyond border to assist customers. I’m working with Smith Naik who has been managers of various IBM software at IBM labs, now works for various customers to provide best solutions for them.
We were wondering how we can provide “static analysis” on the cloud using IBM Bluemix DevOps Services, and Smith found the vendor Kiuwan who provides the solution for it ( https://github.com/kiuwan/ibm-devOps-services ) . Smith double checked with product manager of DevOps Services and it turned out that Kiuwan is on the list of IBM Cloud market place (i.e. our partner). So we have started to investigate.
This is preliminary blog entry how I verified the features of this integration. First of all, I choose this tutorial article because this is public, everybody can double check it. I have chosen to add “Build and Deploy” feature in “Add Git” step. After a while, build and deploy was ready to use in the project.
I have modified “Build” stage to include Test job. The job will provide a text area to enter test script.
I have added the following texts ( I have just followed instruction found in GitHub). I have changed the KIUWAN_APPLICATOIN_NAME, KIUWAN_USER and KIUWAN_PASSWORD parameters.
# invoke tests here
#Set parameters for Kiuwan Local Analyzer
export KIUWAN_USER="<my login at Kiuwan>"
export KIUWAN_PASSWORD="<my password at Kiuwan>"
export KIUWAN_EXCLUDE_PATTERNS="**/src/test/**,**/__MACOSX/**,**/*.<span class="skimlinks-unlinked">min.js,**/*.Designer.vb,**/*Reference.vb,**/*Service.vb,**/*Silverlight.vb,**/*.Designer.cs,**/*Reference.cs,**/*Service.cs,**/*Silverlight.cs</span>"
#Retrieve and execute the analysis with Kiuwan Local Analyzer
curl -L <span class="skimlinks-unlinked">https://raw.githubusercontent.com/kiuwan/ibm-devOps-services/master/scripts/kiuwan.sh</span> | bash
And then, save the configuration, and run it. I see the test log during the operation.
After the test end, The log gave a URL to view the test result. By opening the URL, I can see several test result of Kiuwan static analysis. Here is a result of our sample code.
It indicated it has defects in Maintainability. What kind of error it was ? They were:
“Provide Javadoc comments for public methods.”
Yes, these are actually defects. 🙂 Looks like the sample code has less defects in the other area, security, portability, reliability, so on. These are quite useful information.
This post was originally posted at Takehiko Amano’s Blog on Emerging Technologies and is reproduced here with permission.
Latest posts by Steve Galache (see all)
- Cross Site Request Forgery (CSRF) - March 30, 2017
- Application Security — Why Businesses Need Application Security - March 8, 2017
- SQL Injection and How to Avoid It - February 14, 2017