当前位置:网站首页>Hi, you have a code review strategy to check!

Hi, you have a code review strategy to check!

2022-06-28 01:43:00 InfoQ

Introduce

As a back-end developer who has worked for many years , Has gradually reduced the time it takes to write your own code , Devote more working time to code review in . adopt code review Can reduce the bug Probability of occurrence , Improve code quality , It can also help others make progress .
But in code review In the process of , You will find that some people have bad coding habits , Result in code structure 、 The format is confusing , There is a deep hole in the code . such as :
  • The method is too long , Write the whole logic in a method , No necessary abstraction and encapsulation .
  • Methods do not need to be commented , The method name is not literal yet .
  • After the file is opened , Forget to close the workflow .
Wait a minute .
I am here code review In the process of , Can find some problems , But there are still some problems , Maybe it was careless , Maybe the knowledge is not comprehensive enough , May have been missed .
Every time just checking the format and coding habits will take a lot of code review Time , This situation is very distressing .
Is there a possibility , In my code review Before , Automatically normalize the format , Coding habits these simple questions are checked , Tell me a test result , I just need to go review Business code ?
Later I found Jianmu  + checkstyle + SonarQube.

Component is introduced

Jianmu : Build wood to trigger 、 Process planning 、 Task distribution and other functions are the core , It can be applied in various usage scenarios , Including but not limited to ,CI/CD、DevOps、 Automatic operation and maintenance 、 Scenarios such as multi business system integration . In my use , Found it very flexible , Various functions can be combined freely , It's very easy to use , Just choose the node you like , Add it to your process OK La .
  • checkstyle Official documents
  • SonarQube Official documents

The overall use process

Pictured :

null
Process explanation :
  • Coder Submit your own code to the code repository , launch Merge Request.
  • The code warehouse calls the build hook , Trigger the wood building process .
  • Jianmu pulls the code from the warehouse , Conduct checkstyle and SonarQube Static code scan .
  • Jianmu will scan the results , In the form of comments , Write back to Merge Request In the comments .
  • Reviewer start-up , Refer to the scan results , Conduct Code Review.
Since then ,code review There are also “ automatic transmission ”, With the help of construction wood merge The inspection of , spot merge More confidence ~

How to build

Let's share with you how to use Jianmu to build this process
  • Transform the project itself , Introduce in the project checkstyle and SonarQube plug-in unit , And complete the configuration . About checkstyle and sonarqube The configuration and use of can be referred to :
    checkstyle Official documents
    SonarQube Official documents
  • Start to prepare the Jianmu nodes we need to use 🤪
  • git-clone node ( official :
    https://jianmuhub.com/_/git_clone
Clone source and target branch code .

null
  • maven node ( official :
    https://jianmuhub.com/_/maven_build
perform mvn compile sonar:sonar To check the code for defects
perform mvn checkstyle:checkstyle-aggregate To check whether the code is standardized

null
  • check_style node ( Customize :
    https://jianmuhub.com/weizhongyuan/check_style
    )
Compare the specification result file of the source branch and the target branch , The result is greater than 0, It indicates that nonstandard codes have been added in this merger
notes :checkstyle The scan of has been configured to execute maven Command is automatically executed ,check_style node , Just to get analysis maven Execute the scan results in the log .

null
  • sonarqube-analysis node ( Customize :
    https://jianmuhub.com/fat_squirrel/sonarqube_analysis
Get the new code BUG And the number of new vulnerabilities , And get sonarqube Deployment address of .
notes :SonarQube The scan of has been configured to execute maven Command is automatically executed ,SonarQube node , Just to get maven Execute the scan results in the log .

null
  • git_merge_comment node ( Customize :
    https://jianmuhub.com/weizhongyuan/git_merge_comment
towards Gitlab Of Merge Request Notify the scanning results in the form of comments .

null
  • Enterprise wechat notification node ( official :
    https://jianmuhub.com/_/qywx_notice
Send relevant notices to enterprise wechat .

null

  • Then write DSL file
name: java-style-check

#  Can be executed concurrently
global:
 concurrent: true

trigger:
 type: webhook
 param:
 - name: action
 type: STRING
 exp: $.body.json.object_attributes.action
 - name: object_kind
 type: STRING
 exp: $.body.json.object_kind
 - name: user_name
 type: STRING
 exp: $.body.json.object_attributes.last_commit.author.name
 - name: project_name
 type: STRING
 exp: $.body.json.project.name
 - name: source_branch
 type: STRING
 exp: $.body.json.object_attributes.source_branch
 - name: target_branch
 type: STRING
 exp: $.body.json.object_attributes.target_branch
 - name: remote_url
 type: STRING
 exp: $.body.json.project.git_http_url 
 - name: git_host
 type: STRING
 exp: $.header.x-real-ip
 - name: project_id
 type: STRING
 exp: $.body.json.project.id
 - name: iid
 type: STRING
 exp: $.body.json.object_attributes.iid
# webhook event   One merge event open、update、reopen Can trigger the process
 only: (${trigger.object_kind} == "merge_request" && ${trigger.action} == "open" || ${trigger.action} == "update" || ${trigger.action} == "reopen")

workflow:
 start:
 type: start
 targets:
 - git_source_branch
 - git_target_branch
#  Source branch
 git_source_branch:
 type: "git_clone:1.1.1"
 sources:
 - start
 targets:
 - maven1
 param:
 remote_url: "${trigger.remote_url}"
 ref: "refs/heads/${trigger.source_branch}"
 netrc_password: "((gitlab.password))"
 netrc_machine: "x.x.x.x"
 netrc_username: "((gitlab.username))"
#  adopt mvn command , Use code specification checking tools check-style Check source branch , Generate specification result file
#  adopt mvn command , Use the code defect checking tool sonarqube To check the code , And upload the results to the server
 maven1:
 type: "jianmu/maven:jdk"
 sources:
 - git_source_branch
 targets:
 - sonarqube_analysis
 param:
 mvn_action: "compile sonar:sonar clean checkstyle:checkstyle-aggregate"
 workspace: "${git_source_branch.git_path}"
 maven_public_id: "maven-releases"
 maven_public_url: "http://x.x.x.x:8081/repository/maven-public/"
#  Get the new code BUG And the number of new vulnerabilities , And get sonarqube Deployment address of
 sonarqube_analysis:
 sources:
 - maven1
 targets:
 - check_style
 type: "fat_squirrel/sonarqube_analysis:v2"
 param:
 ip: "x.x.x.x:9000"
 project_name: "name"
#  Target branch
 git_target_branch:
 type: "git_clone:1.2.2"
 sources:
 - start
 targets:
 - maven2
 param:
 remote_url: "${trigger.remote_url}"
 ref: "refs/heads/${trigger.target_branch}"
 password: "((gitlab.password))"
 username: "((gitlab.username))"
#  Use code specification checking tools check-style Check the target branch , Generate specification result file
 maven2:
 type: "maven_build:1.3.1-jdk"
 sources:
 - git_target_branch
 targets:
 - check_style
 param:
 mvn_action: "checkstyle:checkstyle-aggregate"
 workspace: "${git_target_branch.git_path}"
 maven_public_id: "maven-releases"
 maven_public_url: "http://172.16.35.15:8081/repository/maven-public/"
#  Get the specification result files of the source branch and the target branch from the shared directory for comparison
 check_style:
 sources:
 - sonarqube_analysis
 - maven2
 targets:
 - condition
 type: "jianmu/check_style:v3"
 param:
 file2: "${git_target_branch.git_path}/target/checkstyle-result.xml"
 file1: "${git_source_branch.git_path}/target/checkstyle-result.xml"
#  Judge nodes , Take different branches
 condition:
 sources:
 - check_style
 type: condition
 expression: ${check_style.result}=="1"
 cases:
 true: qywx_notice
 false: condition2
 qywx_notice:
 type: "qywx_notice:1.2.1"
 sources:
 - condition
 targets:
 - git_merge_comment1
 param:
 mentioned_mobile_list: "[]"
 bot_webhook_url: "((chatbot.merge))"
 text_content: " project :${trigger.project_name}, submitter :${trigger.user_name}, news : In this submission, the number of non conformities has been increased :${check_style.diff}"
 msgtype: "text"
 mentioned_list: "[]" 
 git_merge_comment1:
 type: "jianmu/git_merge_comment:v1"
 sources:
 - qywx_notice
 targets:
 - end
 param:
 project_id: "${trigger.project_id}"
 host: "${trigger.git_host}"
 comment: "action:${trigger.action}, project :${trigger.project_name}, submitter :${trigger.user_name}, news : This consolidation adds ${check_style.diff} A format problem , newly added ${sonarqube_analysis.new_bugs} individual bug Wind addition , newly added ${sonarqube_analysis.new_vulnerabilities} Vulnerability issues , Details visible :'${sonarqube_analysis.url}'"
 merge_request_iid: "${trigger.iid}"
 token: "((AUTOOPS.private_token))"
 condition2:
 sources:
 - condition
 type: condition
 expression: ${check_style.result}=="0"
 cases:
 true: qywx_notice2
 false: qywx_notice3
 qywx_notice2:
 type: "qywx_notice:1.2.1"
 sources:
 - condition2
 targets:
 - git_merge_comment2
 param:
 mentioned_mobile_list: "[]"
 bot_webhook_url: "((chatbot.merge))"
 text_content: " project :${trigger.project_name}, submitter :${trigger.user_name}, news : This submission is not much , Just right !"
 msgtype: "text"
 mentioned_list: "[]"
 git_merge_comment2:
 type: "jianmu/git_merge_comment:v1"
 sources:
 - qywx_notice2
 targets:
 - end
 param:
 project_id: "${trigger.project_id}"
 host: "${trigger.git_host}"
 comment: "action:${trigger.action}, project :${trigger.project_name}, submitter :${trigger.user_name}, news : There is no new format problem in this consolidation , newly added ${sonarqube_analysis.new_bugs} individual bug Wind addition , newly added ${sonarqube_analysis.new_vulnerabilities} Vulnerability issues , Details visible :'${sonarqube_analysis.url}'"
 merge_request_iid: "${trigger.iid}"
 token: "((AUTOOPS.private_token))"
 qywx_notice3:
 type: "qywx_notice:1.2.1"
 sources:
 - condition2
 targets:
 - git_merge_comment3
 param:
 mentioned_mobile_list: "[]"
 bot_webhook_url: "((chatbot.merge))"
 text_content: " project :${trigger.project_name}, submitter :${trigger.user_name}, news : This submission reduces the number of non conformities :${check_style.diff}"
 msgtype: "text"
 mentioned_list: "[]"
 git_merge_comment3:
 type: "jianmu/git_merge_comment:v1"
 sources:
 - qywx_notice3
 targets:
 - end
 param:
 project_id: "${trigger.project_id}"
 host: "${trigger.git_host}"
 comment: "action:${trigger.action}, project :${trigger.project_name}, submitter :${trigger.user_name}, news : This merger has decreased ${check_style.diff} A format problem , newly added ${sonarqube_analysis.new_bugs} individual bug Wind addition , newly added ${sonarqube_analysis.new_vulnerabilities} Vulnerability issues , Details visible :'${sonarqube_analysis.url}'"
 merge_request_iid: "${trigger.iid}"
 token: "((AUTOOPS.private_token))"
 end:
 type: end
 sources:
 - git_merge_comment1
 - git_merge_comment2
 - git_merge_comment3
DSL After writing , The overall process is like this 🤩.

null
  • Trigger process
Copy trigger link from Jianmu , stay Gitlab Middle configuration Merge Request Of Webhook, Paste the link copied from Jianmu . When someone initiates Merge Request when , It will trigger the process .
  • Result display

null

ending

In use Jianmu  + checkstyle + SonarQube in the future , The efficiency of work has been greatly improved , Have more time to accomplish more meaningful things , After all, life is short !


Officer, ⽹
Code
file
Example
原网站

版权声明
本文为[InfoQ]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/178/202206271622475363.html

边栏推荐

猜你喜欢

随机推荐