Muna so mu raba kwarewar mu na aiwatar da dandalin SonarQube don ci gaba da bincike da auna darajar lambar a cikin hanyoyin ci gaba na tsarin DPO (ƙari ga ajiyar ajiyar Alameda da share lissafin lissafin kuɗi) na Ƙungiyar Matsakaicin Ƙasa.
Ma'aikatar Matsakaicin Matsala ta Kasa (Kungiyar Musanya ta Moscow) tana ɗaya daga cikin manyan kamfanoni a cikin abubuwan more rayuwa na kuɗi, adanawa da lissafin bayanan masu ba da izini na Rasha da na ƙasashen waje wanda ya kai fiye da tiriliyan 50 rubles. Girman girma na ayyukan da tsarin ke gudanarwa, da kuma ci gaba da fadada ayyuka, yana buƙatar kiyaye lambar tushe mai inganci na tsarin. Ɗayan kayan aiki don cimma wannan burin shine SonarQube static analyzer. A cikin wannan labarin za mu bayyana nasarar nasarar aiwatar da SonarQube static analyzer a cikin hanyoyin ci gaba na sashen mu.
A takaice game da sashen
Ƙwarewarmu ta ƙunshi nau'o'i masu zuwa: biyan kuɗi ga abokan ciniki na NSD, sarrafa takardun lantarki (EDF), sarrafa saƙonnin ma'ajin ciniki (rajista na ma'amala na kan-da-counter), tashoshi na hulɗar lantarki tsakanin abokan ciniki da NSD, da ƙari mai yawa. Gabaɗaya, akwai ayyuka da yawa da za a yi a ɓangaren fasaha na ayyukan aiki. Muna aiki bisa ga buƙatun. Aikace-aikace daga jami'an ayyuka ana sarrafa su ta hanyar manazarta: suna tattara buƙatun abokin ciniki kuma suna gabatar mana da hangen nesa na yadda yakamata ya dace da shirin. Na gaba shine daidaitaccen makirci: haɓaka lambar - gwaji - aikin gwaji - isar da lambar zuwa da'irar samarwa ga abokin ciniki kai tsaye.
Me yasa SonarQube?
Wannan shine ƙwarewar farko na sashen mu wajen aiwatar da dandamali don sarrafa ingancin lambar - a baya mun yi shi da hannu, muna gudanar da bita na lamba kawai. Amma girman girma na aikin yana buƙatar sarrafa kansa na wannan tsari. Bugu da ƙari, ƙungiyar ta haɗa da ma'aikatan da ba su da kwarewa waɗanda ba su da cikakkiyar masaniya game da ƙa'idodin ci gaba na ciki kuma suna yin kuskure. Don sarrafa ingancin lambar, an yanke shawarar aiwatar da mai nazari a tsaye. Tun da an riga an yi amfani da SonarQube a wasu tsarin NSD, bai ɗauki lokaci mai tsawo ba don zaɓar. A baya can, abokan aiki daga wasu sassan sun yi amfani da shi don nazarin ka'idodin microservices a cikin tsarin Alameda (NSD na kansa ajiya da share lissafin lissafin kudi), a cikin CFT (tsarin bayanai don kula da lissafin kuɗi, ma'auni, shirya rahotanni na wajibi da na ciki), a wasu sauran tsarin . Don gwaje-gwaje, mun yanke shawarar farawa da sigar SonarQube kyauta. Don haka mu matsa kan lamarinmu.
Tsarin aiwatarwa
Muna da:
- taro tsarin atomatik a cikin TeamCity;
- an tsara tsarin loda lambar ta hanyar MergeRequest daga reshen fasalin zuwa babban reshe a GitLab (tsarin ci gaba bisa ga GitHub Flow);
- SonarQube, wanda aka tsara don nazarin lamba don tsarin DPO akan jadawalin.
Manufar mu: aiwatar da bincike na lambar atomatik a cikin tsarin CI / CD na DPO.
Bukatar saita: tsari na bincika lamba ta atomatik tare da na'urar nazari a tsaye tare da kowane MergeRequest zuwa babban reshe.
Wadancan. Hoton da aka yi niyya shine kamar haka: da zarar mai haɓakawa ya loda canje-canje zuwa reshen fasalin, ana ƙaddamar da bincike ta atomatik don sabbin kurakurai a cikin lambar. Idan babu kurakurai, to, an yarda da canje-canjen, in ba haka ba dole ne a gyara kurakurai. Tuni a matakin farko mun sami damar gano wasu adadin kurakurai a cikin lambar. Tsarin yana da saitunan sassauƙa sosai: ana iya daidaita shi ta yadda yake aiki don takamaiman ayyuka na masu haɓakawa, ga kowane tsarin da salon shirye-shirye.
Kafa QualityGate a cikin SonarQube
Binciken QualityGate wani abu ne da muke karantawa a cikin zurfin Intanet. Da farko, mun yi amfani da wata hanya dabam, mafi rikitarwa kuma, a wasu hanyoyi, ba daidai ba. Da farko, mun gudanar da binciken sau biyu ta hanyar SonarQube: mun bincika reshen fasalin da reshe inda za mu haɗa reshen fasalin, sannan muka kwatanta adadin kurakurai. Wannan hanyar ba ta tsaya tsayin daka ba kuma ba koyaushe tana samar da sakamako daidai ba. Sannan mun gano cewa a maimakon yin SonarQube sau biyu, muna iya saita iyaka akan adadin kurakuran da aka yi (QualityGate) kuma mu bincika kawai reshe da kuka ɗora kuma ku kwatanta.
A yanzu har yanzu muna amfani da wani bita na farko na lamba. Yana da kyau a lura cewa SonarQube bai dace da wasu harsunan shirye-shirye ba, gami da Delphi. A halin yanzu, muna nazarin lambar PLSql kawai don tsarin mu.
Yana aiki kamar haka:
- Muna nazarin lambar PL/SQL kawai don aikin mu.
- SonarQube ya daidaita QualityGate don kada adadin kurakurai ya karu tare da aikatawa.
- Adadin kurakurai a farkon ƙaddamarwa shine 229. Idan an sami ƙarin kurakurai yayin aikatawa, to ba a yarda da haɗuwa ba.
- Bugu da ari, idan an gyara kurakurai, zai yiwu a sake saita QualityGate.
- Hakanan zaka iya ƙara sabbin maki don bincike, misali, ɗaukar hoto tare da gwaje-gwaje, da sauransu.
Tsarin aiki:
Bayanan rubutun sun nuna cewa adadin kurakurai a cikin reshen fasalin bai karu ba. Don haka komai yayi daidai.
Maballin Haɗa yana samuwa.
A cikin sharhin rubutun, zaku iya ganin cewa adadin kurakurai a cikin reshen fasalin ya zama abin karɓa. Don haka duk abin da yake BAD.
Maballin Haɗawa ja ne. A halin yanzu, babu wani haramci akan loda canje-canje bisa kuskuren lambar, amma ana yin hakan bisa ga ra'ayin mai haɓakawa. A nan gaba, za ku iya hana irin waɗannan ayyukan daga ƙarawa zuwa babban reshe.
Aiki mai zaman kansa akan kurakurai
Na gaba, kuna buƙatar bincika duk kurakuran da tsarin ya gano, saboda SonarQube yana yin nazari bisa ga tsauraran matakan sa. Abin da ya yi la'akari da kuskure ba zai iya zama ɗaya a cikin lambar mu ba. Don haka, kuna buƙatar bincika da lura ko wannan kuskure ne da gaske, ko kuma babu buƙatar gyara a cikin yanayinmu. Ta wannan hanyar za mu rage yawan kurakurai. Bayan lokaci, tsarin zai koyi fahimtar waɗannan nuances.
Me muka zo
Manufarmu ita ce fahimtar ko zai yi kyau a yanayinmu don canja wurin bitar lambar zuwa aiki da kai. Kuma sakamakon ya rayu har zuwa tsammanin. SonarQube yana ba mu damar yin aiki tare da yarukan da muke buƙata, yin nazari mai inganci, kuma yana da yuwuwar koyo daga shawarwari masu haɓakawa. Gabaɗaya, mun gamsu da ƙwarewarmu ta farko ta amfani da SonarQube kuma muna shirin haɓaka gaba ta wannan hanyar. Muna sa ran cewa a nan gaba za mu iya ajiye ƙarin lokaci da ƙoƙari akan sake duba lambar kuma mu inganta shi ta hanyar kawar da yanayin ɗan adam. Wataƙila a cikin tsari za mu gano gazawar dandamali ko kuma, akasin haka, za mu sake tabbata cewa wannan abu ne mai sanyi tare da babban damar.
A cikin wannan labarin bita mun yi magana game da saninmu da SonarQube static analyzer. Idan kuna da tambayoyi, da fatan za a rubuta a cikin sharhi. Idan kuna sha'awar wannan batu, a cikin sabon ɗaba'ar za mu bayyana dalla-dalla yadda za a saita komai daidai da rubuta lamba don yin wannan rajistan.
Marubucin rubutu:
source: www.habr.com