SonarQube and Sonatype Nexus IQ Server

Slides:



Advertisements
Similar presentations
Automated Software Testing: Test Execution and Review Amritha Muralidharan (axm16u)
Advertisements

Software Modeling SWE5441 Lecture 3 Eng. Mohammed Timraz
The middleware that makes real time integration a reality.
© 2006 IBM Corporation SOA on your terms and our expertise Discovering the Value of SOA SOA In Action SOA & End-2-End Business Driven Development using.
Continous architecture analysis in 3D. 2 Stefan Rinderle Kontinuierliche Architekturanalyse in 3D ○ Bachelor an der HS Karlsruhe ○ Master "Software Engineering"
Computers & Logic An Overview. Hardware Hardware is the equipment, or the devices, associated with a computer. For a computer to be useful, however, it.
Copyrighted material John Tullis 8/13/2015 page 1 Blaze Software John Tullis DePaul Instructor
UNIT-V The MVC architecture and Struts Framework.
DevOps Jesse Pai Robert Monical 8/14/2015. Agile Software Development 8/14/2015© 2015 SGT Inc.2.
Liang, Introduction to Java Programming, Sixth Edition, (c) 2007 Pearson Education, Inc. All rights reserved Chapter 12 Object-Oriented.
CPIS 357 Software Quality & Testing
CSCE 548 Code Review. CSCE Farkas2 Reading This lecture: – McGraw: Chapter 4 – Recommended: Best Practices for Peer Code Review,
EMI INFSO-RI Metrics review Claudio (SA1), Lars, Duarte, Eamonn and Maria (SA2)
Understand Application Lifecycle Management
METACASE. WHAT THIS PRESENTATION IS ABOUT  What’s META MODELING?  What’s METACASE?  METAEDIT+ 5.1 EVALUTION PROGRAM  Diagram and its kinds.
Why use JIRA?.
Software Metrics Cmpe 550 Fall Software Metrics.
Asya Stoyanova-Doycheva University of Plovdiv Bulgaria eLSEBuilder and RFAgent – eLearning Supporting Tools in Software Engineering 1.
Software Deployment & Release 26/03/2015 1EN-ICE.
D4Science and ETICS Building and Testing gCube and gCore Pedro Andrade CERN EGEE’08 Conference 25 September 2008 Istanbul (Turkey)
From Use Cases to Implementation 1. Structural and Behavioral Aspects of Collaborations  Two aspects of Collaborations Structural – specifies the static.
| Secure Software Development | Funke, Pfretzschner, Zulfiqar Integration of Static Code Analysis in Continuous Integration Lifecycles Source:
Cisco Consulting Services for Application-Centric Cloud Your Company Needs Fast IT Cisco Application-Centric Cloud Can Help.
The Next Level Of Agile: DevOps and CD אוקטובר 2015.
Maven. Introduction Using Maven (I) – Installing the Maven plugin for Eclipse – Creating a Maven Project – Building the Project Understanding the POM.
© 2013 IBM Corporation Accelerating Product and Service Innovation Service Virtualization Testing in Managed Environments Michael Elder, IBM Senior Technical.
Tool Support for Testing Classify different types of test tools according to their purpose Explain the benefits of using test tools.
From Use Cases to Implementation 1. Mapping Requirements Directly to Design and Code  For many, if not most, of our requirements it is relatively easy.
Initiating UK OOI CI Project 7 th /8 th March 2011.
Platform & Maven2 David Šimonek. Certified Engineer Course Agenda What is Maven? Why Maven? NB IDE & Maven NB Platform & Maven.
Building Enterprise Applications Using Visual Studio®
The Premier Test Lab Management Software
Engaging Business Analysts in Test Automation
Process improvements for better quality
ONAP security meeting
Pro-Active Performance Engineering
Testing Tools & Standards
UML Diagrams By Daniel Damaris Novarianto S..
Introduction to Compiler Construction
Understanding SOAP and REST calls The types of web service requests
Self Healing and Dynamic Construction Framework:
Securing the CI Irene Michlin, Principal Security Consultant.
Software Tools and Environments
Continuous Integration and Testing
Trends like agile development and continuous integration speak to the modern enterprise’s need to build software hyper-efficiently Jenkins:  a highly.
Unified Modeling Language
UML Diagrams Jung Woo.
An Intro to ALM Using TFS and Visual Studio for Source Control, Build Automation, Continuous Integration and Deployments.
Application Lifecycle Management – Best Practices for SharePoint and Office App development November 2015.
Overview of System Engineering
X in [Integration, Delivery, Deployment]
Model-Based Design: Software Engineers Wanted
Integrating viewpoint forms with construction imaging content types
Lunch & Learn: Are you letting your users be your testers?
Rational Unified Process (RUP)
Automating your CI/CD Stack with Java and Groovy
Simplified Development Toolkit
What is user acceptance testing and how is it different than system testing Kusum daga.
Near Real Time ETLs with Azure Serverless Architecture
Thoughts on Model Interoperability
Ensuring Project Success with SpiraTeam & Rapise
Helping you make your code better
SSDT, Docker, and (Azure) DevOps
MAPO: Mining and Recommending API Usage Patterns
SSDT, Docker, and (Azure) DevOps
Overview on CI Use JJB (Jenkins Job Builder) to manage Jenkins jobs.
Putting Together a DevOps Pipeline Leveraging Technology, Process, and People 1 May 2019 Mr. Patrick Bush.
SeeSoft A Visualization Tool..
From Use Cases to Implementation
SSDT, Docker, and (Azure) DevOps
Presentation transcript:

SonarQube and Sonatype Nexus IQ Server What is it and how does it relate to us?

What is SonarQube? An open source tool to measure and analyze to quality of source code Supports over 20 different languages Ability to analyze within your CI Engine or locally on your IDE Architecture & Design, Complexity, Duplications, Coding Rules, Potential Bugs, Unit Test & Comments (from APIs) Creates a homogenized and centralized report displayed on an easy-to-read dashboard of metrics defined by the user/team Lots of plugins with other ALM tools to ensure quality code is written before put into production

Why SonarQube? Utilizes static and dynamic analysis tools Focused on the 7 axes of code quality rather than just bugs and code complexity Can be used as a plugin alongside CI servers so centralizes the build and code analysis

SonarQube Architecture

However, this only checks the built code from developers However, this only checks the built code from developers.. What happens before and after that?

What is Sonatype Nexus IQ Server? Consists of three separate parts that work together Auditor Firewall Lifecycle

Why Sonatype Nexus IQ Server? Provides governance and oversight of the entire software supply chain through monitoring all components and artifacts Integrates with many other DevOps related and existing tools used within HSBC

Supply Chain Flow