In order to achieve the best result of the team in the process of the software development certain routines must be established. One of them is a code review, which plays a very important role to ensure successful product development and is a key instrument in the development environment.
Code Review is a systematic study of source code. Basically, its function is to identify problems that may go unnoticed by the programmers and suggest alternative ways to solve them, thus improving the quality of the software. In fact, code review brings a number of benefits to the company and guarantees the development of better quality products.
In order to use code review correctly, it is necessary to adopt a number of practices, such as:
- Using a wiki - a document consisting of all project-related activities.
- Use checklists.
- Use automation in conjunction with manual work to identify recurring patterns and errors.
- Use the tools for process optimization.
Thanks to the Code Review system errors and bugs are fixed in time. In this way, the application enters the production phase and reaches the end user without contradictions. The development team also benefits from this, because all parties involved are technically upgraded. In addition, more effective cooperation will be achieved. Also, this knowledge sharing helps the team to find other solutions if there are problems in the development. Especially for those who are just starting out in the field of programming and don't yet have a very precise critical sense of code, this type of feedback allows for faster progression. So it gives great added value not only to the team but also to the company.
Another advantage is that responsibilities are shared and developers are not overloaded, which increases the overall productivity of projects.
SonarQube and what is used for?
Ensuring the quality of the software is fundamental, and to this end we can combine known practices with tools such as SonarQube.
SonarQube is a tool to ensure the quality of the source code. It performs several analyses and detects, for example:
- Snippets of source code that can generate errors
- Double command lines, preventing repetition of unnecessary instructions
- Safety
These analyses meet quality metrics, which are configured in the tool itself according to some predefined patterns, but which are easily customizable.
The benefits of SonarQube:
- Improving the quality of IT systems and applications
- Better impact assessment
- Greater visibility of software
- Visibility of improvements and potential problems
- Risk reduction in the implementation of the new requirements in development
- SonarQube can be synchronized with other tools
How do we implement code review?
At Kenner Soft we have two options for code reviews:
- Automated code review via SonarQube
- Manual code review performed by other developers (usually senior developers, team leaders).
We use a console tool that allows, after task completion, to automatically assign it to the team leader.
On the screenshot you can see that the programmer completed the task and it was automatically assigned to the team leader.
By clicking View the diff you can see the scope of work, that is, all the changes made in the code:
At the same time, the task is subject to review via SonarQube. The report with the results of this check is also automatically added to the task.
SonarQube analyses the code and if it finds specific problems or possible bugs, the task is sent back to the developer to fix or make changes. If no problems were found, the successful report is displayed in the task.
The successful SonarQube report looks like this:
The unsuccessful report:
This is where the code duplications were found.
The code is transmitted via Gitlab CI/CD. The main concepts of CI/CD are Continuous Integration, Continuous Delivery and Continuous Deployment. CI/CD solves the problems that integrating new code can cause for DevOps teams.
Example of GitLab CI file:
- .gitlab-ci.yml
stages:
- test
image:
name: sonarsource/sonar-scanner-cli:latest
entrypoint: [""]
variables:
SONAR_TOKEN: "$SONARTOKEN"
SONAR_HOST_URL: "$SONARHOSTURL"
GIT_DEPTH: 0
sonarqube-check:
stage: test
script:
- sonar-scanner -Dsonar.qualitygate.wait=true
allow_failure: true
tags:
- sonarqube
After the developer has fixed the errors and the recheck was successful, the task is subject to the manual review. If there are certain comments after the manual review, the task with the comments is automatically reassigned to the developer via a console command. So there is no need to assign the task via Task Manager (we use Redmine) as it is a fully automated process.
If no issues were found after the review, i.e. the Team Leader has no comments and the review is successful, this task is submitted to the test server. Two tests are performed: automatic and manual. You can read more about the testing process in our article.
Our agency Kenner Soft Services GmbH pays a lot of attention to the quality of the services provided. We review the code very thoroughly and carefully to provide the best result to the customers .
Are you interested in a dedicated team?
Please contact our team, we will be glad to help you.
