DevOps Classroom Series – 23/May/2020

Static Code Analysis and Code Coverage Using Jenkins

  • Normal Process of submitting the code Preview
  • When the peer review is happening it will be difficult to review best practices, known issues etc by other developer every time. This is where the Static Code Analysis comes into play.
  • Static Code Analysis is a code analysis that is done by a tool and this tool generates the report. Generally the issues reported by Static Code Analysis tools is called as techical debt. The popular tool in this space is Sonar Qube. Preview
  • As a devops engineer, we need to integrate sonar qube analysis in the CI/CD Pipeline
  • The Second aspect is Code Coverage. Developers write code and to test the code they write unit tests. But How much is Unit Test Covering the code?
    • For Measuring this we have Symbol Coverage, Line Coverage and Branch Coverage
    • Sonarqube can measure Coverage and it also provides us with quality gate Preview
  • SonarQube Installation and configuration with Jenkins Refer Here
  • Using sonarqube developers can perform manaul analysis from their dev machines as shown below by using the highlighted command after mvn test is done Preview
  • Created a Jenkins project with the following Jenkinsfile
node {
        git ''

        sh 'mvn package'
    stage('Sonar') {
        withSonarQubeEnv('SONAR-6.7.4') {
             sh 'mvn org.sonarsource.scanner.maven:sonar-maven-plugin:'
  • After building the code Preview Preview

Git Protocols

  • In Git we communicate from local-repo to remote-rep. Git Can communicate using
    • Local:
      • When remote-repo is also on same server
    • HTTP(s):
      • Most simplest to setup
      • User Management will be done by the webserver which hosts git
    • SSH
      • Authenticated Protocol
      • Easy to Setup
    • Git:
      • Fastest Protocol
      • Runs on dedicated port 9418
      • Authentication feature is not up to the mark
      • Used in read only public repository
  • Majorly we use ssh or Http for Git as a protocol
  • Now lets look on how to configure ssh-keys for git repo in GitHub Refer Here

Git Bare Repositories

  • Bare repository is a git repository without working tree and it just has .git folder
  • Bare Git Repository is typically used as Remote-Repo
  • To create a bare repository
git init --bare .
  • To clone a bare repository
git clone --bare <url>

Git Hooks

  • Git Hooks are scripts that can be executed before or after events such as
    • commit
    • push
  • Some use cases are
    • After developer pushes the code, start the jenkins build
    • Whenever developer commits the code, Email other team members
  • Clone a git repo and check .git/hooks folder Preview
  • Create a new git local repo and check .git/hooks folder Preview
  • Hooks are of two types
    • Client-Side Hooks:
      • Generated on local-repo
    • Server-Side Hooks:
      • Generate on Remote-repo
  • Lets experiment with commit-msg hook Preview
  • The commit-msg hook script is
# An example hook script to check the commit log message.
# Called by "git commit" with one argument, the name of the file
# that has the commit message.  The hook should exit with non-zero
# status after issuing an appropriate message if it wants to stop the
# commit.  The hook is allowed to edit the commit message file.
# To enable this hook, rename this file to "commit-msg".

# Uncomment the below to add a Signed-off-by line to the message.
# Doing this in a hook is a bad idea in general, but the prepare-commit-msg
# hook is more suited to it.
# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"

# This example catches duplicate Signed-off-by lines.

test "" = "$(grep '^Signed-off-by: ' "$1" |
	 sort | uniq -c | sed -e '/^[ 	]*1[ 	]/d')" || {
	echo >&2 Duplicate Signed-off-by lines.
	exit 1

  • create a pre-commmit and post-commit with some simple echo statements and the output when you commit will be as shown below Preview

  • Server Side Hooks are also scripts but some repositories like GitHub/BitBucket which donot allow you to get inside server to set scripts give an option of WebHook Refer Here for an example to build jenkins when code is pushed to github

  • Git Hooks Refer

Git Stash

  • Is the fifth area of git, which helps in preserving changes to work on them at later point Preview Preview Preview Preview Preview

GitHub Pull Request

Preview Preview Preview Preview Preview Preview

Scenario Request to me

  • If you want me create/speak about any scenario create a fork of this repo add your changes and send pull request to me
  • If the scenario is challenging, I will definetly share the solution

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin