CI
Unit Tests
- To check the units of code under development, developers write unit tests
- In CI/CD pipelines we need to execute unit tests and ensure they are passing
- one way of checking the quality of unit tests is by coverage reports
- Organization define acceptable code coverage
Static Code Analysis
- Every programming language will generally have style guides (fine tuned by organization). Lint tools verify the style.
- Also every programming language will have best practices and to verify the best practices, we have tools which are called as static code analysis tools
- Also code might have security issues, so we need to scan code for security issues for this we have SAST (Static Application Security Testing)
Quality Gate
- Quality Gate generally means the accepable quality of code
- lint issues:
- severity: minor | major | error | warning | critical
- code quality issues
- severity: minor | major | error | warning | critical
- code coverage issues: here we define percentages
- security issues
- severity: minor | major | error | warning | critical
- lint issues:
- Involving quality gate means failing the build on violations
Static Code Analysis Tools
- CodeQL
- Sonarqube
