Skip to main content

Code review with Sonar

Last week Sonar announced their new version 2.8 with a few new features and bug fixes. The main new feature is the support of custom code review. Crucible and Review board are another alternative code review system. Sonar come across with code coverage and review in one system, which is easy to maintain with small effort.
As usual sonar administrator must create users to assign tasks and collaborations. Sonar provide LDAP plugin which enables the delegation of Sonar authentication to an external system. Currently LDAP plugin supports LDAP and Active directory. In our corporation we are using active directory and first of all i tried to configure the LADP plugin. LDAP plugin wiki fully describes the installation of the plugin with LDAP system but poorly with AD. With some effort with my boss we were able to configure the plugin with our AD system. Follows i am sharing the configuration:
#-------------------
# Sonar LDAP Plugin
#-------------------

# IMPORTANT : before activation, make sure that one Sonar administrator is defined in the external system
# Activates the plugin. Leave blank or comment out to use default sonar authentication.
sonar.authenticator.class: org.sonar.plugins.ldap.LdapAuthenticator

# Ignore failure at startup if the connection to external system is refused.
# Users can browse sonar but not log in as long as the connection fails.
# When set to true, Sonar will not start if connection to external system fails.
# Default is false.
#sonar.authenticator.ignoreStartupFailure: true

# Automatically create users (available since Sonar 2.0).
# When set to true, user will be created after successful authentication, if doesn't exists.
# The default group affected to new users can be defined online, in Sonar general settings. The default value is "sonar-users".
# Default is false.
#sonar.authenticator.createUsers: true

# (omit if you use autodiscovery) URL of the LDAP server.
# If you are using ldaps, then you should install server certificate into java truststore.
# eg. ldap://localhost:10389
ldap.url: ldap://mycompany.com

# (optional) Distinguished Name (DN) of the root node in LDAP from which to search for users,
# eg. “ou=users,o=mycompany”
ldap.baseDn: dc=mycompany,dc=com

# (optional) Bind DN is the username of an LDAP user to connect (or bind) with.
# This is a Distinguished Name of a user who has administrative rights,
# eg. “cn=sonar,ou=users,o=mycompany”. Leave blank for anonymous access to the LDAP directory.
ldap.bindDn: ADADMIN

# (optional) Bind Password is the password of the user to connect with.
# Leave blank for anonymous access to the LDAP directory.
ldap.bindPassword: ADADMIN_PASSWORD

# Login Attribute is the attribute in LDAP holding the user’s login.
# Default is ‘uid’. Set ’sAMAccountName’ for Microsoft Active Directory
ldap.loginAttribute: sAMAccountName

# Object class of LDAP users.
# Default is 'inetOrgPerson'. Set ‘user’ for Microsoft Active Directory.
ldap.userObjectClass: user

# (advanced option) See http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html
# Default is 'simple'. Possible values: 'simple', 'CRAM-MD5', 'DIGEST-MD5', 'GSSAPI'.
ldap.authentication: simple

# (advanced option)
# See
# http://java.sun.com/products/jndi/tutorial/ldap/security/digest.html
# http://java.sun.com/products/jndi/tutorial/ldap/security/crammd5.html
# eg. example.org
#ldap.realm:

# (advanced option) Context factory class.
# Default is 'com.sun.jndi.ldap.LdapCtxFactory'.
#ldap.contextFactoryClass: com.sun.jndi.ldap.LdapCtxFactory
Configuration may vary on your AD system, strongly guess system administrator may help in this issue.
For now in the time of the authentication, Sonar will ignore the password from it's own system and delegate the username and password to the active directory for authentication. Also sonar administrator must configure the role for each user independently.
After installing plugin we are ready to go for code review. On the violations tab we should see the review link as follows:
Now we can add comments on violations, by default task will assign to the author of the comment:
After creating the task we also can reassign the task to another user as follows:
All the reviews you can get from the dash board
For more screen shots you should visit this link (sonar-2-8-in-screenshots).
One shortage of the sonar code review is the lack of notification, when any comment or task assign to the users. I believe that, in future release sonar will add this notification functionality in code review.
Labels:

Comments

Post a Comment

Popular posts from this blog

8 things every developer should know about the Apache Ignite caching

Any technology, no matter how advanced it is, will not be able to solve your problems if you implement it improperly. Caching, precisely when it comes to the use of a distributed caching, can only accelerate your application with the proper use and configurations of it. From this point of view, Apache Ignite is no different, and there are a few steps to consider before using it in the production environment. In this article, we describe various technics that can help you to plan and adequately use of Apache Ignite as cutting-edge caching technology. Do proper capacity planning before using Ignite cluster. Do paperwork for understanding the size of the cache, number of CPUs or how many JVMs will be required. Let’s assume that you are using Hibernate as an ORM in 10 application servers and wish to use Ignite as an L2 cache. Calculate the total memory usages and the number of Ignite nodes you have to need for maintaining your SLA. An incorrect number of the Ignite nodes can become a b...
Post a Comment
Read more

Benchmarking high performance java collection framework

I am an ultimate fan of java high performance framework or library. Java native collection framework always works with primitive wrapper class such as Integer, Float e.t.c. Boxing and unboxing of wrapper class to primitive data type always decrease the java execution performance. Most of us, always looking for such a library or framework to works with primitive data type in collections for increasing performance of Java application. Most of the time i uses javolution framework to get better performance, however, this holiday i have read about a few new java collections frameworks and decided to do some homework benchmarking to find out, how much they could better than Java native collection framework. I have examine two new java collection framework, one of them are fastutil and another one are HPPC. For benchmarking i have used java JMH with mode Throughput. For benchmarking i took similar collection for java ArrayList, HashSet and HasMap from two above described frameworks. Col...
Post a Comment
Read more

Apache Ignite Baseline Topology by Examples

Ignite Baseline Topology or BLT represents a set of server nodes in the cluster that persists data on disk. Where, N1-2 and N5 server nodes are the member of the Ignite clusters with native persistence which enable data to persist on disk. N3-4 and N6 server nodes are the member of the Ignite cluster but not a part of the baseline topology. The nodes from the baseline topology are a regular server node, that store's data in memory and on the disk, and also participates in computing tasks. Ignite clusters can have different nodes that are not a part of the baseline topology such as: Server nodes that are not used Ignite native persistence to persist data on disk. Usually, they store data in memory or persists data to a 3rd party database or NoSQL. In the above equitation, node N3 or N4 might be one of them. Client nodes that are not stored shared data. To better understand the baseline topology concept, let’s start at the beginning and try to understand its goal and what ...
Post a Comment
Read more