Skip to main content

Code review with Sonar

Last week Sonar announced their new version 2.8 with a few new features and bug fixes. The main new feature is the support of custom code review. Crucible and Review board are another alternative code review system. Sonar come across with code coverage and review in one system, which is easy to maintain with small effort.
As usual sonar administrator must create users to assign tasks and collaborations. Sonar provide LDAP plugin which enables the delegation of Sonar authentication to an external system. Currently LDAP plugin supports LDAP and Active directory. In our corporation we are using active directory and first of all i tried to configure the LADP plugin. LDAP plugin wiki fully describes the installation of the plugin with LDAP system but poorly with AD. With some effort with my boss we were able to configure the plugin with our AD system. Follows i am sharing the configuration:
#-------------------
# Sonar LDAP Plugin
#-------------------

# IMPORTANT : before activation, make sure that one Sonar administrator is defined in the external system
# Activates the plugin. Leave blank or comment out to use default sonar authentication.
sonar.authenticator.class: org.sonar.plugins.ldap.LdapAuthenticator

# Ignore failure at startup if the connection to external system is refused.
# Users can browse sonar but not log in as long as the connection fails.
# When set to true, Sonar will not start if connection to external system fails.
# Default is false.
#sonar.authenticator.ignoreStartupFailure: true

# Automatically create users (available since Sonar 2.0).
# When set to true, user will be created after successful authentication, if doesn't exists.
# The default group affected to new users can be defined online, in Sonar general settings. The default value is "sonar-users".
# Default is false.
#sonar.authenticator.createUsers: true

# (omit if you use autodiscovery) URL of the LDAP server.
# If you are using ldaps, then you should install server certificate into java truststore.
# eg. ldap://localhost:10389
ldap.url: ldap://mycompany.com

# (optional) Distinguished Name (DN) of the root node in LDAP from which to search for users,
# eg. “ou=users,o=mycompany”
ldap.baseDn: dc=mycompany,dc=com

# (optional) Bind DN is the username of an LDAP user to connect (or bind) with.
# This is a Distinguished Name of a user who has administrative rights,
# eg. “cn=sonar,ou=users,o=mycompany”. Leave blank for anonymous access to the LDAP directory.
ldap.bindDn: ADADMIN

# (optional) Bind Password is the password of the user to connect with.
# Leave blank for anonymous access to the LDAP directory.
ldap.bindPassword: ADADMIN_PASSWORD

# Login Attribute is the attribute in LDAP holding the user’s login.
# Default is ‘uid’. Set ’sAMAccountName’ for Microsoft Active Directory
ldap.loginAttribute: sAMAccountName

# Object class of LDAP users.
# Default is 'inetOrgPerson'. Set ‘user’ for Microsoft Active Directory.
ldap.userObjectClass: user

# (advanced option) See http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html
# Default is 'simple'. Possible values: 'simple', 'CRAM-MD5', 'DIGEST-MD5', 'GSSAPI'.
ldap.authentication: simple

# (advanced option)
# See
# http://java.sun.com/products/jndi/tutorial/ldap/security/digest.html
# http://java.sun.com/products/jndi/tutorial/ldap/security/crammd5.html
# eg. example.org
#ldap.realm:

# (advanced option) Context factory class.
# Default is 'com.sun.jndi.ldap.LdapCtxFactory'.
#ldap.contextFactoryClass: com.sun.jndi.ldap.LdapCtxFactory
Configuration may vary on your AD system, strongly guess system administrator may help in this issue.
For now in the time of the authentication, Sonar will ignore the password from it's own system and delegate the username and password to the active directory for authentication. Also sonar administrator must configure the role for each user independently.
After installing plugin we are ready to go for code review. On the violations tab we should see the review link as follows:
Now we can add comments on violations, by default task will assign to the author of the comment:
After creating the task we also can reassign the task to another user as follows:
All the reviews you can get from the dash board
For more screen shots you should visit this link (sonar-2-8-in-screenshots).
One shortage of the sonar code review is the lack of notification, when any comment or task assign to the users. I believe that, in future release sonar will add this notification functionality in code review.

Comments

Popular posts from this blog

Send e-mail with attachment through OSB

Oracle Service Bus (OSB) contains a good collection of adapter to integrate with any legacy application, including ftp, email, MQ, tuxedo. However e-mail still recognize as a stable protocol to integrate with any application asynchronously. Send e-mail with attachment is a common task of any business process. Inbound e-mail adapter which, integrated with OSB support attachment but outbound adapter doesn't. This post is all about sending attachment though JavaCallout action. There are two ways to handle attachment in OSB: 1) Use JavaCallout action to pass the binary data for further manipulation. It means write down a small java library which will get the attachment and send the e-mail. 2) Use integrated outbound e-mail adapter to send attachment, here you have to add a custom variable named attachment and assign the binary data to the body of the attachment variable. First option is very common and easy to implement through javax.mail api, however a much more developer manage t

Tip: SQL client for Apache Ignite cache

A new SQL client configuration described in  The Apache Ignite book . If it got you interested, check out the rest of the book for more helpful information. Apache Ignite provides SQL queries execution on the caches, SQL syntax is an ANSI-99 compliant. Therefore, you can execute SQL queries against any caches from any SQL client which supports JDBC thin client. This section is for those, who feels comfortable with SQL rather than execute a bunch of code to retrieve data from the cache. Apache Ignite out of the box shipped with JDBC driver that allows you to connect to Ignite caches and retrieve distributed data from the cache using standard SQL queries. Rest of the section of this chapter will describe how to connect SQL IDE (Integrated Development Environment) to Ignite cache and executes some SQL queries to play with the data. SQL IDE or SQL editor can simplify the development process and allow you to get productive much quicker. Most database vendors have their own front-en

Load balancing and fail over with scheduler

Every programmer at least develop one Scheduler or Job in their life time of programming. Nowadays writing or developing scheduler to get you job done is very simple, but when you are thinking about high availability or load balancing your scheduler or job it getting some tricky. Even more when you have a few instance of your scheduler but only one can be run at a time also need some tricks to done. A long time ago i used some data base table lock to achieved such a functionality as leader election. Around 2010 when Zookeeper comes into play, i always preferred to use Zookeeper to bring high availability and scalability. For using Zookeeper you have to need Zookeeper cluster with minimum 3 nodes and maintain the cluster. Our new customer denied to use such a open source product in their environment and i was definitely need to find something alternative. Definitely Quartz was the next choose. Quartz makes developing scheduler easy and simple. Quartz clustering feature brings the HA and