SonarQube — Scientific way to look at things. Does your code smell?

Refactoring your code is kind of necessary look back process. Especially when you start your startup in stealth mode, maybe your code review, design patterns are not primary focus- just get it done way of approach. Down the line when you feel your coders are facing challenges with regression, the code is not so generic then you have to take some decisions.

Its never late, so let's look at things now. I felt too, writing and making changes was not so easy. you can look at some piece of code and analyze how to code or bad it has been written. So we started looking at things in our way and implemented code quality check with SonarQube and it was very precise and clear report in front of us :

This was the first report card we had from a code perspective but it was completely scientific. Usually, when people think about code quality it comes very anonymously and unstructured but a tool like sonarQube has solved this problem in a very precise way.

Now let's talk on each point

(A) Bugs: 2k

So what is this 2k bugs

Having low score is another perspective of things to look at is — Scope of improvement is there. We started analyzing we had 2000 lines where it identified as a bug — An issue that represents something wrong in the code. If this has not broken yet, it will, and probably at the worst possible moment. This needs to be fixed Yesterday.

I got a list if all bugs now how I needed was to look into detail. If you can see for each file reference Sonar says :

(A). Type of severity — Major/Blocker/Critical.

(B). What would be an effort — in minutes

(c ). Is it assigned to someone — you can assign from here

(D). When this code was written

Now if you click on any list then you will get the detail of the code

Very well example, programmer forgot to consider this situation assigning the same variable, now sonar tells us this is not cool. We assigned to among us and started fixing these all.

(B). Vulnerabilities-

As a standard, our code config and related IP and another config should not be in Developer code repository. The standard approach for deployment through AWS Code config to be used. Here we solved the problem using CodeCommit, AWS CodeBuild, AWS CodePipeline, and AWS CodeDeploy, and AWS Code Config.

(C ). DEBT — 177 Days

Total 177 man-days effort required to pass SonarQube audit. We tech team took initiative and working 3 days in a sprint ( out of 10 days) on fixing these all + We also doing some hackathon to solve things together.

(D). Code Smells -

So as per PIP convention and ECMA 6 convention our code repository has 7700. What does it mean is — A maintainability-related issue in the code. Leaving it as-is means that at best maintainers will have a harder time than they should be making changes to the code. At worst, they’ll be so confused by the state of the code that they’ll introduce additional errors as they make changes.

We checked in Nicobar because reflection is the key thing. It's good to know — where we are. If we are good at reflection, self-realized, wish to be perfect we can plan and execute things. We as a team are doing our best to become best. our tech aspiration is high and we want now to set up a good code review, peer review, code coverage process in our CI/ CD. SonarQube is one of the good tools we opted and fixed the things.

join us to be a part of solid tech journey, write us at techteam@nicobar.com