software

.Net Source Code Quality Tools - Part 3: Analyzing Code

Jun 20, 2012
Analyzing Code - (Continued from Part 2)
There are several tools that allow Hudson to collect output from quality metric rules and then show them for every build and then the results can displayed in a trend graph.

When building a .Net Project, is recommended to use FxCop. This is a free static analysis tool from Microsoft that allows analyzing managed code assemblies against more than 200 different possible coding standards violations in the following areas:

  • Correctness
  • Library design
  • Internationalization and localization
  • Naming conventions
  • Performance
  • Security

Many of the issues concern violations of the programming and design rules set forth in the Design Guidelines, which are the Microsoft guidelines for writing robust and easily maintainable code by using the .NET Framework.

This tool could be useful to developers to adapt them and get used to the .Net Framework development best practices and coding standards.

To install this tool, you have to go to the Microsoft Windows SDK folder, generally located at “%ProgramFiles%\Microsoft SDKs\Windows\v7.0A and find the “FxCop” folder that contains the installer.

Once installed, this tool offers both, graphical and command line interfaces, this last one is the one we will use as part of the automated build process.

 

Configuring FxCop in Hudson

Go to the project “Configure” page and under the Build section click the “Add build step” button and select “Execute Windows batch command”.

Fill in the “command” filed with the command parameters depending on how you like to execute the tool, as:

"%ProgramFiles%\Microsoft FxCop 1.36\FxCopCmd.exe" /file:"HudsonQualityTools\bin\Release\*.dll" /out:fxcop-result.xml /console

More information about the FxCopCmd and its parameters visit Using FxCopCmd.

This command will execute the FxCopCmd command and check the .dll files found in the “Release” folder. Besides it will record the results in a file named “fxcop-resul.xml” and display those results in the console.




To finish, check the “Report Violations” check box under the “Post-build Actions” and set the fxcop field to: “fxcop-result.xml”.




Save the changes and build the solution. Then check the Build to get a summary and check the state of the solution.




And then click on the graphic to get a more detailed version of the solution analyzed by FxCop.




To step into the reported violations, click on any of the files listed on the lower part of the site.



And there we will have access to the violations and the codes where it has occurred.




We can integrate Hudson to show those issues into an issue tracking solution as JIRA by installing the plug-in from the “Plugin Manager” and configuring it on the “Manage Hudson” menu option.

This allows the submitter and watchers to quickly find out which build they need to pick up to get the fix. Besides hudson can update JIRA issues with backpointers to builds by cheching the “Update relevant JIRA issues” check box under the “Post-build Actions” in the “Configure” section.




In conclusion there are several good tools in store to ensure the .Net source code quality along the entire software development process, and Hudson is one of them, having a vast variety of easy to install and use plug-ins to automate tasks and make the development process more efficient. As shown above, it does not take too much configuring effort to start building a project using Hudson. The best approach to measure the source code quality is to start building the project, and then focus on running unit tests and other quality metrics so you can monitor the quality progress on your project.