Static Code Analysis
Contents
Static Code Analysis is a testing methodology that tests software's source code, without actually running the program. Aspects checked by static analysis are: syntax correctness of source code, compliance with formatting guidelines, correctness of algorithms, probable bugs, presence of a proper code documentation.
gCube System exploits the ETICS building tool to carry out static analysis of code. Indeed, ETICS System offers to its users the capability of running a large set of static code analysis tools during ETICS builds. This is made possible by the ETICS plugin mechanism: users choose the set of plugins to run during builds of their project and ETICS will run those plugins at every build; reports of plugins executions will be made available along with other build reports. In particular, gCube project in ETICS is configured to run two famous static code analysis tools for java software:
Checkstyle
Checkstyle tool is automatically run by ETICS at the end of each gCube integration build (see Continuous Integration procedure and reports are published in BTRT along with other reports. Checkstyle reports are used as input for the Documentation Validation procedure.
The default checkstyle configuration used is on the subversion repository at:
http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/javadoc-checks/javadoc_checks.xml
It checks gCube components against official Javadoc Conventions [1], the presence of methods and class javadoc documentation, some programming best practice.
It is possible to customize the behaviour of checkstyle for each gCube component. If the file checkstyle-config.xml is found in the component's home, then that file will be used as Checkstyle configuration file instead of the default one.
Findbugs
Findbugs is run by ETICS for each gCube component built during integration builds. The default configuration is used unless a findbugs.xml file is found in the component's home with a custom configuration. Further fine-grain configuration can be done by defining following properties in the component's configuration (source[2]):
- findbugs.lib.location: Directory containing the external libraries (JAR files) to execute the analized code. Default is ${src.location}/lib then ${src.location}/endorsed and then ${stageDir}/share/java
- findbugs.jar.location: Directory containing the JAR files to be analyzed. Default is ${src.location}/jars or if not existing ${src.location}/build/jars
- findbugs.bug.codes: Comma separated list of bug codes to be used in the analysis
HTML reports generated by Findbugs are automatically published in BTRT