Sonar, simply to manage the code, it supports Java C C + + and other languages, integrates
1, unit testing, including calculation lines, branch coverage, and so on
2, vulnerability, bug Scan, this scan can be findbugs, security and other vulnerability rules are configured in, and then scanned, scan results according to the vulnerability level classification
3, 4, 5 、...... There are many
Because I'm primarily responsible for unit testing and vulnerability scanning, I'm going to write about these two pieces of content later.
In addition, because of our unit testing and vulnerability scanning every day to do one and more, but also to push the results of the mail to the big boss, so timed to trigger these scan tasks will be given to Jenkins to do, this thing Baidu said
Jenkins is an open source software project designed to provide an open and easy-to-use software platform that makes continuous software integration possible.
Jenkins is a continuous integration tool based on Java development for monitoring continuous duplication of work, including: 1. Continuous software release/test project. 2. Monitor the work performed by external calls. Well, next time, write the implementation of the Unit test.
Talking about Sonar