CODING “DevOps Workshop Learning camp” is on fire!
Here, you can easily practice the whole DevOps process, experience efficient cloud development, and win beautiful gifts — the second phase of the grand prize “Dell U2718Q Display” will be drawn on December 3, please go to CODING as soon as possible, complete the task and participate in the draw. IPad Pro, HHKB keyboard and Bose headphones are all available! You can also explore more new gameplay in the CODING Best Practices series.
The “DevOps Workshop Learning Camp” event is linked to Workshop. Coding. IO, which can be opened in a PC browser
Next, start reading this “code scanning” best practices for CODING Code management capabilities!
By analyzing the source code in the code repository, CODING scan can find potential code defects, security holes and non-standard code in time.
- Code scan internal currently integrates dozens of tools, thousands of rules, support more than a dozen commonly used development languages, can be in the function, security, performance, availability, code specifications and other dimensions to find vulnerabilities in your code and provide suggestions for modification.
- The responsible person will automatically assign the problem code subcontractor, and the problem code can be closed after being repaired, so as to realize the closed-loop processing of the problem.
- In order to facilitate your use, the system built in a variety of recommended scanning solutions, but also support you to customize.
- Support for automated code scans: You can set triggering rules to specify when appropriate, such as when a request is merged, to automate code scans.
- Full or incremental scans of multiple branches of the repository are supported.
Practice – Assist code review
In team development collaboration, code reviews are recommended in merge scenarios to control project quality. However, it often takes a lot of time and energy to use manual review. Code scan can automatically scan source branches to generate scan results, and automatically intercept the integration of problematic codes according to the scan results, so as to prevent the target branches from being contaminated and improve the efficiency of code review.
Configuring a Scan Task
Creating a Scan Task
A scan task is created by selecting the repository and branch that you want to control code quality and the scan solution you want to use.
Configuring triggering Rules
Click Settings in the scan task and tap on trigger rules to see the repository trigger Settings.
Configure quality access control
After this function is enabled, you are advised to set the threshold of critical problems and errors to 0. These are serious vulnerabilities that affect system stability and security.
After the control merge request switch is enabled, all merge requests that are merged into the branch, regardless of whether they are protected branches, can be merged only after passing the quality control.
How can code scanning be used to assist code review
The merge request triggers a scan
After the scanning task of the branch is configured as described above, “Control merge request” is enabled. When creating a merge request to the branch, code scanning will be automatically triggered. If the merge request does not pass the quality access control, it will automatically intercept and prohibit the merge.
In the merge request details, you can see the problem overview, problem report to get an idea of code quality.
Viewing a problem Report
Click to view the problem report. You can view all the problems after the scan. Each problem has its corresponding file, matching rule, and problem level.
View problem details
Click to view the problem, you can see the location and cause of the problem. Click the repair suggestion on the right to view the cause of the problem and help repair it.
Example: SQL injection warning
Fix the problem and push it again
You are advised to fix the detected problems according to the problem level. After the local repair is complete, you can submit them to the source branch to automatically trigger code scanning.
conclusion
Configuring code scanning in this way helps the team effectively manage code quality in the scenario of merging requests, and improves the efficiency and motivation of the team for code reviews, thus improving the overall project quality of the team.
- For submitters, the code scan can detect their problems in advance and fix them in time to avoid rejection of the merge request.
- For reviewers, code scanning not only AIDS code review with scan results, but also automatically intercepts the inclusion of problematic code.
- For the team, code scanning can be used to find the problem code in advance in daily work, improve the efficiency of code review, and reduce the risk when the project is delivered online.
Click to the event and win the “DevOps Workshop Learning Camp” prize!