Coding “DevOps Workshop Learning Camp” is going on!

Here, you can easily practice the whole process of DevOps, experience efficient development in the cloud, and win beautiful gifts — the second phase of the grand prize “Dell U2718Q Display” will be open on December 3rd, please go to CODING as soon as possible, complete the task and participate in the draw. IPad Pro, HHKB keyboard and Bose headset are all available! You can also explore new ways of doing it in the Coding Best Practices series.

“Enterprise Workshop learning camp activities link https://workshop.coding.io click on the direct, open in PC browser experience is better

Next, start reading the best practices of code scanning for CODING management capabilities.


By analyzing the source code in the code warehouse, CODING scanning can find the hidden code defects, security loopholes and non-standard codes in time.

  • Code Scanner is currently integrated with dozens of tools, thousands of rules, support more than ten common development languages, in function, security, performance, availability, code specifications and other dimensions to find vulnerabilities in your code and provide suggestions for modification.
  • The responsible person will automatically assign the problem code submitter, and the problem code can be closed by itself after repair to realize the closed-loop processing of the problem.
  • In order to facilitate your use, the system is built in a variety of recommended scanning schemes, but also support you to customize.
  • Support for automatic code scanning: You can set up trigger rules to specify the appropriate time to automatically perform a code scan, such as when merging requests.
  • Supports full or incremental scans of multiple branches of the warehouse.

Practice – Assist in code review

In order to control the quality of the project in the development collaboration of the team, it is recommended to conduct code review in the merge scenario. However, it often takes a lot of time and energy to use only manual review. Code scanning can be used to automatically scan the source branch and generate scan results, and automatically intercept the merging of problematic codes according to the scan results, so as to prevent the target branch from being polluted and improve the efficiency of code review.

Configure the scan task

New Scan Task

Scanning tasks can be created by selecting the repository and branch to control code quality, as well as the scanning scheme to be used.

Configure trigger rules

Click Settings in the Scan task, and then click trigger rules to see the code repository trigger Settings.

Configuration quality access control

After opening, it is recommended to set the threshold value of fatal problems and error problems to 0, which are generally serious vulnerabilities that affect the stability and security of the system.

When the “Control Merge Request” switch is turned on, all merge requests for this branch must pass quality access control before being allowed to merge, regardless of whether the branch is protected or not.

How can code scanning be used to aid code review

The merge request triggers a scan

After configuring the scanning task of the branch as described above, the “Control Merge Request” will be opened. When creating a new merge request to the branch, the code scan will be automatically triggered. If the branch fails to pass the quality access control, it will automatically intercept and prohibit the merge.

You can see the problem overview, problem report in the merge request details for code quality.

View the problem report

Click to view the problem report, and you can see all the problems after this scan. Each problem has its corresponding files, matching rules, problem levels and other contents.

View problem details

Click “View the problem” to see the location of the problem and the cause of the error. Click “Repair Suggestions” on the right to see the cause of the problem and assist in the repair.

Example: SQL injection warnings

Fix the problem and push again

It is recommended to fix the scanned problems in order of the problem level. After the local fix is completed, it can be submitted to the source branch, which will automatically trigger the code scan.

conclusion

By configuring code scanning in the above way, the team can effectively control the quality of the code in the scenario of merging requests, and improve the efficiency and enthusiasm of the team in reviewing the code, thus improving the engineering quality of the whole team.

  • For submitters, a code scan can detect their problems in advance and fix them in time to avoid the rejection of the merge request.
  • For reviewers, code scanning can not only assist code review by scanning results, but also automatically block the merging of problem code.
  • For the team, code scanning can be used to detect problematic code in advance in daily work, improve the efficiency of code review, and reduce the risk of project delivery online.

Click to the event, “DevOps Workshop Learning Camp” Grand Prize for you to win!