Ladies and gentleman, today I want to introduce you to our metrics system. We are using Sonarqube to analyse where our code lacks attention. Sonarqube is quickly set up inside a docker container (maphynn_sonarqube) and provides support for several languages. As such, typescript wich is used by our backend. But plugins can also provide metrics for other languages. We used this plugin for our frontend which uses flutter and dart. The sonar-scanners are run during the ci/ce pipline on gitlab for the dev branches. The analysis of the website is currently not working because we do not have any unittests and the sonar-scanner expects test and coverage outputs.
Now lets take a look at how metrics improved our code. I will take the app for an example. First there were approx. 900 code smells ?! What in the world have I done? … well maybe it isn’t entirely my fault… so I think the plugin for dart enables EVERY dartanalyzer rule. Some of the even are contradictory -> Use final modifier for variables that are only assigned once. OK did that, but hey don’t do it for variabels in methods… but you told me to … anyway. It also desn’t like JSON strings no idea why… Anyway after a bit of work we are down to 400ish. And I will from now on use final and write some comments.
The following is an example where I decided not to change anything:
I don’t see why I wouldn’t want do that. Sure the name of the variable implies the type but it also doesn’t hurt.
For the Api there were security issues which turned out to be the ‘hardcoded’ passwords for the api documentation so nothing to worry about.
So this is our metrics system. Hope you find this interesting and see you guys next week!
P.S. if anybody also uses sonarqube and has sucessfully activated the authentification using their gitlab, please tell me how. Somehow gitlab appends a “/gitlab” to the end of the redirecion url and it doesn’t work.
P.S.P.S. I think it might be better to set up metrics earlier when you have less code. It might be a lot of set-up in the beginning, but you won’t be overrun by things you did wrong the last year.