|
|
|
|
|
|
|
|
|
|
Static Code Analysis in the Context of DevOps and Continuous Integration |
|
|
|
|
|
|
|
|
|
|
|
Dr.
Daniel Simon, Head of
Professional Services
at Axivion answers some of the
most frequently asked questions regarding DevOps and
Continuous Integration:
|
|
|
|
|
|
- Why does modern software development increasingly rely on CI /
DevOps?
“Automate what can be automated. And thus also free up valuable human resources for the tasks in which they can be used best – developing new things.
Early error detection, scalable environments and reproducible, transparent development processes with quality gates and systematic reviews – these are advantages
that CI and DevOps add in the course of professionalising software development.”
|
|
|
|
|
|
- What requirements for tools result from the variety
of tools for the integration?
“If tools are stages in a chain of process and development
steps, there are corresponding requirements for
interoperability. The tools must be able to be used
interactively on the developer’s workplace as well as
“headless” in a distributed or cloud-like development
IT. In the case of commercial tools, attention must be
paid to suitable licensing models and mechanisms.”
|
|
|
|
|
|
- How can Static Code Analysis be integrated?
“Ideally, Static Code Analysis is used for the quality
gates in development. The required automated reporting
must be available for this to relieve the reviewers of
repetitive and machine-solvable tasks. Beyond the CI,
the reviews must also be usable locally by the
individual developers to avoid unnecessary iterations
through the CI. Scalability is an important point –
meaning both, fast and targeted as well as appropriately
prepared feedback.”
|
|
|
|
|
|
|
|
|
|
|