STATIC CODE ANALYSIS @ EVENTIM - PowerBuilderSTATIC CODE ANALYSIS @ EVENTIM PBUGG 2019 | Frankfurt,...
Transcript of STATIC CODE ANALYSIS @ EVENTIM - PowerBuilderSTATIC CODE ANALYSIS @ EVENTIM PBUGG 2019 | Frankfurt,...
Uwe Lappöhn | CTS EVENTIM
STATIC CODE ANALYSIS @ EVENTIM
PBUGG 2019 | Frankfurt, May 20th & 21st
2
PURPOSE OF STATIC CODE ANALYSIS
COMPANY PROFILE
TOOL 1: SONARQUBE
AGENDA
OUR MOTIVATION
TOOL 2: SOTOARC
3
3
• Market Leader in Ticketing & Live Entertainment in Europe
• Proprietary Development
• Operating in 20+ Countries
• Growth from von € 15 Million (1999) to € 1.2 Billion (2018)
• Specialized Systems for Specialized Segments
COMPANY PROFILE
4
EVENTIM.INHOUSE
5
EVENTIM.INHOUSE
6
EVENTIM.INHOUSE
7
EVENTIM.INHOUSE
8
EVENTIM.INHOUSE: TEAMS
Scrum
Master
Product
Manager
Product
Manager
DEV & QA
Architect
FOCUS-TEAMS
ONLINE
LOGIC
NUMBERS Architect
9
PURPOSE OF STATIC CODE ANALYSIS
COMPANY PROFILE
TOOL 1: SONARQUBE
AGENDA
OUR MOTIVATION
TOOL 2: SOTOARC
10
WHAT‘S THAT?
… static because the program analyzed does not need to be executed
… white-box approach
… works tool-based
… can be integrated into a build pipeline
STATIC CODE ANALYSIS: DEFINITION
11
AND WHAT‘S THAT FOR?
… helps to understand the code structure
… checks coding standards
… finds code smells
STATIC CODE ANALYSIS: PURPOSE
12
PURPOSE OF STATIC CODE ANALYSIS
COMPANY PROFILE
TOOL 1: SONARQUBE
AGENDA
OUR MOTIVATION
TOOL 2: SOTOARC
13
STATIC CODE ANALYSIS: OUR MOTIVATION
14
STATIC CODE ANALYSIS: OUR MOTIVATION
15
STATIC CODE ANALYSIS: OUR MOTIVATION
16
WE NEED IT BECAUSE
… we constantly want to improve the quality of our code.
… our team grew (from 6 to >20) and grows
… we want to avoid code smells
… we started a project to renew our software architecture
N-tier
C#
Domain Driven Design
STATIC CODE ANALYSIS: SUMMARY
17
PURPOSE OF STATIC CODE ANALYSIS
COMPANY PROFILE
TOOL 1: SONARQUBE
AGENDA
OUR MOTIVATION
TOOL 2: SOTOARC
18
SONARQUBE AND POWERBUILDER?
20
WHAT WE DID TO MAKE IT WORK
… created a plugin that uses PowerScript as grammar
… implemented rules using the new grammar
… integrated the plugin into Sonarqube
SONARQUBE
26
PURPOSE OF STATIC CODE ANALYSIS
COMPANY PROFILE
TOOL 1: SONARQUBE
AGENDA
OUR MOTIVATION
TOOL 2: SOTOARC
27
WHAT IS THAT THING?
Visualizes the static structure of a system
Helps to understand the structure
Helps to model a target architecture
Performs a conformity check
Checks and detects where the code is not compliant
Simulates potential restructurings and their effects
SOTOARC
28
SOTOARC AND POWERBUILDER?
SOTOARC
29
https://www.hello2morrow.com/products/sotograph
SOTOARC
30
WHAT WE DID
… we took a stable and relatively invariable package →
ACCESS CONTROL
Performs the interaction between INHOUSE and ACCESS CONTROL
SOTOARC
31
EXAMPLE
32
EXAMPLE
33
WHAT WE DID TO MAKE IT WORK
… ZKS-Service is coded in Powerbuilder
… C# will be generated with PB.Net from Powerscript
… C# is deployd on IIS
… generated C# code is base for SOTOARC
SOTOARC
34
Start SOTOARC with original code structure
SOTOARC
35
EXAMPLE
36
EXAMPLE
37
EXAMPLE
38
EXAMPLE
39
EXAMPLE
40
EXAMPLE
41
After the restructuring with SOTOARC
SOTOARC
42
EXAMPLE
43
EXAMPLE
44
EXAMPLE
45
EXAMPLE