Hi, I am currently involved in the Development Governance project for C5. As to increase the quality of the products, we are planning to introduce some maven plug-in based mechanism to validate rules. Validations related to C5 components are done by Uvindra and I am trying to extend this to be used in the web services and web applications.
In my initial research on this and discussions I had with some people involved in the C5 development I found out that most of the validations that are needed for C5 admin web services are same as that of the C5 components, except for some additional validations to check whether, i. Proper annotations in the code ii. All admin services use secure connections - There might be a lot of other custom validations, that will come up when designing and developing the RESTful services for C5. According to the above requirements it seems most of the requirement are related to source code analysis. To do that we can use SonarQube[1] like tool. Our maven plug-in is intended to do validations in POM.xml level. But we can try to trigger a SonarQube job in maven. But I thing these two should be separate processes. So my suggestions are to: i. Use Sonar like tool to analyze the code related to web services and applications. ii. We can even use a central SonarQube to analyze whole code base, and attach it with Jenkins(when it arrives). So that we have a complete code analysis on our whole code base. We can include the relevant link of SonarQube project to our Development Governance portal. So that anyone interested can have nice view of the state of the project. If we need additional validation in the code we can add it as a rule in the SonarQube[2]. I believe it make more sense to add code validation logic as SonarQube rules than trying to integrate code validation rules in the maven enforcer plug-in. Please comment on this approach, raise any concerns and suggest any validation rule that you think we should have. [1] http://nemo.sonarqube.org/dashboard/index/176190 [2] http://checkstyle.sourceforge.net/config_annotation.html Thanks, *Jayanga Dissanayake* Senior Software Engineer WSO2 Inc. - http://wso2.com/ lean . enterprise . middleware email: [email protected] mobile: +94772207259
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
