PMs needs to evaluate the progress, quality to adjust in time, Dev needs a system supporting to code, auto-check checklist, QA needs a system tracking which is deep and accessible enough as possible… All problems can be solved with CI/CD.

Manufacturing automation is not a new concept in manufacturing in general and in software industry in particular, FPT Software is originally proud to be a leading IT enterprise, still extraordinarily works traditionally.

Everyday Devs still code and submit to source control, or get source to edit to build the source and then set up for testers to test. When Bu Leader asks about the status of the project then, quality code, whehter the project covers all the checklist of customers or not? Then everything is like a matrix, and the answer is always just: Stabilize, be able to keep the pace, no strange issues. But actually it is hard to say. While managers need timely and realtime reports about the status of the project, especially the quality of the project.

What is CICD/CQM?

CI/CD model

CICD stands for The Continuous Integration & Continuous Deployment/ Continuous Delivery.

Continuous Integration (CI): Frequently updating results with other members will accelerate the completion of the product as soon as possible, and will help control the situation through the functional nodes (UT, CQM,…) that make the product stable with the best quality possible.

Continuous Deployment (CD): Is the concept which is closely related to Continuous Integration, Continuous Deployment helps deploy the application at any time and then automatically releases a new version on the test environment or production if the build passes all previous nodes. By that way, if any failures occur in build process (CQM) or test cases (UT, IT, ST) Dev will be able to easily identify the error and fix it more efficiently.

Continuous Delivery: As Continuous Deployment, the project can be deployed at any time. However, this does not mean that it can ensure that the application can be deployed securely on the production environment. Since there is usually a difference in how the application is configured between the production environment and the test environment, it will stop and not deploy on the production environment.

Code Quality Management (CQM): A solution developed by TQA to control sourcecode quality better including: analyze static code, count source, find faults including logic, security, convention, quality reporting system. CQM with a combination of powerful tools and defined processes helps reduce maintenance costs and ensures that software can be modified while retaining long-term effectiveness. CQM makes source code quality measurable, identifies areas at risk and proposes solutions to improve code quality. Indicators selected and measurements based on automatic or semi-automatic instruments are performed. When the indicators are given, managers have an overview of the quality of the source code. Programmers are provided with detailed information identifying bugs or dangerous issues in the source code.

Solution of build CQM includes 3 tools :

Jenkins: Jenkins is an automation software, open source and written in Java. Jenkins automates processes in software development, now referred to as Continuous Integration (CI), and is also used in Continuous Distribution (CD). Jenkins is the software in form of server, runs on servlet platform with the support of Apache Tomcat. It supports most popular source code management software such as Git, Subversion, Mercurial, ClearCase. Jenkins also supports Shell and Windows Batch code, and runs codes of Apache Ant, Maven, Gradle… Released under MIT license, Jenkins is freeware.

Jenkins operating model

SonarQube: SonarQube is an open source platform to control the quality of programmed code. Sonarqube helps programmers check their code, if there are any violations or a risk of coding convention, it will help us alert and make suggestions to correct no more 3 clicks.

The map combines Sonar and Jenkins 

Coverity: Coverity is a brand of software development products from Synopsys, mainly including code analysis. These tools allow engineers to find bugs and vulnerabilities, code logic,…in source code written in C, C ++, Java, C #, JavaScript and some other languages.

Dashboard with all information of CQM

CQM gives statistics and detailed report on the following issues:

  1. Demonstrate architecture and system design through directory tree level.
  2. Report the number of code and file duplicated
  3. Report on Unit test situation.
  4. Assess complexity of functions, classes, files …
  5. Demonstrate the issues in the code divided into levels: blocker, critical, major … and estimate the time it takes to solve.
  6. Report the number of document and comments in the code.
  7. Generally assess the quality of the project based on the SQALE method.
  8. Calculate the number of line of codes, number of functions, files, folders …

Currently CICD/CQM solutions have been widely deployed all over FPT Software and received a strong response from the production unit. With the strengths such as low cost implementation, realtime code support, visual reporting,…CICD/CQM will be an important component to improve the overall quality of the project and make it easier for FPT Software to conquer target of 1B2020.

Bui Quang Hieu – FPT Software

Related posts: