Setting Up and Using CodeScan Effectively

Set up and use CodeScan effectively on the Salesforce platform

Running CodeScan on your Salesforce Org is a great first step towards quality code, but maintaining that quality is a different story. Here are some tips to get you set up and using CodeScan effectively.

Create your own Quality Profile

Creating a custom Quality Profile in line with your organization’s code quality standards is very important. A good Quality Profile utilises the rules you want enforced at the severity levels you set to provide an accurate overview of the health of your code base as soon as you open your project. The amount of rules to be enforced is also a factor. If a Quality Profile has too many violations, they may be ignored and seen as annoying. Too few rules and important issues may slip past. It is very important to find a balance between the two.

Different projects can also be assigned different Quality Profiles to provide project specific checks.

Create your own Quality Profile on the CodeScan platform

Create your own Quality Gate

Your Quality Gate provides a pass or fail rating for your project. This rating can be determined by any conditions you choose. For example, if your project’s test coverage is an issue, add a condition to fail a project with code coverage below 75%. Using the Quality Gate you can see at a glance if your project is of a quality that you require, and if not, why.

Create your own Quality Gate on the CodeScan Platform

Use the Leak Period

The Leak Period allows you to track new issues in your project and can be set to show the issues created since a particular date or version. The Leak Period is very useful for keeping track of new issues that arise as development progresses.

More information on setting the Leak Period is available here.

Setting the Leak Period on the CodeScan platform

Use an IDE with the CodeScan Plugin

Being able to track and fix your issues as you create them speeds up the quality check process immensely. We offer plugins for VS Code, Eclipse and IntelliJ to help you do just this.

More information on our IDE plugins is available here.

Using an CodeScan with IDE Plugins

Continuous Integration

Continuous integration is a must to stay up to date with the health of your code base. Tools such as Jenkins can help schedule your scans from your Salesforce Org or your Git repository.

More information about setting up Jenkins projects for CodeScan is available here.

More information about using Jenkins with Git is available here.

Branch Functionality

Branch functionality allows you to track your feature branch or sandboxes issues in relation to your master or production branch. CodeScan Cloud has this functionality built in.

You can learn more about branches on CodeScan Cloud here.

A Branch plugin is available from SonarQube™ as part of their Developer Edition for those running CodeScan Self-Hosted.

Develop high quality, secure code!

RELATED BLOG POSTS
Estimating ROI with CodeScan
Estimate ROI using static code analysis tool CodeScan

Every Software Development Professional knows the following fact: the later bugs are found, the more expensive they are to fix. Read more

SFDX Tutorial | Setting Up CodeScan
CodeScan with Salesforce DX

Salesforce DX is a new focus on source-driven, collaborative development. The Salesforce CLI (Command Line Interface) easily integrates into your Read more

CodeScan and Visual Studio Team Services
continuous integration visual studio

Visual Studio Continuous IntegrationVisual Studio Team Services (VSTS) is a quick and powerful tool to set up continuous integration and Read more

Ntegro Static Code for Agile Methodologies
static code analysis tool for agile methodologies

To keep pace with customer demand and time to market expectations, Agile methodology has become more common and necessary among Read more