CodeScan Best Practices
Will O'Brien posted this on April 10, 2018
Running CodeScan on your Salesforce Org is a great first step towards quality code, but maintaining that quality is a different story. Here are some tips to get you set up and using CodeScan effectively.
Create your own Quality Profile
Creating a custom Quality Profile in line with your organization’s code quality standards is very important. A good Quality Profile utilises the rules you want enforced at the severity levels you set to provide an accurate overview of the health of your code base as soon as you open your project. The amount of rules to be enforced is also a factor. If a Quality Profile has too many violations, they may be ignored and seen as annoying. Too few rules and important issues may slip past. It is very important to find a balance between the two. Different projects can also be assigned different Quality Profiles to provide project specific checks.
Create your own Quality Gate
Your Quality Gate provides a pass or fail rating for your project. This rating can be determined by any conditions you choose. For example, if your project’s test coverage is an issue, add a condition to fail a project with code coverage below 75%. Using the Quality Gate you can see at a glance if your project is of a quality that you require, and if not, why.
Use the Leak Period
The Leak Period allows you to track new issues in your project and can be set to show the issues created since a particular date or version. The Leak Period is very useful for keeping track of new issues that arise as development progresses.
More information on setting the Leak Period is available here.
Use an IDE with the CodeScan Plugin
Being able to track and fix your issues as you create them speeds up the quality check process immensely. We offer plugins for VS Code, Eclipse and IntelliJ to help you do just this.
More information on our IDE plugins is available here.
Continuous integration is a must to stay up to date with the health of your code base. Tools such as Jenkins can help schedule your scans from your Salesforce Org or your Git repository.
More information about setting up Jenkins projects for CodeScan is available here.
More information about using Jenkins with Git is available here.
Branch functionality allows you to track your feature branch or sandboxes issues in relation to your master or production branch. CodeScan Cloud has this functionality built in.
You can learn more about branches on CodeScan Cloud here.
A Branch plugin is available from SonarQube as part of their Developer Edition for those running CodeScan Self-Hosted.