Monday, 31 August 2015

Sql Static Code Analysis (revisited)

Static Code Analysis.

You may remember my opening gambit in a post about SSDT code analysis talking about coding standards back in May 2014 (but most probably not)  It went something like....
Coding standards (and more latterly styles) in any organisation of any size are liable to incite religious wars and makes zealots out of even the most considered or apathetic of us.   Inconsistency and subjectivity,  lack of enforcement and heavy handedness all contribute to the contempt often levelled at them... blah blah

Contributing to solving the problem.

As part of one of our projects we had some funding to invest some time  and dev into SQL static code analysis, after researching what was available we had the green light to incorporate analysis written to leverage the SSDT code analysis framework into our own CI/CD ALM framework.  The appetite for this waned somewhat with the DB community having their own take on what they wanted to use, but the code lives on and some small bits of work continue to be done on it, when possible. 

Anyway, permission was given to publish our efforts.  I wasn't the sole contributor but continued/continue to run with what we had, looking to match , at least, the capabilities of other offerings in the arena but also crucially trying to ensure quality- by providing what amounts to integration testing -   and some time-saving features to developing code analysis rules.  The source code for all of this work is now published on GIT (with permission),but can be used as a basis for your own SQL static code analysis needs. 

It incorporates the work we did as well as the adoption and adaptation of the testing framework suggested by the SSDT code analysis team themselves.  

The code lives in a Visual Studio solution (initially written in VS2012) and is written in C#,  it was written against SSDT March 2014 however there are subsequent updates to SSDT currently at SSDT June 2015

You can find it here: Git repo

Hopefully it might provide you with a start to your own custom analysis needs. 

No comments:

Post a Comment