iT邦幫忙

0

TFVC Code Analysis and Gated Check-In with TFS 2017

1. Managed Code 程式碼分析 in Visual Studio

Visual Studio 的 Managed Code 程式碼分析有兩種, 本文件採用 FxCop 靜態程式碼分析配合閘道簽入強制簽入時進行程式碼分析

  • FxCop - 靜態程式碼分析
  • Roslyn - Build & Design time analysis (Support .NET Core)

2. Enable Static Code Analysis in Visual Studio

(1) Project (Right-click) > Properties

https://ithelp.ithome.com.tw/upload/images/20190608/20111871I3qrOBQm2p.png

(2) Code Analysis > Enable Code Analysis on Build > Select the rule set

https://ithelp.ithome.com.tw/upload/images/20190608/20111871F4NagrbbnI.png

(3) [Option] 建立自定義 Rule Sets

a. 選取 Code Analysis > Enable Code Analysis on Build > 選取 Microsoft Managed Minimum Rules > 選取 Open

https://ithelp.ithome.com.tw/upload/images/20190608/20111871MoxIT0p63v.png

b. 取消 Show rules that are not enabled, 點選 Add or remove child rule sets

https://ithelp.ithome.com.tw/upload/images/20190608/20111871jG4N6FN1qd.png

c. 新增 Microsoft Security Rules

https://ithelp.ithome.com.tw/upload/images/20190608/20111871PUucmzNltN.png

d. 將自定義的 Rule set 存檔, File > Save ManagedMinimunRules.ruleset as

https://ithelp.ithome.com.tw/upload/images/20190608/20111871U2qkP1I47R.png

e. 儲存為自定義的 Ruleset 檔案, 例如 ContosoCA2017.ruleset

https://ithelp.ithome.com.tw/upload/images/20190608/20111871WgyZ6Itpeg.png

(4) [Option] 選擇自定義 Rule Sets

https://ithelp.ithome.com.tw/upload/images/20190608/20111871aMohq9Fdz2.png

(5) 將專案重新 Build, 測試 Code Analysis 結果

https://ithelp.ithome.com.tw/upload/images/20190608/20111871wOnyk5vfvd.png

(6) 確認 Output 結果

https://ithelp.ithome.com.tw/upload/images/20190608/201118712JOdKyQZtu.png

(7) 從 Error List 點選 Code Analysis 紀錄連線

https://ithelp.ithome.com.tw/upload/images/20190608/20111871dUEbld8z7e.png

(8) 開啟錯誤說明網頁, 參考說明文件進行修正

https://ithelp.ithome.com.tw/upload/images/20190608/20111871tvWX6LU4F0.png

3. Configure Gated Check-In in Build Pipeline

閘道簽入 (Gated Check-in) 功能主要是防止有缺陷的 Code 被簽入 Repository 中, 造成共同開發者取得有缺陷的原始碼, 導致無法正常編譯. 在程式碼控制的一種策略會考慮將開發環境 (Dev), 整合測試環境(SIT), 驗證環境(UAT)與生產環境(PROD)獨立開發. 以下分支的結構範例 Dev -> SIT -> UAT -> PROD. 在過版的流程中, 當 UAT 程式碼要過版到 PROD 環境時, 可以利用 閘道簽入來確保程式碼必須要完成 Code Analysis 才能夠簽入.

https://ithelp.ithome.com.tw/upload/images/20190609/20111871U5EaI14xSH.png

(1) 建立 PROD Build Pipeline

a. 開啟 TFS, 選取 Build & Release > + New 建立 Build Pipeline

https://ithelp.ithome.com.tw/upload/images/20190608/20111871PkaupkUh7Q.png

b. 選取 Empty process

https://ithelp.ithome.com.tw/upload/images/20190608/20111871RQ8qCiAxbe.png

c. 加入以下的 Task

https://ithelp.ithome.com.tw/upload/images/20190608/201118718yatVcVM6h.png

(a) 設定 Get Sources Task: Map 部分, 請選擇 PROD, 目的是 Gated Check-in 將會以這個路徑下的檔案 Tigger 簽入檢查

https://ithelp.ithome.com.tw/upload/images/20190608/20111871hGwYeG6GcD.png

(b) NuGet restore 使用預設值

https://ithelp.ithome.com.tw/upload/images/20190608/20111871kawjYmLHaf.png

(c) MSBuild 參數需要加入 /p:RunCodeAnalysis=true;CodeAnalysisRuleSet=C:\RuleSets\ContosoCA2017.ruleset 啟用 Code Analysis, 此外需要將 專案中的 ContosoCA2017.ruleset 客製 Rule Set 複製到 Build Server 中的 C:\RuleSets 路徑

https://ithelp.ithome.com.tw/upload/images/20190608/20111871PtG2uFa1Ob.png

(d) Publish Artifact 使用以下的設定

https://ithelp.ithome.com.tw/upload/images/20190608/20111871R4hNB5ffdx.png

(2) 設定閘道簽入: 在 Build Pipeline 選取 Triggers > 設定 Trigger 為啟用狀態 > 確認 Use workspace mapping for filters 為啟用

https://ithelp.ithome.com.tw/upload/images/20190608/20111871gOVpcfKUON.png

(3) 模擬閘道簽入情境

a. 在 Visual Studio 修改 UAT 程式碼 (Views/Home/index.cshtml)

https://ithelp.ithome.com.tw/upload/images/20190609/20111871nEyFBJAeYz.png

b. 簽入 UAT 程式碼

https://ithelp.ithome.com.tw/upload/images/20190609/20111871ckEZRNhLkB.png

c. Merge UAT 程式碼到 PROD

(a) Source Control Explorer, 選取 UAT > 按滑鼠右鍵 > Branching and Merging > Merge

https://ithelp.ithome.com.tw/upload/images/20190609/20111871aJgH2b6EpK.png

(b) Target Branch 選取 PROD

https://ithelp.ithome.com.tw/upload/images/20190609/20111871PFQx6ZzfjZ.png

(c) Merge 最新版本

https://ithelp.ithome.com.tw/upload/images/20190608/20111871Z23rlHm8UP.png

(d) Finish 完成 Merge 精靈設定, 進行 Merge

https://ithelp.ithome.com.tw/upload/images/20190608/20111871BfmSd1u8SJ.png

d. 簽入 PROD 程式碼

(a) 開啟 PROD 專案, 選取 Source Control > Check in...

https://ithelp.ithome.com.tw/upload/images/20190608/20111871RAZi1RIKOm.png

(b) Check in merge from UAT

https://ithelp.ithome.com.tw/upload/images/20190609/20111871AangzMv965.png

(c) 出現 Gated Check-in 提示, 選取 Build Changes

https://ithelp.ithome.com.tw/upload/images/20190608/20111871eGgevPNIbJ.png

(d) 檢查 TFS Server 上的 Build 結果, 從 Pending Changes console 點選 here

https://ithelp.ithome.com.tw/upload/images/20190608/20111871z3VJyH6Wkh.png

(e) 從 Visual Studio Build Request Console 點選 Build Id.

https://ithelp.ithome.com.tw/upload/images/20190608/20111871nLIbZvzL6S.png

(5) 檢視 Build 結果, 可以確認 Gated Check-in 已經將 Merge 的程式碼 Build 完成 Code Analysis 並且順利 Check in 到 Repository

https://ithelp.ithome.com.tw/upload/images/20190608/201118719fhuKUmTOr.png

參考文件


尚未有邦友留言

立即登入留言