DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Coding
  3. Tools
  4. Simple Yet Effective Steps Towards Clean Code

Simple Yet Effective Steps Towards Clean Code

Developing and continuously defining clean code is made much easier with the appropriate tools, like static code analyzers.

Ali Kemal TASCI user avatar by
Ali Kemal TASCI
·
Apr. 11, 19 · Presentation
Like (4)
Save
Tweet
Share
6.61K Views

Join the DZone community and get the full member experience.

Join For Free
“Any fool can write code that a computer can understand. Good programmers write code that humans can understand.” — Martin Fowler

If we are good programmers that are willing to be better, we have to strive for writing clean code.

So what is clean code, then? It is code that is easy to read, understand, and change for our future self and others. It has meaningful and intention-revealing naming that does not force the reader to guess. It is like a good joke, in that we don't have to give a description after it. It has a good unique formatting style that is agreed by the team.

By the way, clean code doesn't happen on the first shot, so we need to adopt a mindset to improve the code that we are working on. Code review procedure is a good way to achieve this goal. Double-checking the code with different perspectives not only evolves the code to be cleaner but also helps to share the knowledge across the team. So we have to take the time for code review. In order to make this time pass more effectively, we can take some simple steps before it, like using static code analyzers.

Static code analyzers analyze the source code without running them. With static code analyzers, we can improve overall code quality, fix early stage bugs, and keep the team to the same coding standards. Besides these features, static code analyzers also help us to improve our coding knowledge as they are searching for common bugs and problems that someone experienced before us and give advice on solutions.

In this post, I wanted to share my experience on how to use static code analyzers in our development environment. As I am using IntelliJ IDEA, I will mention the plugins that I am using there. But you can also find the same or similar alternatives in your favorite IDE.

Save Actions Plugin

I suggest using the Save Actions plugin that I am using. With this plugin, we can easily do some standard actions such as reformatting our code, optimizing imports, and more right after we have synchronised (or saved) our code.

Image title

Code Inspection

When we click on “Analyze > Inspect Code” to access that menu, we can easily start a code inspection on our whole project. Code inspection detects compiling errors, code inefficiencies, unreachable or unused code, memory leaks, and spelling problems.

Image title


IntelliJ IDEA also provides quick fix suggestions for most of the detected issues. We can apply those fixes with just one click. You can find more detail here.

Image title

Image title

Image title

Image title


FindBugs

FindBugs is a defect detection tool for Java, which searches for bugs like null pointer dereferences, and infinite recursive loops. After installing the FindBugs plugin and clicking on “Analyze > Inspect Code > FindBugs > Analyze Project Files,” we can start a code inspection on our whole project.

Image title

CheckStyle

Checkstyle checks whether code adheres to established coding standards. After installing the CheckStyle plugin, we can see the issues in the code inspection results as a separate item.

Image title


SonarLint

SonarLint checkx for quality issues. SonarLint also provides comprehensive documentation about the issues, giving explanations, links, and both compliant and noncompliant examples. You can find details about the rules here, which also help us improve our coding knowledge.

After installing the plugin and clicking on “Analyze > Inspect Code > Analyze All Files With SonarLint,” we can start code inspection on our whole project. We can also configure the plugin to analyze our code just after writing.
Image title


SonarQube

While SonarLint lives only on the IDE and can give instantaneous feedback, SonarQube is a central server that processes full analyses which need to be triggered by the various SonarQube scanners. Its purpose is to give a vision of the quality of our code base. If we want to use SonarQube in our local environment, we can download it or use its Docker image to start the server. Either way, after starting the SonarQube server, we have to login to the server at http://localhost:9000 with credentials "admin/admin," add our project to the server, and then we have to build our project with the parameters provided by the SonarQube server.

Image title

Image title


If we don’t want to deal with the steps above, we can also run a code inspection extremely simply. In order to do that we should save the "docker-compose.yml” file below into our project’s root directory and at the same directory as therun docker-compose up command. Notice that we have to have Docker installed in our local environment. I am using Maven in my project, but you can change the bash command in the file according to your needs.

docker-compose.yml

version: "3.1"

services:

  analyzer:
    image: maven:3.6.0-jdk-8-alpine
    working_dir: /usr/src/app
    restart: on-failure
    volumes:
      - ./:/usr/src/app
      - m2_repo:/root/.m2
    command: >
      bash -c "mvn clean install \
               -Dsonar.host.url=http://sonar:9000 \
               -Dsonar.login=admin \
               -Dsonar.password=admin \
               sonar:sonar"
    depends_on:
      - sonar

  sonar:
    image: sonarqube
    restart: on-failure
    ports:
      - "9000:9000"
    volumes:
      - sonar_cache:/root/.sonar/cache
      - opt_sonarqube:/opt/sonarqube

volumes:
  m2_repo:
  sonar_cache:
  opt_sonarqube:

After analysis finishes, then we can open http://localhost:9000/issues?resolved=false to see the detail about issues without logging in.
Image title


If you install Docker Integration Plugin you can add docker-compose run configuration and after that you can start a Sonar analysis with one button click.

Image title

Image title


In this post, I have tried to share my experience on clean code and static code analyzers that I am using in my local environment. I hope you enjoyed it. It would be appreciated if you could share your experiences, too.

intellij

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • What Was the Question Again, ChatGPT?
  • A Brief Overview of the Spring Cloud Framework
  • API Design Patterns Review
  • How To Check Docker Images for Vulnerabilities

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: