
Introduction and Welcome to the course.
Understand why to standardize coding style and its benefit
Indroducing checkstyle. Understand how it works.
Create your own template by tailor it from Google's Checkstyle template
Install plugin in IDE
Run Checkstyle scan
Fix Checkstyle violations in IDE
Enforce Checkstyle scan at build phase by install maven plugin in pom file.
What can test coverage bring us?
How financial companies deal with test?
How to visualize test coverage?
Unit test with JUnit5
How Pact works
Why comprehensive code inspection?
Install Sonarqube server
Fix the issue where test coverage is 0.0% when connecting Sonarqube server with project.
Install Maven plugin in pom file
Indroduction to Sonarqube matrix.
How to install Intellij plugin for Sonar. i.e SonarLint.
Run Sonar code inspection.
Fix code smell with Sonarlint IDE plugin
How to comment, resolve issue
Indroduction to Quality Gate
Indroduction to Rules
Indroduction to Administration Jacoco path
Understand why vulnerability scan is required
Indroduction to OWASP
Introduce NexusIQ
Server Installation
Fix vulnerability issue in IDE
Course review.
Mindset for Code Quality as a Practice.
The course streamlined most common industry level good practices in Financial Institutions for code quality improvement during development and CICD phases.
There are four main sections.
Coding Style Standardization. Explain why it's important to consent the coding style within your team. We will tailor our own style template, and then use this template to enforce the format and style of our code. The tool used in the demo is Checkstyle.
Test Coverage Improvement. Explain what high code coverage means to the team and to the product. we will go through the most popular way of writing unit test and a bit of behaviour test style in action. The tool used in the demo is junit5, mokito, and pact.
Comprehensive Coding Inspection. Explain aspects in coding inspection, the matrix, the process, and tips to fix code smell and other issues to make the code base healthier. The tool used in the demo is Sonarqube server, IntelliJ Sonarlint plugin.
Vulnerability Enhancement. Explain why vulnerability scan is important in Financial Institutions. Start from installing Sonatype Nexus IQ server, to enable IntelliJ plugin to assist rectifying the vulnerability issues. The tool used in the demo is Sonatype Nexus IQ, IntelliJ Nexus IQ plugin.
Java and Maven have been used throughout the demonstration. However, all processes and most of the tools supports other languages and ways of configuration.