Static code analysis is not a new tool – it’s an increasingly popular way to ensure code quality and build better apps. However, it’s not known to be the fastest process. This is especially true as codebases continue expanding – they’re growing by over 18% in 2022 alone, and many are already in the millions of lines.
Balancing this need for speed and quality means that while static code analysis is becoming more of a standard, there’s also a big demand to find ways to make it viable. How can you find hours in the day to make sure this essential process doesn’t impact your release schedule? By finding tools that make the process easier and more effective. Tools like Klocwork, made by Perforce, which is designed specifically with large-scale codebases and complex dev environments in mind.
Even so, static code analysis could always be faster. That’s why Incredibuild fully integrates with Klocwork on Windows – to ensure that you can fully embed static code analysis into your DevOps pipeline without having to slow down your dev cycles.
Better together – why Klocwork and Incredibuild work
As more organizations embrace DevOps practices and methodologies, finding ways to streamline pipelines is key to boosting product quality and time to market. This includes everything from finding the right team structure to maximizing existing hardware and cloud resources.
Having to be always-on means that any bottlenecks in your CI/CD pipeline will result in impacts everywhere else. For example, a delay in development might impact your text and branch management, which results in reduced iteration frequency, slowing down feedback cycles and making it harder to determine where an error occurs if it does. In turn, this will affect QA and testing, which means that errors might slip through, releases are delayed, and hot fixes might not ship on time.
Static code analysis and tools like static application security testing (SAST) are essential parts of the process but doing them faster can help integrate them into your CI/CD pipeline more effectively without sacrificing the time gains you can get from smooth workflows. That’s where Incredibuild and Klocwork come in.
Combining the two lets you make the most out of your dev organization’s computing power to take care of these critical tasks (along with completing your builds) much faster. Thanks to Incredibuild’s virtual distributed processing, you can handle static analysis and SAST without having to pause other key development processes and jobs. Instead of having to wait for things to be completed, you can simply keep working while they finish.
How to get started with Incredibuild and Klocwork
There’s no heavy lifting to do once you’re ready to get started. You can start using the two platforms together in just a few steps. First, though, make sure you meet the following pre-requisites:
- You have a valid license of Klocwork installed
- You have “access web API” permission in Klocwork. Check with your admin, since the permission is set by default to root admins and project admins.
- Make sure Incredibuild initiator agents are installed on all the computers using Klocwork that will be part of the static code analysis (also, double check that the initiator licenses have the Klocwork add-on)
- If you’re using Incredibuild on the cloud, make sure they can communicate with your Klocwork license servers
Once you’re sure all that is in place, you just need to follow two quick steps:
- Create a build specification using kwinject. You can distribute and accelerate this with buildconsole.
kwinject buildconsole.exe ><”sln path”> /rebuild /cofg=”Debug|Win6 4”
- Run an integration build analysis. YYou can distribute and accelerate this with Incredibuild’s xgConsole command (the syntax won’t change from the ibconsole command)
xgConsole /profile="C:\Klocwork\Server 21.1\config\xgProfile.xml" /title=<"title name"> /command="kwbuildproject --url http://localhost:8080/<project_name> -j [n] -o kwtables -f kwinject.out”
You can see the process in action in the video below:
And you can learn more about the process of integrating Incredibuild and Klocwork here and here.
