简体繁体 English

使用maven和jenkins，如何测试程序员做了一些测试用例？

[英]Using maven and jenkins, how to test the programmers did some test cases?

原文 2013-02-05 14:28:35 8 5 java/ maven/ jenkins

I am working on a number of projects and we are using Java, Springs, Maven and Jenkins for CI but I am running into a issues that some of the programmers are not adding real junit test cases to the projects. 我正在开发一些项目，我们正在使用Java，Springs，Maven和Jenkins进行CI，但我遇到的问题是一些程序员没有在项目中添加真正的junit测试用例。 I want maven and jenkins to run the test before deploying to the server. 我希望maven和jenkins在部署到服务器之前运行测试。 Some of the programers made a blank test so it starts and stops and will pass the tests. 一些程序员进行了空白测试，因此启动和停止并通过测试。

Can someone please tell me how can I automat this check so maven and jenkins can see if the test put out some output. 有人可以请告诉我如何自动进行此检查，以便maven和jenkins可以查看测试是否输出了一些输出。

5 个解决方案

I have not found any good solution to this issue, other than reviewing the code. 除了查看代码之外，我还没有找到任何解决此问题的好方法。

Code coverage fails to detect the worst unit tests I ever saw 代码覆盖率无法检测到我见过的最糟糕的单元测试

Looking at the number of tests, fails there too. 看一下测试的数量，那里也失败了。 Looking at the test names, you bet that fails. 查看测试名称，您打赌失败。

If you have developers like the "Kevin" who writes tests like those, you'll only catch those tests by code review. 如果您的开发人员喜欢编写类似测试的“Kevin”，那么您只能通过代码审查来捕获这些测试。

The summary of how "Kevin" defeats the checks: “凯文”如何击败支票的摘要：

Write a test called smokes . 写一个名为smokes的测试。 In this test you invoke every method of the class under test with differing combinations of parameters, each call wrapped in try { ... } catch (Throwable t) {/* ignore */} . 在此测试中，您使用不同的参数组合调用被测试类的每个方法，每个调用都包含在try { ... } catch (Throwable t) {/* ignore */} 。 This gives you great coverage, and the test never fails 这为您提供了很好的覆盖范围，测试永远不会失败
Write a load of empty tests with names that sound like you have thought up fancy test scenarios, eg widgetsTurnRedWhenFlangeIsOff , widgetsCounterrotateIfFangeGreaterThan50 . 写widgetsTurnRedWhenFlangeIsOff空测试，其名称听起来像你想象中的花哨测试场景，例如widgetsTurnRedWhenFlangeIsOff ， widgetsCounterrotateIfFangeGreaterThan50 。 These are empty tests, so will never fail, and a manager inspection the CI system will see lots of detailed test cases. 这些都是空的测试，所以永远不会失败，经理检查CI系统会看到很多详细的测试用例。

Code review is the only way to catch "Kevin". 代码审查是捕获“凯文”的唯一方法。

Hope your developers are not that bad 希望你的开发人员不那么糟糕

Update 更新

I had a shower moment this morning. 今天早上我洗了个澡。 There is a type of automated analysis that can catch "Kevin", unfortunately it can still be cheated around, so while it is not a solution to people writing bad tests, it does make it harder to write bad tests. 有一种类型的自动分析可以捕获“凯文”，不幸的是它仍然可以被欺骗，所以虽然它不是人们编写错误测试的解决方案，但它确实使编写错误的测试更加困难。

Mutation Testing 变异测试

This is an old project, and won't work on recent code, and I am not suggesting you use this. 这是一个旧项目，不适用于最近的代码，我不建议你使用它。 But I am suggesting that it hints at a type of automated analysis that would stop "Kevin" 但我建议它暗示一种自动分析会阻止“凯文”

If I were implementing this, what I would do is write a "JestingClassLoader" that uses, eg ASM, to rewrite the bytecode with one little "jest" at a time. 如果我正在实现这个，那么我要做的就是编写一个“JestingClassLoader”，它使用例如ASM，一次用一个小的“jest”重写字节码。 Then run the test suite against your classes when loaded with this classloader. 然后在加载此类加载器时针对您的类运行测试套件。 If the tests don't fail, you are in "Kevin" land. 如果测试没有失败，你就在“凯文”的土地上。 The issue is that you need to run all the tests against every branch point in your code. 问题是您需要针对代码中的每个分支点运行所有测试。 You could use automatic coverage analysis and test time profiling to speed things up, though. 但是，您可以使用自动覆盖率分析和测试时间分析来加快速度。 In other words, you know what code paths each test executes, so when you make a "jest" against one specific path, you only run the tests that hit that path, and you start with the fastest test. 换句话说，您知道每个测试执行的代码路径，因此当您针对某个特定路径进行“jest”时，您只运行命中该路径的测试，并从最快的测试开始。 If none of those tests fail, you have found a weakness in your test coverage. 如果这些测试都没有失败，那么您发现测试覆盖率存在缺陷。

So if somebody were to "modernize" Jester, you'd have a way to find "Kevin" out. 因此，如果有人要让Jester“现代化”，你就有办法找到“凯文”了。

But that will not stop people writing bad tests. 但这并不能阻止人们编写糟糕的测试。 Because you can pass that check by writing tests that verify the code behaves as it currently behaves, bugs and all. 因为您可以通过编写测试来传递该检查，该测试验证代码的行为与目前的行为，错误和所有行为。 Heck there are even companies selling software that will "write the tests for you". 哎呀甚至有卖软件的公司会“为你编写测试”。 I will not give them the Google Page Rank by linking to them from here, but my point is if they get their hands on such software you will have loads of tests that straight-jacket your codebase and don't find any bugs (because as soon as you change anything the "generated" tests will fail, so now making a change requires arguing over the change itself as well as the changes to all the unit tests that the change broke, increasing the business cost to make a change, even if that change is fixing a real bug) 我不会通过从这里链接到他们来给他们谷歌网页排名，但我的观点是，如果他们得到这样的软件，你将有大量的测试，直接夹克你的代码库，并没有发现任何错误（因为作为一旦你改变任何东西，“生成”的测试就会失败，所以现在做出改变需要争论变更本身以及变更破坏的所有单元测试的变化，增加了做出改变的业务成本，即使这个改变正在修复一个真正的 bug）

I would recommend using Sonar which has a very useful build breaker plugin. 我建议使用Sonar ，它有一个非常有用的构建断路器插件。

Within the Sonar quality profile you can set alerts on any combination of metrics , so, for example you could mandate that your java projects should have 在Sonar 质量配置文件中，您可以针对任何指标组合设置警报，例如，您可以强制要求您的Java项目应该具有

"Unit tests" > 1 “单元测试”> 1
"Coverage" > 20 “覆盖范围”> 20

Forcing developers to have at least 1 unit test that covers a minimum of 20% of their codebase. 迫使开发人员至少进行一次单元测试，覆盖至少20％的代码库。 (Pretty low quality bar, but I suppose that's your point!) （相当低质量的酒吧，但我想这是你的观点！）

Setting up an additional server may appear like extra work, but the solution scales when you have multiple Maven projects. 设置其他服务器可能看起来像额外的工作，但是当您有多个Maven项目时，解决方案会扩展。 The Jenkins plugin for Sonar is all you'll need to configure. Sonar的Jenkins插件是您需要配置的全部内容。 Jacoco is the default code coverage tool, and Sonar will also automatically run other tools like Checkstyle, PMD and Findbugs. Jacoco是默认的代码覆盖工具，Sonar还将自动运行其他工具，如Checkstyle，PMD和Findbugs。

Finally Stephen is completely correct about code review. 最后Stephen对代码审查完全正确。 Sonar has some basic, but useful, code review features. Sonar具有一些基本但有用的代码审查功能。

You need to add a code coverage plugin such as JaCoCo, EMMA, Cobertura, or the likes. 您需要添加代码覆盖插件，如JaCoCo，EMMA，Cobertura等。 Then you need to define in the plugin's configuration the percent of code coverage (basically "code covered by the tests") that you would like to have, in order for the build to pass. 然后，您需要在插件的配置中定义您希望拥有的代码覆盖率（基本上是“测试所涵盖的代码”）的百分比，以便构建通过。 If it's below that number, you can have the build failing. 如果低于该数字，则可能导致构建失败。 And, if the build is failing, Jenkins (or whatever your CI is) won't deploy. 而且，如果构建失败，Jenkins（或任何CI）将不会部署。

As others have pointed out, if your programmers are already out to cheat coding practices, using better coverage tools won't solve your problem. 正如其他人所指出的那样，如果您的程序员已经开始欺骗编码实践，那么使用更好的覆盖工具将无法解决您的问题。 They can be out cheated as well. 他们也可以被骗。

You need to sit down with your team and have an honest talk with them about professionalism and what software engineering is supposed to be. 您需要与您的团队坐下来，与他们诚实地谈论专业性和软件工程应该是什么。

In my experience, code reviews are great but they need to happen before the code is committed. 根据我的经验，代码审查很棒但是它们需要在代码提交之前发生。 But for that to work in a project where people are 'cheating', you'll need to at least have a reviewer you can trust. 但是，为了在人们“作弊”的项目中工作，你至少需要一个你可以信任的评论家。

http://pitest.org/ is a good solution for so called "mutation testing": http://pitest.org/是所谓的“突变测试”的一个很好的解决方案：

Faults (or mutations) are automatically seeded into your code, then your tests are run. 故障（或突变）会自动嵌入到您的代码中，然后运行您的测试。 If your tests fail then the mutation is killed, if your tests pass then the mutation lived. 如果你的测试失败，那么突变就会被杀死，如果你的测试通过，那么突变就会存在。

The quality of your tests can be gauged from the percentage of mutations killed. 您可以根据已杀死的突变百分比来衡量您的测试质量。

The good thing is that you can easyli use it in conjunction with maven, jenkins and ... SonarQube ! 好处是你可以将它与maven，jenkins和...一起使用它... SonarQube ！