Build Process


Reading time: 30 minutes

Build is the process of creating a working program for a software release. It is achieved by taking relevant source code files and further compiling them to create a build artifact (like : executable).

Build

Main phases in Build Process

1. Write and commit bits of code

As a measure of safe-keeping the Build, the code is generally committed or uploaded to a central source code repository. Multiple versions of the source code will be available in this repository for reference at any point in time. To prevent any Data loss, due to system crashes or other unforeseen situations, the code is not kept in the individual’s system for longer time periods. The pieces of code are committed to the repository, as soon as it is complete.

2. Scan the code for problems

After the code is committed to the repository, then it is scanned for common bugs. Based on the programming language used, multiple tools are available for scanning the code. These scanners automatically monitor the code before it is deployed.

3. Compile the code

During the compilation process, the code is compiled to create working components of the application for various devices. The scripts can also be used to create Database Tables, Test Data and stored procedures.

4. Run automated tests

Here, scripts are used to load the browser, land on a web page, and test the usability of features on that page. No manual intervention is needed during this phase. Automated tests run daily, ensure high-quality applications. There are hundreds of automated tests available for a given application.

5. Report any problems

Whenever any problem is detected by automated tests, the development team is notified immediately of action. This helps to create bug-free code throughout the development process.

Automated Build

Build automation transforms committs by team members, automatically to published deployment artifacts which are ready for deployment and validation in (test) environments.

Once a team member commits a number of code changes, the code changes can be merged automatically, analyzed, compiled, unit tested, and assembled automatically. The automated build process can create a new deployment package and publish it to an artifact repository. In this manner, a continuous flow from code commit to validated deployment package can be implemented.

The automated build process is important for a fail-fast strategy. It is the component which provides the first (central) feedback on the quality of committed code changes. A central build system can adopt a fail-fast strategy. For example, if there are code merge conflicts, the build should fail, so team members can fix the code merge conflict. Traditionally build automation was done using Make files. We’ll learn about this in the fifth module.

Automated Build

An automated build system typically includes:

Source Version Control System : For example, Git, Gitlab, GitHub, Atlassian Stash, Subversion
Continuous Integration Server: For example, Atlassian Bamboo, Jenkins
Code Quality Analysis and Reporting: For example, Sonarqube
Artifact Repository: For example, Nexus or Artifactory
Build Tools: For example, Maven, Gradle, Grunt, NPM, Bower, Ant, Gulp
Static Analysis: For example, FindBugs, CheckStyle, PMD, PHPMD.
Unit Test and Test Runner Frameworks: For example, JUnit and Karma

Code Quality Analysis

A Code Review tool is required to automate the code audit process. They help in static code analysis which is essential to deliever a reliable software application.

Static Code Analysis

Static code analysis is a method of debugging by examining the source code even before a program is run. It is done by comparing given code with a set of pre-defined code rules.

Advantages of Build Automation

  • Variations are eliminated, thus defects can be avoided.
  • Mistakes that occur in manual build, due to multitude of steps, are avoided in automated build.
  • Product quality is improved.
  • Redundant tasks are eliminated.
  • Dependencies on key personnel can be avoided, as the complete process is automated.
  • Code compilation and link processing are accelerated.

Disadvantages of Build Automation

  • Triggering some of the build operations within the development environment (IDE)may not be sufficient.
  • Some of the build operations are not supported within the IDE, so it must be possible to perform a build operation outside the IDE.
  • In cases where build process is more than 10 minutes, achieving continuous integration will become difficult.

Tools for Build Automation

Github (for version control)

GitHub is an application allowing you to store remote repositories. We can interact with our GitHub repository through the push/pull system on our local machine. GitHub is used primarily to allow other people to add to the project (ex. Open source projects). GitHub allows more people than just ourself to see and interact with the repository.

Jenkins (for continuous integration)

Jenkins is OpenSource tool used for building, testing, and deployment. It is easy to install. It works as a Continous Intergration server and also as a Continous Delivery Hub. Also it is easily configurable with the features of extensiblity.

  • Testing of isolated changes in a larger codebase.
  • Automation of testing of builds.
  • Work Distribution.
  • Automation of software deployment.

Travis CI (for continuous integration)

Travis CI is used to perform automated deployments after passing the build. It is can be synced with GitHub and is able to deploy on various cloud services. Is is used to build as well as test the application.

  • GitHub integration.
  • It has pre-installed database services.
  • It supports pull requests.
  • It provides a clean Virtual Machine for every build.

Bamboo (for continuous integration)

Bamboo is a continuous delivery tool which is used from coding and to the process of deployment as in SDLC. It provides functionalities for building, testing, as well as deploying. It provides a clean user interface and is intuitive.

  • It will allow you to create multi-stage build plans.
  • We can assign agents to critical builds and deployments.
  • The tool can run parallel automated tests.
  • It can release in each environment.

SonarQube (for code quality analysis)

SonarQube is an open source tool used to measure as well as analyze the quality of source code. It is written in Java language and is able to analyze more than 20 programming languages. Anything that affects code base, from minor styling details to critical design errors, is inspected and evaluated by SonarQube, which helps software application developers to identify the issue and its effect.

  • Writing Clean Code
  • Bug Detection
  • Centralised Quality

Nexus Repository (as an artifact repository)

A software system has several dependencies on other softwares which is maintained by Nexus. Everything required by a system is termed as an artifact.

It maintains an internal copy of all dependencies and hence, it is crucial for the overall stability of the system. It, also, makes the distribution of code much easier.

Maven (for build)

Maven is used for project management and to provide functionalities to the project. It provides functionalities like reporting, documentation and project mabuilding. Through Maven we will be able to access new functionality instantly. Also there is no limitation on building the number of projects.

  • It supports working on multiple projects simultaneously.
  • There will be consistent usage for all projects.
  • It has features for dependency management.
  • It provides a large number of repositories for metadata as well as libraries.
  • Along with the functionality for release management, it can also distribute individual outputs.
  • For managing the releases and distributing the publications, Maven will get integrated with your system. No additional configuration will be required for this.

Gradle (for build)

Gradle provides various functionalities like building, automating, and delivering software. It is also an open-source platform. It also provides functionalities like custom dependency scopes, transitive dependencies, file-based dependencies, etc. for dependency management.

  • For software development, it will allow you to use any programming language.
  • It can deploy on any platform.
  • It supports monorepos as well as multi-repo strategy.
  • It will help to deliver continuously.
  • It also provides us with various execution options some of them being Continuous build, Composite Builds, Task Exclusion & Dry Run.

Review Assistant (for static analysis)

Review Assistant is an extension to Visual Studio. It supports Visual Studio 2019, 2017, 2015, 2013, 2012, and 2010. Review Assistant helps to create review requests and respond to them without leaving IDE. It supports TFS, Subversion, Git, Mercurial, Perforce.

  • Flexible code reviews
  • Discussions in code
  • Iterative review with defect fixing
  • Email notifications
  • Rich integration features
  • Reporting and Statistics
  • Drop-in Replacement for Visual Studio Code Review Feature.

Codestriker (for static analysis)

Codestriker is an open-source, code reviewing web application which helps us to record issues, comments, and decisions in a database. It can also be used for code inspections.

  • Support for traditional documents review
  • It can be integrated with Bugzilla, ClearCase, CVS, etc.
  • Codestriker tool is licensed under GPL

Crucible (for static analysis)

Crucible is a web-based code quality tool which is used by developers for code reviewing, finding bugs and defects, discussing the changes and knowledge sharing. The tool helps developers to catch major defects and improve their code architecture.

  • Allows to track project in real time with activity streams showing the latest comments and review updates
  • Ensure all files you are reviewing are current as the code is refactored and changed throughout the review process
  • Automatically update Jira Software problems based on review activity and or turn review comments into issues with a single click.

Findbug (for static analysis)

Findbug is an open source tool which is used specifically for java programs for static code analysis. It scans code for pre-defined bug patterns and find suspicious or detected code. Also for Findbug to work, it is not necessary to execute the code for the analysis which further helps to prevent from shipping avoidable issues. It provides a platform for developers to improve their skills to write better code.

JUnit (for testing)

JUnit being an open source framework is used for writing as well as running tests. It allows us to write code faster and also increase code quality.

With this, you have the complete knowledge of the build process taken by software systems.

Connect with the Author, Kshitiz Saini on LinkedIn and Twitter