How to analyze your codebase with Exakat using Docker - Longhorn PHP
- 1. @danaluther How to analyze your codebase with Exakat using Docker Static analysis for everyone https://joind.in/talk/b32c9
- 2. @danaluther Static Analysis What is it and why do we need it?
- 3. @danaluther Static Analysis What is it and why do we need it? • Dynamic Analysis - Performed while the program is running
- 4. @danaluther Static Analysis What is it and why do we need it? • Dynamic Analysis - Performed while the program is running • Unit / Functional / Acceptance Tests
- 5. @danaluther Static Analysis What is it and why do we need it? • Dynamic Analysis - Performed while the program is running • Unit / Functional / Acceptance Tests • Static Analysis - Performed before running the program
- 6. @danaluther Static Analysis What is it and why do we need it? • Dynamic Analysis - Performed while the program is running • Unit / Functional / Acceptance Tests • Static Analysis - Performed before running the program • Analyze as part of the development cycle before unit tests are run
- 7. @danaluther Static Analysis What is it and why do we need it? • Dynamic Analysis - Performed while the program is running • Unit / Functional / Acceptance Tests • Static Analysis - Performed before running the program • Analyze as part of the development cycle before unit tests are run • Can catch errors and vulnerabilities that may be overlooked by Unit Tests
- 8. @danaluther Static Analysis What is it and why do we need it? • Dynamic Analysis - Performed while the program is running • Unit / Functional / Acceptance Tests • Static Analysis - Performed before running the program • Analyze as part of the development cycle before unit tests are run • Can catch errors and vulnerabilities that may be overlooked by Unit Tests • Identify patterns in the code
- 9. @danaluther Popular Options for Static Analysis Standalone and Integrated Options • Exakat - https://www.exakat.io/en/ • PHPStan - https://phpstan.org/ • Psalm - https://psalm.dev/ • PHP_CodeSni ff er - https://github.com/squizlabs/PHP_CodeSni ff er • PhpStorm Inspections - https://www.jetbrains.com/help/phpstorm/code- inspection.html
- 10. @danaluther
- 11. @danaluther Take it with a grain of salt… function ex_mysql_unbuffered_query($query, $dbh) { if (!$this - > use_mysqli) { return mysql_unbuffered_query($query, $dbh); } return mysqli_query($dbh, $query, MYSQLI_USE_RESULT); }
- 12. @danaluther Why Exakat? Community version with multiple report options https://github.com/exakat/exakat
- 13. @danaluther Why Exakat? Community version with multiple report options • Analyze once, generate multiple reports https://github.com/exakat/exakat
- 14. @danaluther Why Exakat? Community version with multiple report options • Analyze once, generate multiple reports • Multiple PHP version compatibility reports https://github.com/exakat/exakat
- 15. @danaluther Why Exakat? Community version with multiple report options • Analyze once, generate multiple reports • Multiple PHP version compatibility reports • Option for visual representation of the analysis https://github.com/exakat/exakat
- 16. @danaluther Why Exakat? Community version with multiple report options • Analyze once, generate multiple reports • Multiple PHP version compatibility reports • Option for visual representation of the analysis • Option for customized reports https://github.com/exakat/exakat
- 17. @danaluther Damien Seguy @faguo • https://www.exakat.io/en/bonjour/ • All the elePHPants
- 18. @danaluther Why Docker? No additional local code installation required! • Exakat o ffi cial image requires no lengthy local install. • Exakat public repo allows for quickly generating the latest versions.
- 19. @danaluther Get the Exakat Docker image https://hub.docker.com/r/exakat/exakat > docker image pull exakat/exakat
- 20. @danaluther Confirm the docker container runs > docker container run - - rm exakat/exakat exakat version
- 21. @danaluther Confirm the configuration options > docker container run - - rm exakat/exakat exakat doctor
- 23. @danaluther Create Project Report Docker Volume Create the local directory that you want to store your project fi les in > mkdir - p /Users/danaluther/Repos/exakat_y2s
- 24. @danaluther Create Project Report Docker Volume Create a docker volume that points to the directory which was just created > docker volume create exakat_y2s - - opt type=none - - opt o=bind - - opt device=/Users/danaluther/Repos/exakat_y2s
- 25. @danaluther Create Project Report Docker Volume Con fi rm the volume was created properly > docker volume inspect exakat_y2s
- 26. @danaluther Customize exakat ini https://exakat.readthedocs.io/en/latest/User/Con fi guration.html • Command line options • The .exakat.ini fi le at source code root • The con fi g.ini fi le in the project directory • The exakat.ini fi le in the con fi g directory • Default values within the code (.exakat.yaml)
- 29. @danaluther config.ini - Available Options https://exakat.readthedocs.io/en/latest/User/Con fi guration.html
- 33. @danaluther Run Exakat init exakat init -p <your project name> -R <path/to/the/code> -copy > docker container run - - rm - v exakat_y2s:/usr/src/exakat/projects - v $(PWD):/usr/src/exakat/projects/volume_src exakat/exakat exakat init - p Yii2Swivel - v -R /usr/src/exakat/projects/volume_src/ - copy
- 34. @danaluther
- 35. @danaluther Verify Initialization in the Exakat folder
- 36. @danaluther Run Exakat project From the project source directory > docker container run - - rm - v exakat_y2s:/usr/src/exakat/projects - v $(PWD):/usr/src/exakat/projects/volume_src exakat/exakat exakat project - p Yii2Swivel - v
- 37. @danaluther View Generated Report Files have been generated in our permanent exakat_y2s folder
- 38. @danaluther
- 39. @danaluther
- 40. @danaluther Compatibility Report PHP Version Compatibility Analysis
- 41. @danaluther Compatibility Report PHP Version Compatibility Analysis
- 42. @danaluther
- 43. @danaluther
- 44. @danaluther
- 45. @danaluther
- 46. @danaluther
- 47. @danaluther
- 52. @danaluther Dead Code report … taken with a grain of salt
- 53. @danaluther Dead Code report … taken with a grain of salt
- 54. @danaluther
- 55. @danaluther Dead Code report … taken with a grain of salt
- 56. @danaluther Dead Code report … taken with a grain of salt
- 57. @danaluther Dead Code report … taken with a grain of salt
- 58. @danaluther Customize reports https://exakat.readthedocs.io/en/latest/Administrator/Commands.html#report > docker container run - - rm - v exakat_y2s:/usr/src/exakat/projects - v $(PWD):/usr/src/exakat/projects/volume_src exakat/exakat exakat report - p Yii2Swivel - format Codesniffer - v
- 59. @danaluther
- 60. @danaluther Customize reports Dependency Wheel Report > docker container run - - rm - v exakat_y2s:/usr/src/exakat/projects - v $(PWD):/usr/src/exakat/projects/volume_src exakat/exakat exakat report - p Yii2Swivel - format DependencyWheel - v
- 61. @danaluther
- 62. @danaluther
- 63. @danaluther
- 64. @danaluther Customize reports Dependency Wheel Report > docker container run - - rm - v exakat_y2s:/usr/src/exakat/projects - v $(PWD):/usr/src/exakat/projects/volume_src exakat/exakat exakat report - p Yii2Swivel - format owasp - v
- 65. @danaluther
- 66. @danaluther
- 67. @danaluther Persistent Report Directory Reports stored in their unique folders by default
- 68. @danaluther Customize reports Migration80 > docker container run - - rm - v exakat_y2s:/usr/src/exakat/projects - v $(PWD):/usr/src/exakat/projects/volume_src exakat/exakat exakat report - p Yii2Swivel - format Migration80 - v
- 69. @danaluther
- 70. @danaluther
- 71. @danaluther
- 72. @danaluther
- 73. @danaluther
- 74. @danaluther Migration80 Output Suggestions - Detail
- 75. @danaluther Other output options? Yes! There are many, many options to choose from. • https://exakat.readthedocs.io/en/latest/Reference/Reports.html#list-of- reports
- 76. @danaluther Exakat for GitHub Actions https://hub.docker.com/r/exakat/exakat-ga
- 77. @danaluther Upcoming Exakat Features Cobbler - https://exakat.readthedocs.io/en/latest/User/Cobbler.html
- 78. @danaluther Questions?? Ask now or tweet at me if you think of it later! https://www.linkedin.com/in/danaluther dluther@envisageinternational.com https://joind.in/talk/b32c9 🤔 ? ? ? ?