How to Use Helix ALM with Klocwork
May 26, 2020

How to Use Helix ALM With Klocwork

Application Lifecycle Management
Static Analysis

Helix ALM is one of the most trusted modular suites for the different phases of development. And, Klocwork is a static code analyzer that has been designed to optimize DevOps processes, like CI/CD Pipelines.

When paired together, the two solutions can provide your team with a scalable DevOps solution.

What Is Helix ALM

Helix ALM provides end-to-end traceability by linking your requirements, test cases, and issues — all in one platform. Its configurable workflow easily adapts to the way you already work, not the other way around. So testers, developers, and everyone else ensuring the quality of your product can work together seamlessly. 

What Is Klocwork

Klocwork is one of the most trusted static analyzers for C, C++, C#, and Java. What’s more, with its Differential Analysis, connected desktop, and support for both CI/CD pipelines and Containerized Builds, Klocwork is the ideal static analyzer for DevOps.

Why Helix ALM Users Should Use Klocwork

Helix ALM simplifies traceability for easier compliance, impact analysis, and risk management. By pairing it with Klocwork, Helix ALM users are able to quickly analyze their entire codebase to identify coding vulnerabilities and errors earlier in development as well as to ensure that coding standards were enforced.

Klocwork Complements Helix ALM by…

Differential Analysis

Using system context data from the server, Klocwork analyzes only the files that have changed while also providing Differential Analysis results as if the entire system had been analyzed. This provides you with the shortest possible analysis times of new and changed code.

Integration Analysis

Using system context data from the server, Klocwork provides a snapshot of the current health of your software project. After each Integrated Analysis, Klocwork provides a list of detected coding issues along with other reports on your code. By regularly running Integrated Analysis, you can improve code quality and ensure uniformity across your codebase.

Why Klocwork Users Should Use Helix ALM

Software development teams use Klocwork to help ensure that their code is high quality, secure, and reliable. By pairing it with Helix ALM, Klocwork users can perform requirements management, issues management, and test case management in a single platform. Klocwork data is visible in requirements, making it part of the trace matrix.

Helix ALM Complements Klocwork by…

Single Source of Truth

With requirements, test cases, and issues housed in one tool, users never have to verify that they’re working with the most current information. Updated Klocwork data, like violations of requirements and fixed issues, also appear with your requirements in Helix ALM. You can extend and filter violation data, see updated issues, and more without leaving the platform.

Traceability

Helix ALM automatically tracks and links artifacts to create end-to-end traceability, providing impact analysis, easy reporting, and more. Because your static code analysis results from Klocwork are pulled into your requirements in Helix ALM, they become part of the automated traceability matrix.

How Helix ALM and Klocwork work together.

How to Use Helix ALM With Klocwork

Here’s how to use Helix ALM with Klocwork.

1. Install Helix ALM

First, you’ll need to install Helix ALM.
If you’re not using Helix ALM yet, get started here >>

If you’re already a Helix ALM user, download the latest version here >>

2. Install Klocwork

Next, you’ll download Klocwork.

If you’re not using Klocwork yet, get started here >>

If you’re already a Klocwork user, download the latest version here >>

3. Configure Helix ALM

You are also able to add in custom fields specific to the issue type:

  • Klocwork Status — fixed drop down list matching Klocwork’s values (i.e. Analyze, Ignore, Fix, etc.)
  • Klocwork State — fixed drop down list matching Klocwork’s values (i.e. New, Existing, Fixed)
  • Klocwork ID — text string, which holds the unique Id for the issue

To add system fields with new values:

  • Product — Add “Klocwork”
  • Type — Add “Static Analysis”

You can also add an issue search query called “Klocwork Issues”, which gets any non-blank “Klocwork ID” fields.

4. Configure Klocwork

Each time you start a new project, you will need to configure Klocwork. To do so you will need to decide on what issues need importing across, for example:

  • All
  • All issues except those in third-party code
  • Only critical defects

Then, you can configure a view in Klocwork to match the issues that you want to pull across.

5. Deploy the script to any build agents/machines

The script is designed to be run after a Klocwork Integration Analysis has been performed. It can also update existing issues that have already been imported into Helix ALM.

6. Create a Helix ALM authentication key for API connections

If you’re configuring through Continuous Analysis, it will run after each Integration Analysis. The results will then be imported across any new issues and update existing issues within Helix ALM as long as they have been altered in the latest analysis.

Get Started: Helix ALM and Klocwork

Start optimizing your DevOps process with Helix ALM and Klocwork today.

Try Klocwork

Try Helix ALM