How to Use Helix ALM With Klocwork
Helix ALM is one of the most trusted modular suites for the different phases of development. And, Klocwork is a static code analyzer that has been designed to optimize DevOps processes, like CI/CD Pipelines. When paired together, the two solutions can provide your team with a scalable DevOps solution.
Read along or jump ahead to the section that interests you the most:
What Is Helix ALM?
Helix ALM provides end-to-end traceability by linking your requirements, test cases, and issues — all in one platform. Its configurable workflow easily adapts to the way you already work, not the other way around. So testers, developers, and everyone else ensuring the quality of your product can work together seamlessly.Back to top
What Is Klocwork?
Why Helix ALM Users Should Use Klocwork
Helix ALM simplifies traceability for easier compliance, impact analysis, and risk management. By pairing it with Klocwork, Helix ALM users are able to quickly analyze their entire codebase to identify coding vulnerabilities and errors earlier in development as well as to ensure that coding standards were enforced.
Klocwork Complements Helix ALM by…
Using system context data from the server, Klocwork analyzes only the files that have changed while also providing Differential Analysis results as if the entire system had been analyzed. This provides you with the shortest possible analysis times of new and changed code.
Using system context data from the server, Klocwork provides a snapshot of the current health of your software project. After each Integrated Analysis, Klocwork provides a list of detected coding issues along with other reports on your code. By regularly running Integrated Analysis, you can improve code quality and ensure uniformity across your codebase.Back to top
Why Klocwork Users Should Use Helix ALM
Software development teams use Klocwork to help ensure that their code is high quality, secure, and reliable. By pairing it with Helix ALM, Klocwork users can perform requirements management, issues management, and test case management in a single platform. Klocwork data is visible in requirements, making it part of the trace matrix.
Helix ALM Complements Klocwork by…
Single Source of Truth
With requirements, test cases, and issues housed in one tool, users never have to verify that they’re working with the most current information. Updated Klocwork data, like violations of requirements and fixed issues, also appear with your requirements in Helix ALM. You can extend and filter violation data, see updated issues, and more without leaving the platform.
Helix ALM automatically tracks and links artifacts to create end-to-end traceability, providing impact analysis, easy reporting, and more. Because your static code analysis results from Klocwork are pulled into your requirements in Helix ALM, they become part of the automated traceability matrix.
How to Use Helix ALM with Klocwork
The integration comes in the form of a customizable python script that connects to the Klocwork API and gathers data from an analysis run. It then interacts with the Helix ALM API, where it raises the defects into its issue management.
Here is how to set up the integration.
1. Install Helix ALM
First, you’ll need to install Helix ALM.
If you’re not using Helix ALM yet, get started here >>
If you’re already a Helix ALM user, download the latest version here >>
2. Install Klocwork
Next, you’ll download Klocwork.
If you’re not using Klocwork yet, get started here >>
If you’re already a Klocwork user, download the latest version here >>
3. Get the Integration and Install Python
Get the integration and install Python.
Contact us to get the latest version of the integration script. It is designed to work with Python 3.6, however, other versions of Python 3.x should also work.
Install this on the machine where the script will run.
4. Configure Helix ALM
You are also able to add in custom fields specific to the issue type:
- Klocwork Status — fixed drop down list matching Klocwork’s values (i.e. Analyze, Ignore, Fix, etc.)
- Klocwork State — fixed drop down list matching Klocwork’s values (i.e. New, Existing, Fixed)
- Klocwork ID — text string, which holds the unique Id for the issue
To add system fields with new values:
- Product — Add “Klocwork”
- Type — Add “Static Analysis”
You can also add an issue search query called “Klocwork Issues”, which gets any non-blank “Klocwork ID” fields.
5. Configure Klocwork
Each time you start a new project, you will need to configure Klocwork. To do so you will need to decide on what issues need importing across, for example:
- All issues except those in third-party code
- Only critical defects
Then, you can configure a view in Klocwork to match the issues that you want to pull across.
6. Deploy the Script to any Build Agents/Machines
The script is designed to be run after a Klocwork Integration Analysis has been performed. It can also update existing issues that have already been imported into Helix ALM.
7. Create a Helix ALM Authentication key for API Connections
If you’re configuring through Continuous Analysis, it will run after each Integration Analysis. The results will then be imported across any new issues and update existing issues within Helix ALM as long as they have been altered in the latest analysis.
8. Run the Klocwork Analysis and Then run the Script
Run the Klocwork integration analysis. Then after the load stage, run the ALMxKW.py script as per the readme. The issue(s) should now appear in Helix ALM and subsequent runs will update these.Back to top
Get Started: Helix ALM and Klocwork
Start optimizing your DevOps process with Helix ALM and Klocwork today.Back to top