net, vs comments edit

In VS2010 Microsoft really hasn’t accounted for integrating FxCop into your continuous integration/scripted build in any way other than building through Visual Studio (unless you’re running Team Foundation Server, which I’m not). If you want your CI server to run FxCop, you have to have VS installed, which is pretty lame.

In addition, the format of the project files changed slightly, the list of assemblies containing rules has changed, and the way you specify which rules to run and which not to run is different (there’s a new concept of a “ruleset”).

And, of course, none of this is documented.

So here’s what I want:

  • I want to run FxCop in continuous integration.
  • I don’t want to have to install Visual Studio on the build server.
  • I want to be able to run analysis as a big batch job at the end rather than one project/solution at a time during the build process. (That way I can also potentially run it asynchronously with other analysis.)

It took a bit, but I think I’ve figured it out.

Get a copy of FxCop from an installed Visual Studio. You’ll find it under your VS2010 install folder in a place like this: C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Static Analysis Tools\FxCop

Take that whole folder and put it on your build server somewhere, or check it in alongside your source code as a dependency/tool. (I don’t know if that somehow violates licensing or not, but you won’t be distributing it, you just want to run it. YMMV. I’m no lawyer.)

Create a RuleSet. This is the new way of saying which rules to run. It used to be part of the FxCop project file, but they changed it up a bit. To get a RuleSet:

  1. Create a new throwaway project in Visual Studio.
  2. Right-click on the project and select “Properties.”
  3. On the left side of the properties window, select “Code Analysis.”
  4. You should see a “Rule Set” area with a dropdown box marked “Run this rule set.” Select one of the pre-defined rule sets to start with and click “Open.”
  5. Make changes to the rule set. Deselect rules you want run, etc.
  6. Select File -> Save As… and save the modified rule set somewhere you can get it later.

Put the RuleSet along with your build scripts. The build script (when you run FxCop) will need to find that RuleSet, so put it along with your other build scripts and artifacts.

Add the location of the FxCop rules to the RuleSet. Open the RuleSet file in a text editor. Under the “RuleSet” root element, add a new “RuleHintPaths” element. Inside “RuleHintPaths,” add a “Path” element with text that has the path to the FxCop “Rules” folder - it needs to be able to find all of the rules assemblies that will be running. If you have custom rules, you’ll need to add more “Path” elements.

Your RuleSet will look something like this:

<?xml version="1.0" encoding="utf-8"?>
<RuleSet Name="My Rules"
         Description="Rules that should be run on my assemblies."
         ToolsVersion="10.0">
  <RuleHintPaths>
    <Path>..\toolset\thirdparty\fxcop-vsts\Rules\</Path>
  </RuleHintPaths>
  <IncludeAll Action="Error" />
  <Rules AnalyzerId="Microsoft.Analyzers.ManagedCodeAnalysis" RuleNamespace="Microsoft.Rules.Managed">
    <Rule Id="CA1006" Action="None" />
    <Rule Id="CA1014" Action="None" />
    <Rule Id="CA1016" Action="None" />
    <Rule Id="CA1020" Action="None" />
    <Rule Id="CA1054" Action="None" />
    <Rule Id="CA1055" Action="None" />
    <Rule Id="CA1056" Action="None" />
    <Rule Id="CA1303" Action="None" />
    <Rule Id="CA2210" Action="None" />
    <Rule Id="CA2243" Action="None" />
  </Rules>
</RuleSet>

Update your FxCop project file. If you were using an FxCop project file before, for example, if you were generating a dynamic dependency list, you have to do some updates. I’ll enumerate them first, then I’ll show you my FxCop project file.

  • Change your PlatformAssembliesLocation to point to the .NET 4.0 install location.
  • Remove the TargetFrameworkVersion node. (There’s no explicit .NET 4 target it seems, so omitting it will automatically target .NET 4.)
  • Update the Rules/RuleFiles element to contain a list of all of the assemblies with rules in them, and make sure AllRulesEnabled on each is set to “True.” You’ll disable rules using your RuleSet.

Here’s what my FxCop project file looks like. I am dynamically generating the list of dependency locations as well as the list of assemblies to analyze, which is why you see some weird looking <!-- @DIRECTORIES@ --> comments in there. Check out my blog entry for more on that. In your project, you’ll probably have a real list of directories/assemblies to analyze there.

<?xml version="1.0" encoding="utf-8"?>
<FxCopProject Version="10.0" Name="FxCop Project">
 <ProjectOptions>
  <Stylesheet Apply="False">FxCopReport.xsl</Stylesheet>
  <PlatformAssembliesLocation>c:\WINDOWS\Microsoft.NET\Framework\v4.0.30128</PlatformAssembliesLocation>
  <SharedProject>True</SharedProject>
  <SaveMessages>
   <Project Status="Active, Excluded" NewOnly="False" />
   <Report Status="Active" NewOnly="False" />
  </SaveMessages>
  <ProjectFile Compress="True" DefaultTargetCheck="True" DefaultRuleCheck="True" SaveByRuleGroup="" Deterministic="True" />
  <EnableMultithreadedAnalysis>True</EnableMultithreadedAnalysis>
  <EnableMultithreadedLoad>True</EnableMultithreadedLoad>
  <SourceLookup>True</SourceLookup>
  <AnalysisExceptionsThreshold>10</AnalysisExceptionsThreshold>
  <RuleExceptionsThreshold>1</RuleExceptionsThreshold>
  <Spelling Locale="en-US" />
  <OverrideRuleVisibilities>False</OverrideRuleVisibilities>
  <SearchGlobalAssemblyCache>True</SearchGlobalAssemblyCache>
  <DeadlockDetectionTimeout>120</DeadlockDetectionTimeout>
  <IgnoreGeneratedCode>True</IgnoreGeneratedCode>
 </ProjectOptions>
 <Targets>
  <!-- @TARGETS@ -->
  <AssemblyReferenceDirectories>
   <!-- @DIRECTORIES@ -->
  </AssemblyReferenceDirectories>
 </Targets>
 <Rules>
  <RuleFiles>
   <RuleFile Name="$(FxCopDir)\Rules\DataflowRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\DesignRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\GlobalizationRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\InteroperabilityRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\MaintainabilityRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\MobilityRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\NamingRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\PerformanceRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\PortabilityRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\ReliabilityRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\SecurityRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\SecurityTransparencyRules.dll" Enabled="True" AllRulesEnabled="True" />
   <RuleFile Name="$(FxCopDir)\Rules\UsageRules.dll" Enabled="True" AllRulesEnabled="True" />
  </RuleFiles>
  <Groups />
  <Settings />
 </Rules>
</FxCopProject>

Update your FxCop command line. The last thing you have to do is modify the <Exec> task you have in your MSBuild script so it points to your project and your RuleSet. Just add the /ruleset parameter to point to run your rules, like /ruleset:=YourRuleset.ruleset

My FxCop command line looks something like this (anonymized/simplified for illustration purposes):

<PropertyGroup>
  <FxCopProject>Path\To\Project.FxCop</FxCopProject>
  <FxCopOutput>Path\To\Output\FxCopReport.xml</FxCopOutput>
  <FxCopXsl>$(FxCopDir)\Xml\FxCopReport.xsl</FxCopXsl>
  <FxCopDictionary>Path\To\CodeAnalysisDictionary.xml</FxCopDictionary>
  <FxCopRuleset>Path\To\YourCustom.ruleset</FxCopRuleset>
</PropertyGroup>
<Exec ContinueOnError="true" Command="$(FxCopDir)\FxCopCmd.exe /dictionary:&quot;$(FxCopDictionary)&quot; /ruleset:=&quot;$(FxCopRuleset)&quot; /o:&quot;$(FxCopOutput)&quot; /p:&quot;$(FxCopProject)&quot; /fo"/>

Once you have that, you should be able to run FxCop from the command line in your build without having to install Visual Studio.

Now to go through and fix all the new errors it found…

vs, net comments edit

If you’re using third-party plugins with DXCore (CodeRush/Refactor) fromDevExpressand you’re moving to Windows 7 or Windows Server 2008, this will affect you.

I had an issue filed recently on CR_Documentor where a user was correctly deploying the plugin but DXCore wouldn’t load it (and, thus, the user couldn’t see the CR_Documentor tool window link or anything).

Looking in the DevExpress message log, the exception message seen was like this:

Exception occurred while attempting to load assembly at "C:\Users\USERNAME\Documents\DevExpress\IDE Tools\Community\PlugIns\CR_Documentor.dll". (System.IO.FileLoadException)

Following inner exceptions down the stack, we finally saw the true reason the plugin wasn’t loading:

System.NotSupportedException: An attempt was made to load an assembly from a network location which would have caused the assembly to be sandboxed in previous versions of the .NET Framework. This release of the .NET Framework does not enable CAS policy by default, so this load may be dangerous. If this load is not intended to sandbox the assembly, please enable the loadFromRemoteSources switch. See http://go.microsoft.com/fwlink/?LinkId=155569 for more information.

I filed an issue with DevExpress (who, by the way, has a great support team) and we found one solution by modifying the <loadFromRemoteSources> element in devenv.exe.config (as mentioned in the exception message), but changing your config just for one plugin doesn’t make sense, and that’s when the real solution hit me.

You need to unblock DXCore plugins. Windows knows you got them from a remote location (e.g., Google Code) and limits their permissions. Sort of like how you have to unblock .CHM files so you can read them.

These instructions should work in any version of Windows from WinXP SP3 and up.

  1. Close all instances of Visual Studio.
  2. Right-click the plugin assembly and select “Properties.”
  3. On the “General” tab, click the “Unblock” button.
  4. Click “OK” to apply the changes and close the properties window.

Everything should work correctly now.

Click the "Unblock" button to enable the
plugin.

media comments edit

The folks over at Tested.com have created a nice guide to show you how to rip your DVDs to play on any device. Basically they walk you through the preferred settings in Handbrake for each device and explain what each device supports.

To me, it looks like you’ll end up with a different copy of the movie for just about every device. It also won’t work for my purposes since part of the goal of my media center/DVD library is to use the library as a backup for the discs in case they go bad; recompressing, removing the extras/menus, etc. sort of defeats that purpose.

Nevertheless, a good guide, especially if you’re just looking to stream the movie content.

net, process comments edit

Around the middle of last year I reviewed ASP.NET 3.5 Enterprise Application Development with Visual Studio 2008. In a nutshell, I thought it was a good entry level book to multi-tier app development, but I didn’t think it really showed what “enterprise” dev should be.

Since then, I’ve gotten a lot of questions asking what book I would recommend to learn enterprise application development. Unfortunately, I didn’t really have an answer at the time… and I still don’t.

The problem is that, for a dev who’s never done anything much larger than a fairly simple web site or some console/WinForms apps, after reading this book it looks like “all you need to do” to get into enterprise dev is start separating things into tiers, and that’s not really accurate.

Really, you need to consider different technologies; different architectures; how the system you’re building needs to interact with other systems (if at all); who’s going to maintain it when you’re done; how the system should be extended; and so on. It’s more than just throwing a three-tier web app out there.

Because there’s so much to it, you really can’t just pick “a book” and call it good. You sort of need to pick several books, but even then, it’s not enough.

Think of it in terms of those “Learn to Program in 24 Hours” books.Say you read one of those and work through the exercises and do everything it says you should do. When you’re done, are you a programmer? No, not really. You might be able to put a simple program together, or even a complex one, but you’ll be missing a lot of the things that you’d get with experience - knowing which algorithms to use in certain situations, understanding the benefits and drawbacks to the tech you’re working with, and so on.

Same thing here: Can a book, or even several books, teach you enterprise development? I’d say no. You’ll never be able to just read a few books and throw “enterprise development” on your résumé. Can books give you a few building blocks that you can use, along with experience, to do enterprise development? Sure.

Given the constraint that you’ll be looking at .NET-based technology (since the original commentary was on a .NET-based book), here are a few suggestions. It’s by no means all-inclusive; the second I publish this it’ll be out of date (if it isn’t already); and while this is a .NET-centric list, you really need to look beyond just .NET so you can choose the right solution.

  • Design Patterns: Elements of Reusable Object-Oriented Software: Understanding design patterns will help you recognize different ways to implement various functionality as well as giving you a common language with which you can communicate your design. (You may have heard this book referred to as the “Gang of Four” book.) Should you apply every single design pattern in your code? No - it’s not a checklist. Will it help you do things in a standard way and maybe open your eyes to some different ways to solve the problem? Sure.
  • Design Patterns in C#: Less comprehensive (and easier to read) than the “Gang of Four” book, but provides concrete examples of common patterns in C# and helps to solidify some of the concepts.
  • Framework Design Guidelines: Conventions, Idioms, and Patterns for Reusable .NET Libraries: This book will help you understand various patterns (and anti-patterns) that you should use in your code. It also addresses some issues like naming conventions that will help your source code be more discoverable to other developers who may come in to help or maintain the code. (FxCop analyzes your code for some of these rules. You’ll want to run FxCop on your enterprise app code. However, you may not want to run literally every single rule. I have some recommendations on which rules to run based on my experience.)
  • SOA: Principles of Service Design: If you’re not familiar with service-oriented architecture, this will help you become familiar. Remember, though, that SOA is just one option for separating logic into components. The ASP.NET 3.5 Enterprise Application Development book doesn’t even mention services, and that’s a big oversight.
  • Professional ASP.NET 4 in C# and VB: If your UI will be a web app, you owe it to yourself to get this book. It covers the ASP.NET pipeline and the common providers you’ll need to know about. While it primarily focuses on web forms, it does touch on ASP.NET MVC. Note that there is a lot to ASP.NET. It’s not just throwing a few controls on a page or whatever. This book is a behemoth at around 1400 pages with fairly small text. Be ready.
  • Professional ASP.NET MVC 2.0: A smaller book that focuses on the MVC portion of ASP.NET. This complements the more general ASP.NET book listed above. (At the time of this writing, the MVC 2.0 book is a pre-order; if you’re looking for something right now, get the MVC 1.0 book.)
  • Writing Secure Code: If you’re creating an enterprise app, it probably means you’re going to have a user base larger than one trusted user. You’ll want to make sure what you’re doing has security built-in from the ground up. Security is not an afterthought.
  • Code Complete: If you’re a developer of moderate experience then a lot of what you’ll find in here will feel like review. If you’re not, this book will help you understand some general good programming practices. In enterprise development, you’ll want to be aware of this stuff. It’s not just “jamming some code together.”
  • Code Leader: Using People, Tools, and Processes to Build Successful Software: Part of development of enterprise apps is the process - not just the coding, but how it gets built, how it gets tested, how it’s organized, etc. It’s meta-information about the app, not just the app. This book is a good intro to some of this process information. This one is sort of like gaining some “free experience” - it took a lot of us years to arrive at the conclusions you’re just handed here.
  • The Art of Unit Testing: With Examples in .NET: If you’re doing an enterprise app, you’d best be testing it. “It works” isn’t good enough at this level. While unit testing isn’t the only kind of testing you should be doing, it is fundamental. This book will help you understand how unit testing works and how to make a good unit test.
  • Other technology-specific books: You’ll end up with a lot of books that tell you how to work specific tech in .NET. Depending on your solution, you may or may not need these; or you may need more than this.

Like I said, it’s nowhere near a comprehensive list. For example, you’ll notice I didn’t include a database design book - not because there aren’t any good ones, just that I don’t have a specific recommendation. I also didn’t include a book for every single .NET-based tech; that list could go on forever. Windows Presentation Foundation, Silverlight, Azure cloud services… there’s a lot. I also didn’t get into every technology-agnostic programmer topic that would help - regular expressions, source code branching strategies, refactoring patterns, algorithms and data structures, etc. Again, that could go on forever.

However, all of this stuff is stuff you need to know, or at least be highly aware of, if you’re doing any sort of “true” enterprise development. It’s not just multi-tier development.

What do you think? Do you have a recommended set of books for enterprise application development? Do you think you can learn enterprise app from a single book? Several books? Or is it just something you need to learn with experience? Leave a comment and help out the people who are trying to learn.

media, home comments edit

Busy weekend this weekend, but got a lot done and had some fun, so it was one of the better ones.

Saturday my mom came over early and went with me to my 24th (and, ostensibly, final) laser hair removal treatment. (I’ll blog that in a couple of weeks after I see the results.) We tooled around town most of the rest of the morning, got some lunch, and headed back home.

In the afternoon my dad and grandpa came over and my dad helped me wire up some Cat-6 from my office to my living room. I have a feeling my Netflix issues are strongly tied to wireless network interference and since I’m looking at getting a new receiver with Ethernet built in, I needed to get a wire dropped in anyway. (No, my house wasn’t wired when I bought it. I wasn’t involved in the building of the house or I’d have had it wired to start with. As it stands, now I have to retrofit wires in and it’s not so simple with some of the sound barriers and things they built into my walls.)

Wiring that up meant me belly-crawling my way around in the crawlspace under my house, which sucks, especially when your flashlight burns out and you’re in the furthest corner of the house away from the door out. Feels a little like being in Saw, that. Plus there’s not actually enough room with all the pipes and stuff down there to really crawl so much as do that breakdancing worm move. My back and hips are killing me today.

After the wiring was done, we played Wii for a while and I showed my parents and grandpa how Wii Fit works. I showed them that it’s not just games, but also some different strength and yoga exercises. One of the strength exercises I showed them was the “plank exercise” - basically you hold a pushup position without moving for 30 seconds and it scores you on how stable you are. I’m admittedly out of shape, and when I showed them I got a 47 out of 100 for stability. My dad tried it and he also got a 47, so I didn’t feel too bad. Then my 88-year-old grandfather got up there and got a 96 like it was nothing. We were… suitably impressed.

Sunday I got some chores done, played a little BioShock 2, and then went to see the new Alice in Wonderland movie in IMAX 3D.

Disney's Alice in
Wonderland

I am an Alice in Wonderland freak, so I’ve been looking forward to this movie for a long time. That’s actually one of the reasons I paid the $15-per-seat to get the IMAX 3D.

Unfortunately, I didn’t anticipate this to be quite as huge as Avatar was, so I figured getting to the theater a half hour early would be plenty. I was wrong. Very wrong. So wrong we got stuck literally in the back row in the far right corner.

I was unaware that theaters would sell tickets for seats behind the rear speakers, but those were the seats we were in.

Needless to say, this affected my mood and my viewing experience.

The movie itself was good. It was very visually engaging, as expected with Tim Burton films, and did not disappoint on that front. It was nice to see a bit of a “reimagining” of the story and have a sort of “sequel” as it were. The characters were pretty cool and well acted and I never had that thing where I look at my watch and wonder how long is left in the movie. I wanted it to just keep going.

That’s actually the downfall of the movie, if you can call it that. I wanted more. I wanted to hear more about the White Queen, since you really don’t get much from her. I wanted to hear more about the rivalry between the Red Queen and White Queen. I wanted more background on the Knave of Hearts. I think I could have stood another 20 - 30 minutes to get some of that depth that was missing.

There’s also a bit of dancing at the end - you’ll know what I’m talking about when you see it - that could have been cut. It didn’t add anything to the film and was just silly compared to the rest of it.

Don’t let that fool you, though: I thought it was a great movie and I’ll be picking it up when it comes out on Blu-ray. In fact, I think I’ll like it better when it comes out on Blu-ray because I’ll have the opportunity to actually see and hear it all the way it’s supposed to be seen and heard.

The thing is, I don’t think I really got the full viewing experience sitting where we were. Skewed so far back in the corner, some of the 3D effects were blurry and weird rather than being actual 3D. (This was true even for the trailers, the same trailers I saw when I saw Avatar in IMAX 3D and looked fine.) The worst was the sound. There were times where you could tell that if you were sitting in the middle, you’d get this cool effect of some ethereal sounds floating around you, or some disembodied character speaking that should sound like it was in your head. I didn’t get any of that. Stuff that was supposed to be behind you was right over my head. Stuff that was supposed to be in front of you was way out front. The whole thing was very disorienting and actually detracted from my enjoyment of the experience, something I’d waited months for. Enough that I almost would rather not have seen it and just forfeited the tickets and gone some other time when I could have seen it with a decent seat. Very, very disappointing.

Anyway, definitely go check that out, but if you go for IMAX 3D get there ridiculously early or you’ll have wasted your time and your money like me.