What does a scan look for?
The scans search for adherence or its lack thereof to the following rules:
Common rules, that is:
Technical best practices by SaaS platform vendor (ServiceNow and Salesforce)
Software development industry standards
Quality Clouds recommended best practices
- Custom rules - client-defined technical best practices
What is being scanned?
Depending on the SaaS platform, Quality Clouds scans different elements. Both code and configuration is being scanned. Quality Clouds does not analyse or scan any data.
The following element types are being checked:
Where does a scan run?
Each scan runs on Quality Clouds secure and reliable environment from top cloud service providers. The code is parsed in-memory, and is never stored anywhere.
What is the result of a scan?
The results of the scan is a set of metrics and indicators per instance. The result (not the code or data) is stored and displayed in dashboards.
Types of scans
A full-code scan is a unique time Quality Clouds runs the quality checks of a SaaS platform instance. The full-code scan creates a complete drill-down view of the quality data, and it refreshes all the dashboards.
→ See Launching scans
Scans take between 10 and 50 minutes to run, depending on your instance complexity. Once finished, you should be able to see the results on the dashboards, and the scan information on the History tab. Only certain roles can launch full scans.
A profiling scan is a scheduled scan, run on a frequent, regular basis (usually weekly, depending on your pricing scheme) to check for the health of your instance and generate the high-level KPIs only in the Instance Profiling dashboard.
Currently, the profiling scan is available for ServiceNow and Salesforce.
Operational scans (Admin BOT)
Operational scans is an add-on to Quality Clouds. See our solutions and pricing for more information: https://www.qualityclouds.com/pricing/.
The operational scan or Admin bot is an automated process that runs periodically against your productive SaaS environments and warns you about alerts that need attention. The scan is scheduled to run daily and results in an email report. Find out more here.
Quality Clouds scans can be executed directly from the Jenkins plugin. This plugin gives you the ability to perform automatic code scans, with the results of the scans being available to view in Jenkins interface format. Click here to read more information about the Jenkins plugin.
Update set scan (ServiceNow)
An update set scan gives you a visual list of the type of issues found and a link to the ServiceNow pages with the best practices. For more information about how to analyze your ServiceNow update set, click here.
Feature branch scan (Salesforce and Office365)
Checks all the changes you're working on in a feature branch before deploying them to a Git master branch.
The feature branch scans run against different repositories on each scan, and only scan the changes that have been committed to the feature branch. The name of the feature branch needs to be specified at the time of launching a scan.
For Salesforce, you can run the feature branch scans from the portal and from the app.
For the time being, you can only see the issues detected by a scan in the app. See more in Working with scans in the app.