Integrate CodeScene in your CI/CD Pipeline¶
By integrating CodeScene into your CI/CD Pipeline and/or your Pull and Merge Requests, you get the following advantages:
Quality gates for hotspot goals.
Quality gates for Code Health decline.
Automated code review of new modules.
Early warnings such a complexity trend increase or detect the absence of expected change coupling.
Prioritize code reviews based on the risk of the commits.
Note: some of these checks can be accomplished locally using the CodeScene CLI tool.
The integration is automated for GitHub, BitBucket, BitBucket Server, GitLab, Azure DevOps, and Gerrit.
CodeScene also provides an official Jenkins plugin + a CircleCI orb + a REST API and library for integrations with any other platform or build pipeline (custom integrations are described in CI/CD Integration with CodeScene’s Delta Analysis).
To enable the pull request (PR) integration, you go to the project configuration and select your Git provider:
All that is required are API credentials (API Token/App Password) authorized to modify webhooks and pull requests. Enter the proper credentials, and press “Save Configuration”. CodeScene will now act on new or modified PRs and provide an automated review:
Use Cases and how to interpret the results¶
The use cases and configuration options are explained in CI/CD Integration with CodeScene’s Delta Analysis.
Control the pull request comments¶
By default, CodeScene will only post a PR review comment if a) a quality gate fails, or b) the change is high risk and has a higher recommended review level. You can change this defaults inside your project’s configuration, by selecting Delta Analysis in the left menu:
Note that Delta Analysis will only be performed if the CodeScene project is configured to analyse the PR target branch. To analyse PRs with different target branches, you need to set up one CodeScene project per target branch.
Suppress Pull Request Findings¶
You can suppress individual findings in a PR check. The suppression affects the PR check and subsequent checks on the same pull request.
The option is available on the results page in CodeScene. You can get to this page from PR check via the results link.
Supported Integrations¶
CodeScene Jenkins Plugin¶
CodeScene provides an official Jenkins plugin, available via Jenkins Update Center .
More detailed installation and configuration instructions are available here .
Integrate CodeScene in build pipelines using codescene-ci-cd¶
We provide an open source library that encapsulates the CodeScene integration. Using this library, you can easily add PR check steps to build pipelines. See the library documentation for configuration examples and options: codescene-ci-cd .
CodeScene Orb for CircleCI Integration¶
CodeScene provides an official CircleCI Orb, available directly via the CircleCI Orb Registry .
Connect using CodeScene’s REST API¶
CodeScene provides a REST API that lets you integrate the analysis results in a continuous integration pipeline and/or as robot comments in a code review tool like Gerrit.
See CI/CD Integration with CodeScene’s Delta Analysis.
Pull Requests: Statistics, Actions, and Impact¶
Available in Analysis Results, System menu, PR Statistics
No matter what baseline we start from, we never want our code to become harder to read, understand, or maintain. CodeScene’s pull request integration lets you stay on top of your development so that you can prioritize and act upon any negative trends. For that purpose, CodeScene visualizes the impact of pull requests over time:
The presented statistics are:
Checks performed: This is the total number of pull request analyses run by CodeScene.
Findings Detected: A finding is either a violated goal (e.g. a planned refactoring never happened), a reported code health decline, or new code with code health findings.
Findings Fixed: A number of detected findings that are acted upon and mitigated.
Findings Ignored: This is the number of detected findings that were merged as-is, without remediation, to the main branch. Ignored findings lead to a failed goal and/or a code health decline.
Findings Suppressed: This is the number of findings that are suppressed
You can also inspect the details of individual pull requests if you need to drill down even further:
You can find the pull request statistics on your project’s analysis dashboard: