Integrate CodeScene in your CI/CD Pipeline

By integration CodeScene into your CI/CD Pipeline and/or your code review tools, you get the following advantages:

  • Prioritize code reviews based on the risk of the commits.
  • Specify quality gates for the goals specified on identified hotspots using CodeScene’s Intelligent Notes.
  • Specify quality gates that trigger in case the Code Health of a hotspot declines.
  • Get early warnings such a complexity trend increases and detect the absence of expected change coupling.

The use cases and configuration options are explained in CI/CD Integration with CodeScene’s Delta Analysis.

The rest of this guide explains the integrations for the supported platforms.

CodeScene Jenkins Plugin

CodeScene provides an official Jenkins plugin, available via Jenkins Update Center.

More detailed installation and configuration instructions are available here.

CodeScene’s Automated Pull Request Review for GitHub, GitLab, BitBucket and Azure DevOps

CodeScene integrates in a code review workflow to provide automatic review comments on pull requests. With this integration, any code health decline or goal violations are caught early. CodeScene will install webhooks at the remote service that will trigger a Delta Analysis when a pull request is created or updated. The results of the Delta Analysis will be visible as a comment on the pull request.

To enable this integration, all that is required is API credentials (API Token/App Password) authorized to modify webhooks and pull requests.

CodeScene provides automated pull request comments.

Fig. 28 CodeScene provides automated pull request comments.

CodeScene Orb for CircleCI Integration

CodeScene provides an official CircleCI Orb, available directly via the CircleCI Orb Registry.

CodeScene Integration with Gerrit

You can integrate with Gerrit using the following options:

  1. Webhooks: Enable the webhooks for Gerrit in your CodeScene project configuration. This adds automated review comments to Gerrit’s patch sets.
  2. Build Bot: Use CodeScene’s Jenkins plugin as a code review bot (+1).

One important note on the Gerrit integration: Gerrit provides a staging area for code to be reviewed. This staging area is kept separate from the main, authorative Git repository. As a consequence, the commits for a delta analysis aren’t available in the main Git repository, but in Gerrit’s mirror of the repository.

CodeScene lets you resolve this by specifying a different origin_url and a specific change_ref to fetch before the delta analysis is run. Here’s an example:

curl -X POST -d '{"commits": ["149f9e6"], "repository": "PhpSpreadsheet", "origin_url": "", "change_ref": "refs/changes/82/577659/7"}' http://localhost:3003/projects/64/delta-analysis -u 'CodeReview:MyPassword' -H "content-type: application/json"

That is, CodeScene will fetch a specific change set from Gerrit and then run the delta analysis as indicated by the other parameters you provide.