Integrate CodeScene in your CI/CD Pipeline

By integration CodeScene into your CI/CD Pipeline and/or your Pull and Merge Requests, you get the following advantages:

  • Quality gates for hotspot goals.

  • Quality gates for Code Health decline.

  • Automated code review of new modules.

  • Early warnings such a complexity trend increase or detect the absence of expected change coupling.

  • Prioritize code reviews based on the risk of the commits.

The integration is automated for GitHub, BitBucket, BitBucket Server, GitLab, Azure DevOps, and Gerrit.

CodeScene also provides an official Jenkins plugin + a CircleCI orb + a REST API and library for integrations with any other platform or build pipeline (custom integrations are described in CI/CD Integration with CodeScene’s Delta Analysis).

To enable the pull request (PR) integration, you go to the project configuration and select your Git provider:

Enable the automated pull request integration to use CodeScene as review input and quality gate.

Fig. 22 Enable the automated pull request integration to use CodeScene as review input and quality gate.

All that is required are API credentials (API Token/App Password) authorized to modify webhooks and pull requests. Enter the proper credentials, and press “Save Configuration”. CodeScene will now act on new or modified PRs and provide an automated review:

CodeScene provides automated pull request reviews.

Fig. 23 CodeScene provides automated pull request reviews.

Use Cases and how to interpret the results

The use cases and configuration options are explained in CI/CD Integration with CodeScene’s Delta Analysis.

Control the pull request comments

By default, CodeScene will only post a PR review comment if a) a quality gate fails, or b) the change is high risk and has a higher recommended review level. You can change this defaults inside your project’s configuration, by selecting Delta Analysis in the left menu:

Configure how often you want CodeScene to comment on your PRs.

Fig. 24 Configure how often you want CodeScene to comment on your PRs.

Note that Delta Analysis will only be performed if the CodeScene project is configured to analyse the PR target branch. To analyse PRs with different target branches, you need to set up one CodeScene project per target branch.

Supported Integrations

CodeScene Jenkins Plugin

CodeScene provides an official Jenkins plugin, available via Jenkins Update Center.

More detailed installation and configuration instructions are available here.

Integrate CodeScene in build pipelines using codescene-ci-cd

We provide an open source library that encapsulates the CodeScene integration. Using this library, you can easily add PR check steps to build pipelines. See the library documentation for configuration examples and options: codescene-ci-cd.

CodeScene Orb for CircleCI Integration

CodeScene provides an official CircleCI Orb, available directly via the CircleCI Orb Registry.

Connect using CodeScene’s REST API

CodeScene provides a REST API that lets you integrate the analysis results in a continuous integration pipeline and/or as robot comments in a code review tool like Gerrit.

See CI/CD Integration with CodeScene’s Delta Analysis.

Pull Requests: Statistics, Actions, and Impact

Available in Analysis Results, System menu, PR Statistics

No matter what baseline we start from, we never want our code to become harder to read, understand, or maintain. CodeScene’s pull request integration lets you stay on top of your development so that you can prioritize and act upon any negative trends. For that purpose, CodeScene visualizes the impact of pull requests over time:

View the impact and developer action due to the pull request integration.

Fig. 41 View the impact and developer action due to the pull request integration.

The presented statistics are:

  • Checks performed: This is the total number of pull request analyses run by CodeScene.

  • Issues Detected: An issue is either a violated goal (e.g. a planned refactoring never happened), a reported code health decline, or new code with code health issues.

  • Issues Fixed: A positive action is when one of the detected issues is acted upon and mitigated.

  • Issues Ignored: This is the number of detected issues that were merged as-is, without remediation, to the main branch. Ignored issues lead to a failed goal and/or a code health decline.

CodeScene also calculates the total code health impact and presents it as monthly trends. These trends let you visualize and communicate improvements, as well as taking actions upon a larger decline:

View the code health impact of the pull request integration.

Fig. 42 View the code health impact of the pull request integration.

In the preceding example, we see that Codebase A took on a significant amount of technical debt during November. This code health decline would also be reported as alerts on the CodeScene dashboard when the pull requests are merged. A recommended action in this case would be to plan goals to manage the new debt (see Manage Hotspots and Technical Debt with Goals).

Contrast this with Codebase B which shows a positive trend where smaller code improvements are delivered continuously.

Finally, you can inspect the details of individual pull requests if you need to drill down even further:

CodeScene presents detailed statistics per pull request, allowing a deeper drill down.

Fig. 43 CodeScene presents detailed statistics per pull request, allowing a deeper drill down.

You can find the pull request statistics on your project’s analysis dashboard:

The dashboard includes pull request statistics and a link to view more details.

Fig. 44 The dashboard includes pull request statistics and a link to view more details.