Home Developer Ensure code quality in the CI/CD pipeline

Ensure code quality in the CI/CD pipeline

Author

Date

Category

Continuous integration and continuous delivery tools (CI/CD) like Jenkins, Circle CI and GitHub Actions help automate steps in the software development process. However, these tools cannot ensure the quality of your application once deployed.

To help solve for this, Codacy can block a pull request (PR) if it’s not up to standards (a top feature of our tool). This prevents a merge in Github or other repository generating a build without technical debt.


Let’s assume that someone with admin rights approved the PR. However, your company doesn’t want to automatically build if quality is below a certain threshold. You can prevent the build if it’s under a designated level using Codacy’s REST API.

Example with CI/CD

Although we use GitHub Actions as the CI/CD tool in this example the same actions apply across CI/CD systems.
First let’s create an action and set it up to run only on the master branch.


name: Release

on:
  push:
    branches:
      - master

Then, generate a Project API token on Codacy and add it to GitHub Secrets.

Now we use the REST API mentioned above to check repo details on Codacy. We use the “Project Details” method (below) which returns the following data:

{
  "commit": {
    "commit": {
      "complexity": {},
      "coverage": {},
      "grade": "string",
      "nrClones": {},
      "nrIssues": 0
    },
    "delta": {
      "complexity": {},
      "coverage": {},
      "files": [
        {
          "complexity": {},
          "coverage": {},
          "fixedIssues": 0,
          "newIssues": 0,
          "nrClones": {},
          "path": "string"
        }
      ],
      "fixedIssues": 0,
      "newIssues": 0,
      "nrClones": {}
    },
    "sha": "string",
    "state": "string",
    "urls": [
      {
        "name": "string",
        "url": "string"
      }
    ]
  },
  "name": "string",
  "urls": [
    {
      "name": "string",
      "url": "string"
    }
  ],
  "user": "string"
}

We check the project grade and receive the following:

grade=$(curl -s -X GET https://api.codacy.com/2.0/project \
          -H 'Accept: application/json' \
          -H 'project_token: ${{ secrets.CODACY_TOKEN }}' | jq -r '.commit.commit.grade')
 echo $grade
 if [[ "$grade" == "A" ]]
    then
      echo -e "\e[1;42m Grade $grade is ok. Build will continue. \e[0m"
    else
      echo -e "\e[1;31m Grade $grade is below the expected and the build will stop. \e[0m"
            exit 1
 fi

Therefore the project will exit the build process with error status 1 if the repo grade is not “A.” It will look like this:

Below is the full GitHub Action code for the example:

name: Release

on:
  push:
    branches:
      - master

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node-version: [12.x]
    steps:
    - uses: actions/checkout@v1
    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v1
      with:
        node-version: ${{ matrix.node-version }}
    - name: npm coverage
      run: |
        set -e
        npm install
        npm run coverage-to-codacy
        grade=$(curl -s -X GET https://api.codacy.com/2.0/project \
          -H 'Accept: application/json' \
          -H 'project_token: ${{ secrets.CODACY_TOKEN }}' | jq -r '.commit.commit.grade')
        echo $grade
        if [[ "$grade" == "A" ]]
          then
            echo -e "\e[1;42m Grade $grade is ok. Build will continue. \e[0m"
          else
            echo -e "\e[1;31m Grade $grade is below the expected and the build will stop. \e[0m"
            exit 1
        fi
      env:
        CI: true

We have now ensured that we meet the designated level of code quality in the project!


About the author

Helio Rocha is a Solutions Engineer at Codacy. You can read more from Helio on our blog and on his medium page. Reach him on twitter too at @ItsOnlyHelio.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

Recent posts

7 drawbacks of linting tools

Linting tools (also known as linters or static analyzers) help automate the code review process. They perform basic static code analysis by flagging programming...

Using the API to add Codacy Grade details to the Readme

Some context Codacy has a badge mechanism that can be included in your Readme file. It gives you an idea of the grade of your repository, from...

March Product Update: Support for Cloud Infrastructure-as-code, Custom Reports with API endpoints & more 🚀

Here are some fresh updates from March! This month we bring you a new product offering, new features, and product updates, interesting reads, and...

Top 10 ways to perform fast code review

We always want to be fast at code review.. How frequent is it for you to be reviewing code at 3am? When code reviewing, do you...

Interview with Gary McKay, Somos’ Director of Agile Service Delivery

Somos is a proven leader in registry management and data solutions. Somos fosters meaningful connections by delivering value, innovation and confidence to consumers. We...