Make most out of your CI pipeline: Hassle-free and efficient code quality analysis and monitoring for your GitHub repositories
--
A Continuous Integration (CI) pipeline, such as GitHub Actions, makes tasks such as compiling and testing software easier and automated. Though you may integrate code quality analysis tools (such as SonarQube, Codacy, and CodeBeat) into your CI pipeline. However, your pipeline may still lack some or all of the following much needed edge depending upon your employed code quality analysis tool.
- A rich visualization for your code quality enabling you to comprehend your project and infer deeper issues.
- Trend analysis of your project’s code quality ranking and score.
- A relative code quality ranking compared to thousands of open-source projects giving enough confidence to your management that the project quality is at par, if it is, with a typical well-known open-source project.
How can you achieve all of the above-mentioned features in a hassle-free way? The combination of Designite and QScored can help you here! Keep on reading if you would like to setup (or improve) your CI pipeline in GitHub (via GitHub Actions) for your C# or Java projects, run Designite/DesigniteJava every time you push a commit, and upload the code quality analysis report to QScored for the rich visualization of smells and metrics as well as for relative ranking and code quality trend analysis.
Steps to setup a CI pipeline with Designite and QScored as GitHub Actions
Step 1. Obtain Personal access token and add it to GitHub secrets
a. Create a new personal access token for your GitHub repository. You may do it by going to “Settings” -> “Developer settings” page of your GitHub account. Select “Personal access token” tab and create a new token.
b. Add this token to your repository’s secrets. Go to “Settings” within your repository page and select “Secrets”. Add a new secret by pasting the access token in the Value field and give a meaning name (e.g. PAT).
Step 2: Add QScored API key to secrets
a. If you do not have a QScored API key for your account, follow these steps to get one.
- Login to your QScored account. If you don’t have an account yet, create one.
- Go to the “Settings” page after logging in; it is located on the right top side of the navigation bar. Click on “Request an API key” option; you will get your API key within seconds in your inbox.
b. Add the API key to your GitHub’s repository secrets. Let’s say you name it QSCORED_API_KEY.
Step 3: Optional: Add your Designite key to secrets
If you have Designite’s professional (or academic) license key, add the key to your GitHub’s repository secrets. Let us call it D_KEY
Step 4: Add a GitHub Actions workflow file
This is the last and very crucial step. Create a folder “.github” on your root directory of the project and create “workflows” folder inside the “.github” folder. Create a workflow file (say “actions.yml”) in the newly created “workflows” folder. The contents of the action.yml file depends upon your project language and tasks.
Sample actions.yml file for a C# project (.NET framework-based)
Change <Your email> and <Project name> in the following action file. Also, you may choose to keep your project private or publicly searchable by setting “is_open_access” to “off” or “on” respectively.
Sample actions.yml file for a Java project
Change <Your email> and <Project name> in the following action file.
What will you get?
It’s important to know what you will get after putting effort to setup a CI pipeline with Designite and QScored.
- The first thing that you achieved by the above exercise is that you have automated code analysis with Designite for each commit. Also, you have exported the analysis results to QScored. It implies that you can observe the trend of your code quality over time as well as relative ranking of your projects on QScored. Here is an example of the ‘My projects’ dashboards looks like.
2. Another related aspect that you achieved is that you may take a deeper look at your code quality report using QScored nice visualizations. The visualizations are designed to help you understand the quality hotspots of your projects and help you dig deeper them.
