Integrate CodeScene with GitHub Pull Requests

CodeScene identifies and prioritizes technical debt, while at the same time uncovering and measuring social factors of the organization behind the system. The earlier you can react to any potential finding, the better. That’s why CodeScene offers an integration with GitHub and Bitbucket [BETA] pull requests that let you incorporate the analysis results into your existing delivery workflow.

CodeScene and Pull Requests: Use Cases

The purposes of CodeScene’s pull request integration is to:

  • Specify quality gates that trigger in case the Code Health of a hotspot declines.

  • Prioritize code reviews based on the risk of the commits.

  • Get early warnings on new and complex code, and detect the absence of expected change coupling to catch omissions.

CodeScene's quality gate triggers in a GitHub check on code health decline.

Fig. 83 CodeScene’s quality gate triggers in a GitHub check on code health decline.

Quality Gates for declining Code Health

CodeScene integrates with pull requests via GitHub’s checks API. That way, CodeScene can act as a (soft) quality gate during development. If a hotspot declines in health, CodeScene detects it, fails the checks, and presents the details:

Example on a failing quality gate where a hotspot declines in code health.

Fig. 84 Example on a failing quality gate where a hotspot declines in code health.

Prioritize Code Reviews via the predicted Delivery Risk

In many organizations, code reviews tend to become bottlenecks. There’s only so much code we can review each day, and after a while it becomes easy to slip. Suddenly, a critical error makes its way to production.

To help optimize code reviews, CodeScene recommends a code review level based on the predicted delivery risk of the PR:

Prioritize code reviews based on the predicted delivery risk.

Fig. 85 Prioritize code reviews based on the predicted delivery risk.

Use the recommended review level as a guideline to save time during code reviews.

How are high risk PRs identified?

So how can CodeScene predict the necessary review level? Under the hood, CodeScene calculates a unique risk profile for your codebase based on how the system has evolved. This risk profile is a combination of technical and social metrics. The technical metrics relate to the depth and diffusion of the change – the more changes and the more widespread, the higher the risk.

The social dimension of the risk profile relates to the experience of the programmer doing the change. Note that experience is relative to a specific repository, and measured as how much each programmer has contributed to your code historically.

Finally, the emphasize is on _prediction_; while it’s likely that a detected high risk change contains a bug, the tool cannot guarantee it, not can it guarantee that lower risk changes are bug free. It’s all about probabilities.

Enable the Pull Request Integration

Navigate to your project’s configuration in CodeScene. The first step is to install the GitHub app for the integration. CodeScene will inform you of this step, if needed:

Install the GitHub integration for pull request integrations.

Fig. 86 Install the GitHub integration for pull request integrations.

With the app installed, all you need to do is to check a box and you are up and running with a single click:

Enable the pull request integration with a single click.

Fig. 87 Enable the pull request integration with a single click.

Set Up an Automatic Analysis Schedule

CodeScene will always try to fetch the latest version of every file changed in a pull request, but it won’t do that for large pull requests containing more than 30 files.

To get the best results for the Pull Request Integration checks, it’s a good idea to set up an automatic full analysis for your project.

You can do this in the Analysis schedule section of the project configuration. See the Getting Started section to learn more about this feature.

Enable CodeScene’s Status Badges

At this point you might want to add CodeScene’s status badges to your project as well. Status badges allow your teams to keep an eye on the health of their projects at a glance:

Keep track of knowledge loss when developers leave the project, as well as overall code health.

Fig. 88 Keep track of knowledge loss when developers leave the project, as well as overall code health.

The status badges are intended for embedding in your GitHub README file. Sample GitHub markup is provided on the “Status Badges” configuration tab.

Constraints and Limitations

  • CodeScene’s pull request integration requires a paid plan.

  • Pull requests created from forked repositories are supported with a caveat: If the fork’s branch (from which the PR has been created) is not up to date with the corresponding upstream repository’s main branch then it’s possible that CodeScene fails to detect a code health decline (or an improvement) due to obsolete versions of changed files in the fork. This should only happen when the files modified by the PR has been changed, in the meantime, in the upstream repository . A recommended remedy is to keep forks synchronized with upstream repositories.