Integrate CodeScene with GitHub Pull Requests¶
CodeScene identifies and prioritizes technical debt, while at the same time uncovering and measuring social factors of the organization behind the system. The earlier you can react to any potential finding, the better. That’s why CodeScene offers an integration with GitHub and Bitbucket [BETA] pull requests that let you incorporate the analysis results into your existing delivery workflow.
CodeScene and Pull Requests: Use Cases¶
The purposes of CodeScene’s pull request integration is to:
Specify quality gates that trigger in case the Code Health of a hotspot declines.
Prioritize code reviews based on the risk of the commits.
Get early warnings on new and complex code, and detect the absence of expected change coupling to catch omissions.
Quality Gates for declining Code Health¶
CodeScene integrates with pull requests via GitHub’s checks API. That way, CodeScene can act as a (soft) quality gate during development. If a hotspot declines in health, CodeScene detects it, fails the checks, and presents the details:
CodeScene’s Quality Gates focuses on Trends, not absolute values¶
You might look sceptically at automated quality gates. After all, many code analyses are noisy with tons of warnings in code you haven’t even touched or didn’t write yourself.
CodeScene takes a different approach and its quality gates emphasize trends over absolute values; is a hotspot getting better or worse?
CodeScene uses the current state of the code as its baseline during the PR review. This limits the feedback to information that’s relevant and actionable; we never want our code to get worse no matter what level we start at. Trends are actionable.
Prioritize Code Reviews via the predicted Delivery Risk¶
In many organizations, code reviews tend to become bottlenecks. There’s only so much code we can review each day, and after a while it becomes easy to slip. Suddenly, a critical error makes its way to production.
To help optimize code reviews, CodeScene recommends a code review level based on the predicted delivery risk of the PR:
Use the recommended review level as a guideline to save time during code reviews.
How are high risk PRs identified?¶
So how can CodeScene predict the necessary review level? Under the hood, CodeScene calculates a unique risk profile for your codebase based on how the system has evolved. This risk profile is a combination of technical and social metrics. The technical metrics relate to the depth and diffusion of the change – the more changes and the more widespread, the higher the risk.
The social dimension of the risk profile relates to the experience of the programmer doing the change. Note that experience is relative to a specific repository, and measured as how much each programmer has contributed to your code historically.
Finally, the emphasize is on _prediction_; while it’s likely that a detected high risk change contains a bug, the tool cannot guarantee it, not can it guarantee that lower risk changes are bug free. It’s all about probabilities.
Enable the Pull Request Integration¶
Navigate to your project’s configuration in CodeScene. The first step is to install the GitHub app for the integration. CodeScene will inform you of this step, if needed:
With the app installed, all you need to do is to check a box and you are up and running with a single click:
Set Up an Automatic Analysis Schedule¶
CodeScene will always try to fetch the latest version of every file changed in a pull request, but it won’t do that for large pull requests containing more than 30 files.
To get the best results for the Pull Request Integration checks, it’s a good idea to set up an automatic full analysis for your project.
You can do this in the Analysis schedule section of the project configuration. See the Getting Started section to learn more about this feature.
Enable CodeScene’s Status Badges¶
At this point you might want to add CodeScene’s status badges to your project as well. Status badges allow your teams to keep an eye on the health of their projects at a glance:
The status badges are intended for embedding in your GitHub README file. Sample GitHub markup is provided on the “Status Badges” configuration tab.
Constraints and Limitations¶
CodeScene’s pull request integration requires a paid plan.
Pull requests created from forked repositories are supported with a caveat: If the fork’s branch (from which the PR has been created) is not up to date with the corresponding upstream repository’s main branch then it’s possible that CodeScene fails to detect a code health decline (or an improvement) due to obsolete versions of changed files in the fork. This should only happen when the files modified by the PR has been changed, in the meantime, in the upstream repository . A recommended remedy is to keep forks synchronized with upstream repositories.