Supported Git Hosting Providers

You can use your GitHub, Bitbucket or Azure DevOps account to sign up with CodeScene and analyse your repositories.

GitHub

CodeScene provides full integration with GitHub and all codescene.io functionality has been thoroughly tested using our own GitHub accounts.

Required access

GitHub authorization screen

Fig. 6 GitHub Access requested by CodeScene

CodeScene needs access to your organizations to facilitate creating an organizational account. It needs repository (code) access to analyse your code. Unfortunately GitHub OAuth apps cannot request read-only access to repositories. CodeScene will never do any write operations, except for PR Integration creating and editing Check Runs in your Pull Requests.

Bitbucket

CodeScene provides integration with Bitbucket and all codescene.io functionality has been thoroughly tested. Pull Request Integration requires that our Atlassian Connect App is installed in participating workspaces.

Our Delta Analysis app - used to Integrate CodeScene with Pull Requests - has been published on Atlassian’s Marketplace .

Required access

BitBucket authorization screen

Fig. 7 Bitbucket Access requested by CodeScene

CodeScene needs read-only access to your code and the ability to post pull request comments.

Azure

CodeScene provides full integration with Azure DevOps, including Project management analyses of Work Items. Pull Request Integration is done using Service Hooks, expect them in your projects if you’re using the feature.

Required access

Azure DevOps authorization screen

Fig. 8 Azure DevOps Access requested by CodeScene

These are the features that require a specific access:

  • Creating organization accounts, finding user projects: Project and team (read), Graph (read)

  • Analysis of code: Code (read)

  • PR Integration comments: PR threads

  • PR Integration Status Checks: Code (status)

  • Project Management Analyses: Work items (read)

CodeScene will add PR comments and Status Checks to your pull requests and it will add Service Hooks to receive PR related events. Otherwise CodeScene won’t perform write operations.

Unfortunately it is not possible to register OAuth consumer with Azure DevOps that would have all potential scopes and then request reduced scope of access based on your actual feature use. Azure OAuth server will throw an error if requested scopes and OAuth App’s scopes don’t match exactly.

Resolving login issues

In some cases, when Azure DevOps organization was connected or disconnected from another Active Directory, there is a bug where Azure cannot map user’s VSID to descriptor (and therefore organization member). To address this issue you need to create a fresh new Organization (or have someone else create it and invite you to it), then you need to enable 3rd party app access in Organization Settings:

Azure DevOps policies screen

Fig. 9 Enable Third-party application access via OAuth setting

Select Policies and enable Third-party application access via OAuth, then try to log in. You can delete the organization used for this workaround after users have successfully logged in.

GitLab

CodeScene provides full integration with GitLab. Merge Request Integration is done using Webhooks Hooks, expect them in your projects if you’re using the feature.

Required access

GitLab authorization screen

Fig. 10 GitLab Access requested by CodeScene

The access requested by our OAuth App is extensive. The reason is that the only way to clone a private GitLab project with an OAuth token is when the token has api access, which is read/write access to almost everything. As with GitHub, we never do any write operations except the Merge Request comments to post results of analysis.