2019-06-11 12:39:26 -04:00
|
|
|
---
|
|
|
|
type: reference, howto
|
|
|
|
---
|
|
|
|
|
2018-07-10 08:39:55 -04:00
|
|
|
# Analyze your project's Code Quality
|
|
|
|
|
2018-11-13 11:09:10 -05:00
|
|
|
CAUTION: **Caution:**
|
2019-04-17 05:25:18 -04:00
|
|
|
The job definition shown below is supported on GitLab 11.11 and later versions.
|
2018-11-13 11:09:10 -05:00
|
|
|
It also requires the GitLab Runner 11.5 or later.
|
|
|
|
For earlier versions, use the [previous job definitions](#previous-job-definitions).
|
|
|
|
|
2018-07-10 08:39:55 -04:00
|
|
|
This example shows how to run Code Quality on your code by using GitLab CI/CD
|
|
|
|
and Docker.
|
|
|
|
|
2018-11-13 11:09:10 -05:00
|
|
|
First, you need GitLab Runner with
|
|
|
|
[docker-in-docker executor](../docker/using_docker_build.md#use-docker-in-docker-executor).
|
2018-07-10 08:39:55 -04:00
|
|
|
|
2019-04-17 05:25:18 -04:00
|
|
|
Once you set up the Runner, include the CodeQuality template in your CI config:
|
2018-07-10 08:39:55 -04:00
|
|
|
|
|
|
|
```yaml
|
2019-04-17 05:25:18 -04:00
|
|
|
include:
|
|
|
|
- template: Code-Quality.gitlab-ci.yml
|
2018-07-10 08:39:55 -04:00
|
|
|
```
|
|
|
|
|
|
|
|
The above example will create a `code_quality` job in your CI/CD pipeline which
|
2018-11-13 11:09:10 -05:00
|
|
|
will scan your source code for code quality issues. The report will be saved as a
|
2019-02-03 17:26:09 -05:00
|
|
|
[Code Quality report artifact](../yaml/README.md#artifactsreportscodequality-starter)
|
2018-11-13 11:09:10 -05:00
|
|
|
that you can later download and analyze.
|
|
|
|
Due to implementation limitations we always take the latest Code Quality artifact available.
|
2018-07-10 08:39:55 -04:00
|
|
|
|
|
|
|
TIP: **Tip:**
|
2018-11-13 11:09:10 -05:00
|
|
|
For [GitLab Starter][ee] users, this information will be automatically
|
|
|
|
extracted and shown right in the merge request widget.
|
2018-07-10 08:39:55 -04:00
|
|
|
[Learn more on Code Quality in merge requests](https://docs.gitlab.com/ee/user/project/merge_requests/code_quality.html).
|
|
|
|
|
2018-11-13 11:09:10 -05:00
|
|
|
## Previous job definitions
|
|
|
|
|
2018-07-10 08:39:55 -04:00
|
|
|
CAUTION: **Caution:**
|
2018-11-13 11:09:10 -05:00
|
|
|
Before GitLab 11.5, Code Quality job and artifact had to be named specifically
|
|
|
|
to automatically extract report data and show it in the merge request widget.
|
|
|
|
While these old job definitions are still maintained they have been deprecated
|
|
|
|
and may be removed in next major release, GitLab 12.0.
|
|
|
|
You are advised to update your current `.gitlab-ci.yml` configuration to reflect that change.
|
|
|
|
|
2019-04-17 05:25:18 -04:00
|
|
|
For GitLab 11.5 and earlier, the job should look like:
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
code_quality:
|
|
|
|
image: docker:stable
|
|
|
|
variables:
|
|
|
|
DOCKER_DRIVER: overlay2
|
|
|
|
allow_failure: true
|
|
|
|
services:
|
|
|
|
- docker:stable-dind
|
|
|
|
script:
|
|
|
|
- export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
|
|
|
|
- docker run
|
|
|
|
--env SOURCE_CODE="$PWD"
|
|
|
|
--volume "$PWD":/code
|
|
|
|
--volume /var/run/docker.sock:/var/run/docker.sock
|
|
|
|
"registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
|
|
|
|
artifacts:
|
|
|
|
reports:
|
|
|
|
codequality: gl-code-quality-report.json
|
|
|
|
```
|
|
|
|
|
2018-11-13 11:09:10 -05:00
|
|
|
For GitLab 11.4 and earlier, the job should look like:
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
code_quality:
|
|
|
|
image: docker:stable
|
|
|
|
variables:
|
|
|
|
DOCKER_DRIVER: overlay2
|
|
|
|
allow_failure: true
|
|
|
|
services:
|
|
|
|
- docker:stable-dind
|
|
|
|
script:
|
|
|
|
- export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
|
|
|
|
- docker run
|
|
|
|
--env SOURCE_CODE="$PWD"
|
|
|
|
--volume "$PWD":/code
|
|
|
|
--volume /var/run/docker.sock:/var/run/docker.sock
|
|
|
|
"registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
|
|
|
|
artifacts:
|
|
|
|
paths: [gl-code-quality-report.json]
|
|
|
|
```
|
|
|
|
|
|
|
|
Alternatively the job name could be `codeclimate` or `codequality`
|
|
|
|
and the artifact name could be `codeclimate.json`.
|
|
|
|
These names have been deprecated with GitLab 11.0
|
|
|
|
and may be removed in next major release, GitLab 12.0.
|
|
|
|
|
|
|
|
For GitLab 10.3 and earlier, the job should look like:
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
codequality:
|
|
|
|
image: docker:latest
|
|
|
|
variables:
|
|
|
|
DOCKER_DRIVER: overlay
|
|
|
|
services:
|
|
|
|
- docker:dind
|
|
|
|
script:
|
|
|
|
- docker pull codeclimate/codeclimate:0.69.0
|
|
|
|
- docker run --env CODECLIMATE_CODE="$PWD" --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock --volume /tmp/cc:/tmp/cc codeclimate/codeclimate:0.69.0 init
|
|
|
|
- docker run --env CODECLIMATE_CODE="$PWD" --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock --volume /tmp/cc:/tmp/cc codeclimate/codeclimate:0.69.0 analyze -f json > codeclimate.json || true
|
|
|
|
artifacts:
|
|
|
|
paths: [codeclimate.json]
|
|
|
|
```
|
2018-07-10 08:39:55 -04:00
|
|
|
|
|
|
|
[cli]: https://github.com/codeclimate/codeclimate
|
|
|
|
[ee]: https://about.gitlab.com/pricing/
|