Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

Table of Contents

Motivation

...

  • Quality Risks are identified after Merge is done (too late for the developer)
  • Quality Risks are not exposed in the developer’s tools
Table of Contents

SeaLights Pull Request Integration

...

exposes Quality Risks to the developer

...

as part of the Pull Request process

  • Works on any Merge/Branch level
  • Ability to define if Quality Risks block the Merge

...

, to be displayed and handled before the code is merged into the main branch.

SeaLights GitHub App Installation

  • In order to benefit of the Pull Request Analysis,

...

  • first install the Sealight's Github App 

...

  • on your

...

  • Github organization account

...

  • from the following link

...

  • :

...

...


...

...

Note

Only an organization owner can install the app

Info

The application will not require any access to your source code

...

It only requires:

  • Read access to metadata

  • Read and write access to checks

...

...

  • Select 'All repositories' or the specific list of repositories you want

...

Image Removed

Step 2 - Generate Build Session ID specific to the Pull Request Branch

In order to perform a Pull Request analysis, we need to generate a Build Session ID via specific parameters and using the prConfig flag instead the regular parameters.
For the success of the analysis, at least one build from the master branch has to be already scanned and analyzed via Sealights agents before the PR Build.
Depending on the way you're managing your Pull Request, we have detailed three options for you below:
  • Command Line Interface of the Java  Agent (CLI)
  • Sealights' Jenkins Plugin for Maven 
  • Integration with the Travis CI (.travis.yml)

...

  • to receive the SeaLights Pull Request Analysis on

...

Configuring the pull request job

The pull request job needs to run the SeaLights build scan and test listener for the test stages you want the analysis on.
These results will be compared to the latest build you reported to SeaLights for the branch you are merging the Pull Request to.
The difference between the pull request job and standard jobs is in how the session ID is created using Pull Request specific parameters.

Generating a session ID

You create the Pull Request build session ID by using the SeaLights Java Build Scanner (See: Downloading the java agent files) with the prConfig option:

Sample command for prConfig usage
Code Block
languagebash

...

java -jar sl-build-scanner.jar -prConfig -

...

appname 

...

"MyApp" -

...

targetBranch 

...

"master" -

...

pullRequestNumber $GIT_PULL_REQUEST -

...

latestCommit $PULL_REQUEST_SHA -

...

repoUrl $GIT_REPO_URL -tokenfile 

...

./sltoken.txt 

...

-

...

Parameter

...

Description

...

For additional parameters, please refer to the SeaLights Java agent - command reference page.

...

pi "*co.sealights.sample.*"
Note

For Java applications, the packages included and excluded should be exactly the same as what was defined to SeaLights for the merged branch so that the compared results will be the same

Info

See prConfig - Command Reference ' for full parameter details in Java agent, node agent or via the Sealights Jenkins plugin.

Pull Request parameters explanation as seen in GitHub.com

You can easily identify the relevant values to pass to the Build Scanner based on the illustration below.

Image Removed

PR Analysis vis Jenkins Automation Plugin for Maven

TBC

...

Sample of Sealights Pull Request Analysis Integration with TRAVIS-CI

The parameters necessary for the TRAVIS CI Integration are : TRAVIS_PULL_REQUEST, TRAVIS_REPO_SLUG, TRAVIS_PULL_REQUEST_SHA, TRAVIS_BRANCH
According to the Travis Official documentation, the TRAVIS CI Integration should use the following environment variables based on the mapping below:

...

You can use the following parameters from TRAVIS-CI to be passed to the prConfig comman line: See Travis Official documentation for more detail)


Sealights PR Parameter

Travis CI Env. Variable

Comment

...

pullRequestNumber

TRAVIS_PULL_REQUEST

...

...


latestCommit

TRAVIS_PULL_REQUEST_SHA


repoUrl 

TRAVIS_REPO_SLUG

You may need to prepend the base URL of your Github repository, like "https://github.com/$TRAVIS_REPO_SLUG"

targetBranch

TRAVIS_BRANCH

...

This is the branch name itself and might need to have a prefix added (Like: "origin/") to match the branch

...

that was provided to SeaLights when scanning the merged branch

Sample YML configuration
Code Block
languagepy
titleSample YML configuration
linenumberstrue
language: java

install:
  - wget -nv https://agents.sealights.co/sealights-java/sealights-java-latest.zip
  - unzip sealights-java-latest.zip

before_script:
  - export SL_PR_REPO="https://www.github.com/$TRAVIS_REPO_SLUG"
  - java -jar sl-build-scanner.jar -prConfig -appname "MyApp-Master" -latestCommit $TRAVIS_PULL_REQUEST_SHA -pullRequestNumber $TRAVIS_PULL_REQUEST -repoUrl $SL_PR_REPO -targetBranch origin/$TRAVIS_BRANCH -tokenfile sl_acc_token.txt -pi "*co.sealights.sample.*" -enableNoneZeroErrorCode

script:                   # Sealights is predefined in the POM Profile under the profile 'sealights'
  - mvn clean test  

...

-Psealights

Sample of Results on GitHub's Pull Request page

At the completion of the analysis, Sealights' App will appear as part of the "Checks" of your Pull Request. Result will appear similar to the one below:

Image Removed

...