Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »


SeaLights Pull Request Integration expose Quality Risks to the developer, as part of the Pull Request process to be handled early enough in the development process.
This capability helps your organization to mitigate risk by identifying Quality Risks for the developer before the Merge is done

  • Works on any Merge/Branch level
  • Ability to define if Quality Risks block the Merge

Below, a simple 3 steps plan for deployment of this functionality for your benefit.

Step 1 - Install GitHub App for Pull Request Analysis by Sealights 

In order to benefit of the Pull Request Analysis, please install the Sealight's Github App as a prerequisite on your Organization account Github from the link below:
Please note that only users with Admin rights are allowed to install applications on a Github Account.
However, the application will not require any access to your source code, only:
  • Read access to metadata
  • Read and write access to checks

You can allow access to all the repositories or only to a certain subset at your convenience. At least, make sure the repositories you want Sealights to analyze are white-listed.

Step 2 - Generate Build Session ID specific to the Pull Request Branch

In order to perform a Pull Request analysis, we need to generate a Build Session ID via specific parameters and using the prConfig flag instead the regular parameters.
For the success of the analysis, at least one build from the master branch has to be already scanned and analyzed via Sealights agents before the PR Build.
Depending on the way you're managing your Pull Request, we have detailed three options for you below:
  • Command Line Interface of the Java  Agent (CLI)
  • Sealights' Jenkins Plugin for Maven 
  • Integration with the Travis CI (.travis.yml)

Pull Request Analysis via Default Agent usage (CLI)

prConfig usage
java -jar sl-build-scanner.jar -prConfig -latestCommit <arg> -pullRequestNumber <arg> -repoUrl <arg> -targetBranch <arg> -token <arg> | -tokenfile <arg> [-appname <arg>] [-pe <arg>] [-pi <arg>] [-proxy <arg>] [-enableNoneZeroErrorCode]
Parameter
Description
prConfig Flag to indicate pull-request configuration mode
latestCommitThe latest commit SHA
pullRequestNumberThe pull request number
repoUrl The repository URL where pull request was created
targetBranchA branch the pull request is compared with

For additional parameters, please refer to the SeaLights Java agent - command reference page.

Retrieving Pull Request parameters from GitHub.com

You can easily identify the relevant values to pass to the Build Scanner based on the illustration below.


Pull Request Analysis vis Jenkins Automation Plugin for Maven

TBC

Sealights' Pull Request Analysis Integration with TRAVIS-CI

According to the Travis Official documentation, the TRAVIS CI Integration should use the following environment variables based on the mapping below:
Sealights' Parameter
Travis CI Env. Variable
Comment
latestCommitTRAVIS_PULL_REQUEST_SHA,
pullRequestNumberTRAVIS_PULL_REQUEST
repoUrl TRAVIS_REPO_SLUGYou may need to prepend the base URL of your Github repository, like "https://github.com/$TRAVIS_REPO_SLUG"
targetBranchTRAVIS_BRANCHYou may need to prepend "origin/" to the branch exact matching.
Sample YML configuration
language: java

install:
  - wget https://agents.sealights.co/sealights-java/sealights-java-latest.zip
  - unzip sealights-java-latest.zip

before_script:
  - export SL_PR_REPO="https://www.github.com/$TRAVIS_REPO_SLUG"
  - java -jar sl-build-scanner.jar -prConfig -appname "MyApp-Master" -latestCommit $TRAVIS_PULL_REQUEST_SHA -pullRequestNumber $TRAVIS_PULL_REQUEST -repoUrl $SL_PR_REPO -targetBranch origin/$TRAVIS_BRANCH -tokenfile sl_acc_token.txt -pi "*co.sealights.sample.*" -enableNoneZeroErrorCode

script:                   # Sealights is predefined in the POM Profile
  - mvn clean test  

Step 3 - View Results on GitHub's Pull Request page

At the completion of the analysis, Sealights' App will appear as part of the "Checks" of your Pull Request. Result will appear similar to the one below:

  • No labels