Note: method detailed in this post is deprecated. Please refer to our official documentation on our CI tool
We are proud to release the first iteration of the integration of code-inspector with continuous integration pipelines.
You can now trigger new analysis when your CI pipeline is running. In this blog post, we explain how to integrate it with travis-ci and gitlab. These two examples are easy enough to understand and replicate with other continuous integration services.
Generate your API keys
The first step, necessary to any integration, is to generate API keys. These keys will be necessary to use the code-inspector API and contact our service to trigger a new analysis.
API keys are per-project, only the project owner or the project admin can generate, delete or change the API key.
To create an API key, go to your project preferences, as in the picture below, and click on generate one in the API key section.
This will generate your API keys. Make sure you note them, the secret key will NOT be shown again and if you lose it, the only way to get a secret key is to re-generate it.
The screen should look like the following, with a ACCESS_KEY and a SECRET_KEY.
Once you have your API keys, this is now time to use them and call the code inspector API to trigger new analysis from your CI pipeline.
At first, we will explain how it works from a generic perspective and then, give specific instructions for gitlab and travis-ci.
The integration is very simple: in your CI pipeline, you
just need to invoke the program
This program will automatically call our API to trigger
a new analysis. The program will need to read your API keys
and will use environments variable for that (
CODE_INSPECTOR_SECRET_KEY for the access and secret keys).
code-inspector program is a python program available on github.
You can install it using PIP:
pip install code-inspector
To summarize, this is all the steps required to integrate in your CI pipeline:
- Set the
CODE_INSPECTOR_SECRET_KEYenvironment variables with your API keys
- Install the
- Invoke the tool in your pipeline.
Clean and simple.
Integration with Travis-CI
Step1: Define environment variables
First, you need to specify the
CODE_INSPECTOR_SECRET_KEY with the respective values of your access and secret
Go in your project preferences in travis-ci and add these environment variables. Once done, you should have a screen like this in your settings.
Step 2 & 3: Install and invoke the tool
Installing and invoking the tool is done in the
.travis.yml file associated
with your project. The exact content will depend on your project - this is an example
that works for a generic image.
The important steps are the following:
python3-pipto be able to install python packages (`sudo apt-get install python3-pip)
code-inspectorusing PIP (
sudo pip3 install code-inspector)
- Invoking the tool (
os: - linux language: c before_install: - <INSTALL_YOUR_DEPENDENCIES> - sudo apt-get install python3-pip - sudo pip3 install code-inspector script: - <INSERT_YOUR_BUILD_COMMANDS> - code-inspector -v
Once the new script is committed, new analysis will be triggered. You should notice the invocation of the tool in your CI pipeline, as shown below.
Integration with gitlab
Step 1: Define environment variables
On gitlab, open the following settings page of the project to be analyzed:
Settings -> CI/CD.
Environment variables, specify your API keys with the following
CODE_INSPECTOR_ACCESS_KEY (for your access key) and
CODE_INSPECTOR_SECRET_KEY (for your access key).
Save the values, you should have a screen similar to the picture below.
Step 2 & 3: Install and invoke the tool
Installing and running the tool is done by adding some lines
.gitlab-ci.yml. The following extract shows how to install
and invoke the tool with any image compatible with a debian system.
before_script: - <INSERT_YOUR_COMMANDS_HERE> - sudo apt-get install python3-pip - sudo pip3 install code-inspector after_script: - <INSERT_YOUR_BUILD_COMMANDS> - code-inspector -v
The important parts are
- Installing the tool in the
- Running the tool in the
after_scriptsection, triggering a new build
This is our first step on integrating code-inspector in continuous integration pipeline. This bring the opportunity to trigger new analysis as code is being shipped, instead of polling periodically for code changes.
If you have any question or feedback, feel free to contact us!