Code-Inspector blog

Integration of Code Inspector in your CI pipeline

Note: method detailed in this post is deprecated. Please refer to our official documentation on our CI tool

We are proud to release the first iteration of the integration of code-inspector with continuous integration pipelines.

You can now trigger new analysis when your CI pipeline is running. In this blog post, we explain how to integrate it with travis-ci and gitlab. These two examples are easy enough to understand and replicate with other continuous integration services.

Generate your API keys

The first step, necessary to any integration, is to generate API keys. These keys will be necessary to use the code-inspector API and contact our service to trigger a new analysis.

API keys are per-project, only the project owner or the project admin can generate, delete or change the API key.

To create an API key, go to your project preferences, as in the picture below, and click on generate one in the API key section.

project preferences

This will generate your API keys. Make sure you note them, the secret key will NOT be shown again and if you lose it, the only way to get a secret key is to re-generate it.

The screen should look like the following, with a ACCESS_KEY and a SECRET_KEY.

API keys generated

Once you have your API keys, this is now time to use them and call the code inspector API to trigger new analysis from your CI pipeline.

At first, we will explain how it works from a generic perspective and then, give specific instructions for gitlab and travis-ci.

Integration workflow

The integration is very simple: in your CI pipeline, you just need to invoke the program code-inspector.

This program will automatically call our API to trigger a new analysis. The program will need to read your API keys and will use environments variable for that (CODE_INSPECTOR_ACCESS_KEY and CODE_INSPECTOR_SECRET_KEY for the access and secret keys).

The code-inspector program is a python program available on github. You can install it using PIP:

pip install code-inspector

To summarize, this is all the steps required to integrate in your CI pipeline:

  1. Set the CODE_INSPECTOR_ACCESS_KEY and CODE_INSPECTOR_SECRET_KEY environment variables with your API keys
  2. Install the code-inspector binary.
  3. Invoke the tool in your pipeline.

Clean and simple.

Integration with Travis-CI

Step1: Define environment variables

First, you need to specify the CODE_INSPECTOR_ACCESS_KEY and CODE_INSPECTOR_SECRET_KEY with the respective values of your access and secret API keys.

Go in your project preferences in travis-ci and add these environment variables. Once done, you should have a screen like this in your settings.

Environment variables in travis-ci

Step 2 & 3: Install and invoke the tool

Installing and invoking the tool is done in the .travis.yml file associated with your project. The exact content will depend on your project - this is an example that works for a generic image.

The important steps are the following:

  1. Install python3-pip to be able to install python packages (`sudo apt-get install python3-pip)
  2. Install code-inspector using PIP (sudo pip3 install code-inspector)
  3. Invoking the tool (code-inspector -v)
    - linux

language: c

    - sudo apt-get install python3-pip
    - sudo pip3 install code-inspector

    - code-inspector -v

Once the new script is committed, new analysis will be triggered. You should notice the invocation of the tool in your CI pipeline, as shown below.

travis-ci result

Integration with gitlab

Step 1: Define environment variables

On gitlab, open the following settings page of the project to be analyzed: Settings -> CI/CD.

Then, under Environment variables, specify your API keys with the following environment variables: CODE_INSPECTOR_ACCESS_KEY (for your access key) and CODE_INSPECTOR_SECRET_KEY (for your access key).

Save the values, you should have a screen similar to the picture below.

Environment variables in gitlab

Step 2 & 3: Install and invoke the tool

Installing and running the tool is done by adding some lines in your .gitlab-ci.yml. The following extract shows how to install and invoke the tool with any image compatible with a debian system.

  - sudo apt-get install python3-pip
  - sudo pip3 install code-inspector

  - code-inspector -v

The important parts are

  1. Installing the tool in the before_script section
  2. Running the tool in the after_script section, triggering a new build

Wrapping up

This is our first step on integrating code-inspector in continuous integration pipeline. This bring the opportunity to trigger new analysis as code is being shipped, instead of polling periodically for code changes.

If you have any question or feedback, feel free to contact us!