CodeScene's CI/CD Quality Gates with Positive Reinforcement
CodeScene identifies and prioritizes technical debt. The earlier you can react to any potential finding, the better. That’s why CodeScene offers integration points that let you incorporate the analysis results into your build pipeline. In a CI/CD pipeline, CodeScene acts as an extra team member that predicts delivery risks and offers context-aware quality gates to supervise the health of your code.
Fixing technical debt and code quality issues is a hard problem. That’s why CodeScene goes beyond traditional quality gates and also reinforces positive behavior by providing feedback on code that improves its health. Let’s have a look at it in practice.
Meet the Quality Gates
CodeScene provides a simple REST API that lets you integrate the analysis results in a continuous integration pipeline and/or as robot comments in a code review tool like Gerrit. Empear, the company behind CodeScene, also maintains open-source integrations for the most popular platforms like Jenkins, GitLab, and GitHub.
In a build pipeline, performance is paramount; if the build is slow, the feedback loops break, and quality starts to slip one broken build after another. That’s why we made CodeScene fast. It just takes seconds to run a CI/CD analysis, so you can use it to get early feedback on a pull request or range of new commits. Let’s look at an example from a Jenkins pipeline:
There’s plenty of feedback here, so let’s look at it in more detail. First of all we notice that we have a failed quality gate for something called “a goal”. What’s that? Well, the strength of CodeScene is that it prioritizes code quality issues based on how the organization actually works with the code. More specifically, CodeScene looks for maintenance problems in the parts of the code with the most development activity. The higher the development activity, the more expensive any technical debt in that part of the code.
To make it actionable, CodeScene comes with a goal-oriented workflow. The tool lets you specify goals for each hotspot using a concept called Intelligent Notes. When you specify a goal, you also classify each hotspot depending on your decisions (for example: “code needs clean-up”, “planned refactoring”, “supervise the code so it doesn’t grow worse”, etc.). Whatever goal you specify, CodeScene will supervise those goals and inform you on their progress. Here’s an example:
Since the goals are set by you and your team members – not just a tool – it’s always serious when they fail. And that brings us back to the CI/CD integration, because if you specify a goal, CodeScene will supervise it in the build pipeline and catch possible violations before they become issues. This gives you the option to either:
- Redefine the goal: Maybe the current feature is so important that it might be worth taking on some technical debt? That’s ok, you just redefine your goal. The point is that such devisions are now transparent and intentional rather than accidental.
- Go back to the drawing board: Often, you find that there might be a better way to solve the task, so you improve the code to align with your goals.
Specifying goals is one of the success factors when adopting CodeScene. But even without goals, CodeScene can still act as a quality gate. In this case CodeScene will look for any hotspots that decline in code health:
Keep up the Good by Positive Reinforcement
Improving existing code is hard, often challenging, and rewarding when we succeed. That’s why CodeScene also detects hotspots that improve their code health in a commit. This information is included as a positive reinforcement intended to show the effect of the current change set on the overall code health. The next figure shows an example where a hotspot is successfully refactored – an occasion to celebrate!
Save Time in Code Reviews
With the quality gates covered, I’d like to mention one more related use case: code reviews. In many organizations, code reviews tend to become bottlenecks. There’s only so much code we can review each day, and after a while it becomes easy to slip. Suddenly, a critical error makes its way to production.
To help optimize code reviews, CodeScene predicts a delivery risk of each change set and commit:
Use the risk prediction to focus your reviews and verification activities on the places where they are likely to be needed the most; high-risk changes might require two independent reviewers, whereas you can roll through low-risk changes more quickly.
This introduction has covered the main use cases for CodeScene in a CI/CD pipeline. Used this way, you keep feedback loops short and ensure that your hotspots evolve according to plan without any surprising new technical debt.
Check out the following articles to learn more about CodeScene:
You get more information about other exciting CodeScene features in CodeScene 3.0: Behavioral Code Analysis Reborn.