Codiga has joined Datadog!

Read the Blog·

Interested in our Static Analysis?

Sign up
← All posts
Julien Delange Monday, February 8, 2021

Automate your Code Reviews on GitLab

Share

AUTHOR

Julien Delange, Founder and CEO

Julien is the CEO of Codiga. Before starting Codiga, Julien was a software engineer at Twitter and Amazon Web Services.

Julien has a PhD in computer science from Universite Pierre et Marie Curie in Paris, France.

See all articles

In this article, we explain why code reviews are very important, why you want to automate some aspects of code reviews and how to do it. In less than ten minutes, you will learn how to have automated code reviews on your GitLab repositories using Codiga.

Why automate code reviews?

Code reviews are an important element of software development: it is an opportunity to verify that your code is high quality, correct and does not contain any violations, security issues or vulnerabilities.

But code reviews are also time consuming, and in a world where we work in teams distributed in different timezones, it is difficult to have reviews done quickly. In addition, as code reviews are done by other developers and manual by nature, they can miss some important rules that should be checked and enforced in new code.

This is why automating your code reviews is important. First, automated code reviews are performed in seconds and give feedback quickly to the submitter. This enables real-time feedback that ensures all best practices are followed before you spend time on a manual review. Second, automated code reviews ensure that rule adherence is verified, ensuring better coverage of coding guidelines.

It is important to emphasize that automated code reviews do not replace manual code reviews but complement them. The automated part checks the coding guidelines, detects defective code and highlights potential refactors. It can be done in seconds and ensures that the code being submitted follows coding guidelines and does not contain syntactic and semantic errors. It is an additional layer to ensure code quality. On the other hand, manual reviews are still required to verify that the code being submitted correctly implements the requirements of your system.

Automated code reviews should be used as a first step to ensure that the code does not introduce any defects and enforces coding guidelines. Once the automated review passes, a manual review is requested. Following such a process reduces manual review time while improving the quality of each code submission.

In this article, we explain how to automate code reviews on GitLab using Codiga, a platform that helps developers reduce their technical debt and automates your code review. The platform is available for GitHub, Bitbucket and Gitlab. While this article focuses on GitLab, the same functionalities are available for Bitbucket and GitHub.

Note: This article assumes you already have an existing repository on GitLab, and it will walk you through how to perform a code review on your GitLab repository. If you need help creating a GitLab repository, please read this article from the GitLab documentation.

Step 1: Sign up on Codiga with your GitLab account

The first step consists of signing up on Codiga using your GitLab account. Simply go to the Codiga App and log in using your GitLab account.

Codiga App Login Page

Step 2: Create a Codiga project with your GitLab repository

Once logged on to the Codiga platform, create a project by selecting the GitLab repository you want to use.

Step 3: Create a Merge Request

Now that you have created a Codiga project associated with your GitLab project, let’s create a merge request and let’s have Codiga inspect the new code! The next step is to do a merge request on GitLab. This is how to proceed.

First, create a new branch where you will add your change. We create a new branch called code-review-example. Use the following command to do so:

git checkout -b code-review-example

Then, add some code to your repository. This code is the one sent for review. For demonstrating our automated code review process, we add Python code that imports an unused module and is missing documentation on its classes and function. A copy of the code is shown at the end of this section.

Once the code is written, add it using git:

git add pythoncode.py

Then, commit the changes in the branch:

git commit -a -m "Adding new code"

And finally, push the new branch to the origin of the repository (GitLab):

git push --set-upstream origin code-review-example

Now, what you have created is a new branch from the master branch. This new branch contains new code (the Python script pythoncode.py). The merge request is asking to merge this new code into the master branch. What the automated code review will do is to check that the new code from newbranch is correct. Codiga will verify this new code and surface any issues.

When you push your changes, GitLab returns a URL you can use to generate a merge request, as shown below.

When you visit the URL shown when you push the changes, you have a form to create a merge request that will merge the branch with your changes into the main branch of your repository (usually master). Add a title and click on “Submit merge request”.

Create Merge Request

Below is the code used for this code review example (pythoncode.py)

import logging

class Person:

  def __init__(self, firstname, lastname):
    self.firstname = firstname
    self.lastname = lastname

  def print_person(person):
    if not person:
      return None
    else:
      return "{0} {1}".format(person.firstname, person.lastname)

p = Person("John", "Doe")
print("first name of the object just created is {0}".format(p.firstname))

print("using function: {0}".format(print_person(p)))

Step 4: See the Merge Request Results

Once you create the merge request, Codiga automatically inspects the new code and reports any issues with the changes directly on GitLab. In the main page of the Merge Request, Codiga shows the result of its analysis, highlighting the number of issues, as shown below.

Automated Code Reviews Results in GitLab

You can then visit the “Changes” tab to visualize the issues on each file. All issues reported by Codiga are reported as annotations, which makes it easy to visualize where issues are located in your changes.

Code Review in GitLab with Annotations

Step 5: Customize Codiga results

You may want to customize Codiga by adding more checks, making them more restrictive or ignoring some rules. This is really easy to do!

To ignore rules, visit the merge request view on Codiga. To do so, visit the tab “Overview” on GitLab and look at the summary link from the last message from Codiga (as shown below). The message includes a link to the merge request view on Codiga. Click on this link to visit the merge request view on Codiga.

Link to Codiga Code Review

You will then visualize the merge request results on Codiga. In this view, you can click to ignore rules. You can then disable rules that seem to be too restrictive or useless to you.

Finally, you can also change the preferences of the project to define which rules are being run on your repository and change analysis parameters. The project preferences on Codiga contains an extensive list of analysis parameters to define.

Summary

In this article, we presented the importance of automated code reviews. We explained how to automate your code reviews on GitLab using Codiga. The same features are also available for GitHub and Bitbucket.

It takes less than a few minutes to get your code changes analyzed and receive feedback on your code. Automating code reviews provides quick feedback on the code, guarantees coverage of all rules that need to be verified and more importantly, reduces time spent by engineers on code reviews, increasing overall productivity.

About Codiga

Codiga is a code analysis platform that helps developers produce better code. The platform generates plans to reduce technical debt and automates code reviews. Codiga supports more than 10 languages and is available for major code hosting platforms such as GitHub, GitLab, or Bitbucket.

Are you interested in Datadog Static Analysis?

Sign up