Codiga has joined Datadog!

Read the Blog·

Interested in our Static Analysis?

Sign up
← All posts
Julien Delange Thursday, June 10, 2021

Monitor Code Quality with CircleCI and Codiga

Share

AUTHOR

Julien Delange, Founder and CEO

Julien is the CEO of Codiga. Before starting Codiga, Julien was a software engineer at Twitter and Amazon Web Services.

Julien has a PhD in computer science from Universite Pierre et Marie Curie in Paris, France.

See all articles

How to use Git hooks to check your code quality before your code is even pushed.

Codiga automates your code reviews: it finds issues in the code you sent for review and highlights errors in your code within seconds. However, this means the code is already pushed and your CI/CD pipeline is already running, checking your code, running tests, and asking colleagues to review your code. What if you could check your code quality before you push your code?

Introducing Git hooks

Git hooks are scripts you run either on the client-side or server-side before an action ( push, pull, etc) is performed. These scripts allow you to run some verification before the action is performed so that you can abort the operation based on some characteristic of the code being pushed or even the commit message. These scripts work in a very simple manner:

  1. if they fail (return code of the script different than 0), the action is aborted
  2. if they succeed (return code of the script is 0), the action is performed.

Checking Code Quality using Git Hooks

The objective of having a Git hook for code quality is to check for any violation before pushing the code to a remote branch. That way, an engineer makes sure their code does not have any violations before starting a code review.

That reduces the time for review as any violation from the new code is found before pushing. It guarantees that any code being pushed is free of any violation, reducing time spent on code review.

Introducing Codiga pre-push hooks

Codiga now supports pre-push hooks: when an engineer push code, they can add a pre-push hook that will be called to check their code quality.

We introduced a new tool: codiga-pre-hook-check.implemented as part of our clitool package, a collection of command-line interface tools to interact with Codiga published as Open Source.

codiga-pre-hook-check is designed to be called as a hook with the source and target commits as parameters and performs the following operations:

  • find files that have been changed in the commit
  • analyze each file and check for potential errors in the changes from the commit
  • if there is an error, return a value different than 0 and shows the error
  • if there is no error, return 0

By default, the tool reports all issues. You can filter issues Codiga will surface issues according to their severity or category:

  • the option --exclude-categories lets you ignore certain categories of error. For example, the option --exclude-categories=design lets you ignore all Design violations.
  • the option --exclude-severities lets you ignore certain severity of errors (1 being the highest severity, 4 being the lowest). For example, the option --exclude-severities=3,4 ignores severity 3 and 4.

Using Codiga pre-hook

Install the tool

First thing first: install the tool using pip

pip install codiga

You should then have the codiga-pre-hook-check program in your PATH. The next step is to add this script as a pre-hook:

  1. Edit the file .git/hooks/pre-push and make sure it’s executable
  2. Add the following content in your .git/hooks/pre-push file
#!/bin/sh

remote="$1"
url="$2"

z40=0000000000000000000000000000000000000000

while read local_ref local_sha remote_ref remote_sha
do
  codiga-pre-hook-check --project-name "<project-name>" --remote-sha $remote_sha --local-sha $local_sha
  if [ "$?" -ne "0" ]; then
     echo "Codiga found errors"
     exit 1
  fi
done

exit 0

Define your environment variables

On your Codiga profile, get your API keys.

You need to add two environment variables:

  • CODIGA_API_TOKEN: API Token you get here

To do so, edit your ~/.bashrc or ~/.zshrc file and add the following content

export CODIGA_API_TOKEN=<API-TOKEN>

Caveats

Changes made to your .git/hooks repository are local and not reflected to your contributors. If you want the use of the pre-hook to de reflected on all contributors, you will need to have them set up the hook on their machine.

Wrapping Up

This pre-hook setup lets you check that your code does not contain any issue before you even send a new code for review. It ensures that code reviews pass all Codiga tests before starting a pull request. It shortens the iteration loop and makes sure developers send high-quality code for review.

If you have any questions regarding this feature, please contact us, either by mail or through our Slack community.

Not on Codiga yet? You can sign up for free now!

Are you interested in Datadog Static Analysis?

Sign up