Travis CI integration
In this page I want to demonstrate how to integrate Scanmycode with Travis CI environment.
Code versioning has become a standard practice in development circles, with GitHub being a popular platform for hosting code repos. However, a common issue is the testing of the code as it is pushed by a team member. As the volume of commits increases, ensuring the quality and accuracy of code becomes a challenge.
This is where the idea of Continuous Integration comes in. It is defined as a development subprocess that automates build creation and code testing. As soon as a team member pushes a commit, the continuous integration process compiles the code, execute it and checks for bugs. Thus, the developers always have a fair idea about the quality of their code.
Travis CI is a continuous integration environment.
Whenever you commit code changes, Scanmycode will scan your PHP, Python, Ruby, JS or GO code for best practices, anti-patterns and security.
Fig 1. Travis CI setup
Travis CI works with the code hosted on GitHub. Thus, you need to host all the source code in a GitHub repo. You can follow this simple guide to deploying code at GitHub. Start by installing Git on your local machine and then use the following commands:
git init git add README.md git commit -m "first commit" git remote add origin https://github.com/username/your-repo.git git push -u origin master
You will need to enter your GitHub credentials (username and password) once the code has been deployed on the repository.
Add .travis.yml file
language: generic script: - curl -X POST https://app.scanmycode.today/api/v1/project/<project id>/analyze
Next, I will add .travis.yml file that is the backbone of this workflow.
Push Changes to GitHub
It is time to make changes to the code. When done, remember to commit the code and push the code to the repository.
Next, go to Travis website, you could see that the build has started executing and the repo has turned yellow.
Fig 2. Travis CI build
Shortly, you will see the results (success or failure) of the build run.
Add Build Badge to README.md
<a href="https://app.scanmycode.today/project/<project id>"><img src="https://app.scanmycode.today/api/v1/project/<project id>/badge.svg" alt="Code issues" /></a>
Your badge will look like this:
Fig 3. Badge
and here is your full Report at Scanmycode
Fig 4. Scanmycode report
Don’t forget to check the project Settings under Settings tab.
Fig 5. Scanmycode Settings
and you can also customize which of 500 check for PHP, Python, Ruby and JS should be enabled.
Fig 6. Scanmycode SAST (Code Scanning) checks
What is the main purpose of continuous integration?
The main purpose of Continuous integration is to validate and test codebase at every time it is changed. It automates the build every time whenever something is changed in the code by the team members working on the project, identifies possible errors in the code and lets everyone know about it so that could be corrected accordingly. Continuous integration gives all the team members the privilege to share their code and unit tests by accumulating their changes into a shared repository after each task completion.
What are the best practices of continuous integration?
The best practices for Continuous integration are given as follows:
- Maintain a code repository
- Automate the build
- Do integration testing before unit testing
- Make the build self-testing
- Always test the application in a clone environment
When to use continuous integration?
Continuous integration should be used when your application is been undergoing with rapid changes and when its manual testing becomes a bit hefty task. Because continuous integration gives you the privilege to test each change done to your code automatically, so that no errors gets remained at disposal and all the codebase runs correctly every time.
Why continuous integration is important for agile?
Continuous integration is important in Agile because it gives faster checking of codebase and faster correction to its errors and that too at any stage of the deployment, which is also what the basic concept of Agile methodology is. That is why CI becomes important for opting in agile working way.