Skip to content

Commit

Permalink
Merge pull request #1 from erzz/initial-version
Browse files Browse the repository at this point in the history 
Initial version
  • Loading branch information
@erzz
erzz committed May 18, 2021
2 parents ee09848 + 43e14c6 commit 6a05b29
Show file tree
Hide file tree
Showing 3 changed files with 325 additions and 1 deletion.
41 changes: 41 additions & 0 deletions .github/workflows/tests.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
name: Tests
on:
push:
branches:
- main

jobs:
# <------------------ TEST BASIC JOB ------------------->
code-quality-basic:
name: Basic
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Check out self as repo
uses: actions/checkout@v2
with:
repository: erzz/codeclimate-standalone
path: ./.github/actions/self
- name: Basic Test
uses: ./.github/actions/self
code-quality-advanced:
name: Advanced
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Check out self as repo
uses: actions/checkout@v2
with:
repository: erzz/codeclimate-standalone
path: ./.github/actions/self
- name: Basic Test
uses: ./.github/actions/self
with:
html_report: true
info_threshold: 10
minor_threshold: 5
major_threshold: 1
critical_threshold: 0
blocker_threshold: 0
123 changes: 122 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,123 @@
# codeclimate-standalone
Runs a detached version of CodeClimate scanning which reports only in the pipeline and does not require the CodeClimate Service

## Purpose

Code Climate is a great service with pricing and plans for all kinds of users. However there are cases where you may not want to send results to an external service or just want a quick PASS / FAIL based on simple thresholds directly within the workflow with no frills

This action produces a json report with pass / fail thresholds for the different severities of finding and optionally a readable HTML report that you can upload as a job artifact.

The action uses the container version of the codeclimate CLI and is configured to your tastes using the same configuration file and settings you would use for the full service.

## Code Climate Configuration

Code Climate has a comprehensive ability to configure via .codeclimate.yml at the root of your project (or using a custom path with this action - see inputs below).

Although a configuration is not required (Code Climate will attempt to discover languages used and apply some standard rules), it is highly recommended you provide a configuration that suits your needs as it will provide more satisfactory results and speed up execution as the job will not need to try and discover languages etc.

For details of Code Climate configuration see:

- https://docs.codeclimate.com/docs/default-analysis-configuration
- https://docs.codeclimate.com/docs/advanced-configuration

## Available Inputs

None of the inputs are currently mandatory!

| Input | Default | Details |
| -------------------- | ---------------- | ------------------------------------------------------------------------------------------- |
| `config_file` | .codeclimate.yml | Optional relative path to custom location of Code Climate config file (must be yaml format) |
| `html_report` | false | Set to true if you wish to also have an HTML format report produced |
| `info_threshold` | 0 | The number of findings of severity INFO allowed before the job returns a failure |
| `minor_threshold` | 0 | The number of findings of severity MINOR allowed before the job returns a failure |
| `major_threshold` | 0 | The number of findings of severity MAJOR allowed before the job returns a failure |
| `critical_threshold` | 0 | The number of findings of severity CRITICAL allowed before the job returns a failure |
| `blocker_threshold` | 0 | The number of findings of severity BLOCKER allowed before the job returns a failure |

## Outputs

Some simple outputs are provided for use in later steps / jobs

| Output | Details |
| ------------------- | ------------------------------------------- |
| `info_findings` | The number of findings of severity INFO |
| `minor_findings` | The number of findings of severity MINOR |
| `major_findings` | The number of findings of severity MAJOR |
| `critical_findings` | The number of findings of severity CRITICAL |
| `blocker_findings` | The number of findings of severity BLOCKER |

## Examples

### Run a default codeclimate scan

The main thing to ensure is that you **MUST** checkout your code in a preceding step otherwise there would be nothing to scan!

If you place your `.codeclimate.yml`at the root of your project then no further configuration is required by default

```yaml
jobs:
code-quality:
name: Code Climate Standalone
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Run Code Climate
uses: erzz/codeclimate-standalone@v0
```

### Provide your own pass / fail thresholds

```yaml
jobs:
code-quality:
name: Code Climate Standalone
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Run Code Climate
uses: erzz/codeclimate-standalone@v0
with:
info_threshold: 10
minor_threshold: 5
major_threshold: 1
critical_threshold: 0
blocker_threshold: 0
```

### Run a codeclimate scan with additional HTML report

There are some limitations with the CLI in that it is not possible to generate two reports from a single scan (AFAIK!). So the first execution will produce a json report which is easier to parse for a pass/fail result.

This action provides the option `html_report` (defaults to false) to enable a second scan to be executed that produces an additional, much more readable, HTML report which you can upload as an artifact for the developer to use when there are findings.

The second execution does mean the job takes a little longer, but not by much. Most of the time in the first execution is the Code Climate CLI pulling the various docker images it needs and setting up. As the images are then already pulled by the time a second execution starts - rerunning the scan for the HTML report typically only added 10-20s

In basic testing of a tiny project (this one!) execution time is typically

- ~1m 50s without HTML report
- ~2m 10s with HTML report

```yaml
jobs:
code-quality:
name: Code Climate Standalone
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Run Code Climate
uses: erzz/codeclimate-standalone@v0
with:
html_report: true

- name: Upload Report
uses: actions/upload-artifact@v2
if: always()
with:
name: Code Climate Report
path: codeclimate-report.html
```
162 changes: 162 additions & 0 deletions action.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,162 @@
name: "CodeClimate Standalone"
author: "Sean Erswell-Liljefelt"
description: "Runs a detached version of CodeClimate which reports only in the workflow and does not require the CodeClimate Service"
branding:
color: gray-dark
icon: chevrons-up
inputs:
config_file:
description: "Optionally provide a path to your codeclimate.yml relative to your project"
required: false
default: ".codeclimate.yml"
html_report:
description: "Should a faster, second, execution occur in order to generate an HTML report"
required: false
default: "false"
info_threshold:
description: "The number of findings of this severity allowed before the job returns a failure"
required: false
default: "0"
minor_threshold:
description: "The number of findings of this severity allowed before the job returns a failure"
required: false
default: "0"
major_threshold:
description: "The number of findings of this severity allowed before the job returns a failure"
required: false
default: "0"
critical_threshold:
description: "The number of findings of this severity allowed before the job returns a failure"
required: false
default: "0"
blocker_threshold:
description: "The number of findings of this severity allowed before the job returns a failure"
required: false
default: "0"
outputs:
info_findings:
description: "The number of findings of severity INFO"
value: ${{ steps.cc.outputs.info }}
minor_findings:
description: "The number of findings of severity MINOR"
value: ${{ steps.cc.outputs.minor }}
major_findings:
description: "The number of findings of severity MAJOR"
value: ${{ steps.cc.outputs.major }}
critical_findings:
description: "The number of findings of severity CRITICAL"
value: ${{ steps.cc.outputs.critical }}
blocker_findings:
description: "The number of findings of severity BLOCKER"
value: ${{ steps.cc.outputs.blocker }}
runs:
using: "composite"
steps:
# Initial Run is performed to get the results in a parseable format
- name: Code Climate
shell: bash
id: cc
env:
CC_CONF: ${{ inputs.config_file }}
CC_BLOCKERS_ALLOWED: ${{ inputs.blocker_threshold }}
CC_CRITICAL_ALLOWED: ${{ inputs.critical_threshold }}
CC_MAJOR_ALLOWED: ${{ inputs.major_threshold }}
CC_MINOR_ALLOWED: ${{ inputs.minor_threshold }}
CC_INFO_ALLOWED: ${{ inputs.info_threshold }}
run: |
# If no configuration supplied the job will run with Code Climate's default settings
# and language detection. Providing your own config is highly recommended for speed
# and accuracy
echo "#### CONFIG ####"
if [ -f .codeclimate.yml ] || cp "$CC_CONF" .codeclimate.yml; then
echo "Found codeclimate config, using that"
else
echo "::warning::No configuration found, using Code Climate's default configuration"
fi
# Run once for JSON output
echo "#### INITIAL RUN ####"
docker run \
--env CODECLIMATE_CODE="$PWD" \
--volume "$PWD":/code \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume /tmp/cc:/tmp/cc \
codeclimate/codeclimate analyze -f json > raw.json
# Strip the json to only issues
jq -c 'map(select(.type | test("issue"; "i")))' raw.json > codeclimate-report.json
# Parse to provide simple job output
TOTAL_ISSUES=$(jq '. | length' codeclimate-report.json)
TOTAL_BLOCKER=$(jq 'map(select(.severity == "blocker")) | length' codeclimate-report.json)
TOTAL_CRITICAL=$(jq 'map(select(.severity == "critical")) | length' codeclimate-report.json)
TOTAL_MAJOR=$(jq 'map(select(.severity == "major")) | length' codeclimate-report.json)
TOTAL_MINOR=$(jq 'map(select(.severity == "minor")) | length' codeclimate-report.json)
TOTAL_INFO=$(jq 'map(select(.severity == "info")) | length' codeclimate-report.json)
# Set outputs
echo "::set-output name=total::$TOTAL_ISSUES"
echo "::set-output name=info::$TOTAL_INFO"
echo "::set-output name=minor::$TOTAL_MINOR"
echo "::set-output name=major::$TOTAL_MAJOR"
echo "::set-output name=critical::$TOTAL_CRITICAL"
echo "::set-output name=blocker::$TOTAL_BLOCKER"
# Second run purely to get the readable HTML report. The second run is much faster than the first
# as it does not need to redownload the images already pulled by the first run
- name: Generate HTML Report
shell: bash
env:
CC_CONF: ${{ inputs.config_file }}
HTML_REPORT: ${{ inputs.html_report }}
run: |
if [ "$HTML_REPORT" = true ]; then
# If no configuration supplied the job will run with Code Climate's default settings
# and language detection. Providing your own config is highly recommended for speed
# and accuracy
echo "#### CONFIG ####"
if [ -f .codeclimate.yml ] || cp "$CC_CONF" .codeclimate.yml; then
echo "Found codeclimate.yml at project root"
else
echo "::warning::No configuration found, using Code Climate's default configuration"
fi
# Run for HTML output
echo "#### GENERATING HTML VERSION ####"
docker run \
--env CODECLIMATE_CODE="$PWD" \
--volume "$PWD":/code \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume /tmp/cc:/tmp/cc \
codeclimate/codeclimate analyze -f html > codeclimate-report.html
else
echo "HTML REPORT not requested, skipping..."
fi
# Determine the result
- name: Parse Result
shell: bash
env:
CC_BLOCKERS_ALLOWED: ${{ inputs.blocker_threshold }}
CC_CRITICAL_ALLOWED: ${{ inputs.critical_threshold }}
CC_MAJOR_ALLOWED: ${{ inputs.major_threshold }}
CC_MINOR_ALLOWED: ${{ inputs.minor_threshold }}
CC_INFO_ALLOWED: ${{ inputs.info_threshold }}
run: |
# Output in logs
echo "#### RESULT ####"
echo "total_issues: ${{ steps.cc.outputs.total }}"
echo "info: ${{ steps.cc.outputs.info }} allowed: $CC_INFO_ALLOWED"
echo "minor: ${{ steps.cc.outputs.minor }} allowed: $CC_MINOR_ALLOWED"
echo "major: ${{ steps.cc.outputs.major }} allowed: $CC_MAJOR_ALLOWED"
echo "critical: ${{ steps.cc.outputs.critical }} allowed: $CC_CRITICAL_ALLOWED"
echo "blocker: ${{ steps.cc.outputs.blocker }} allowed: $CC_BLOCKERS_ALLOWED"
# Pass or Fail the job depending on the findings / inputs
if [ ${{ steps.cc.outputs.blocker }} -gt "$CC_BLOCKERS_ALLOWED" ] || [ ${{ steps.cc.outputs.critical }} -gt "$CC_CRITICAL_ALLOWED" ] || [ ${{ steps.cc.outputs.major }} -gt "$CC_MAJOR_ALLOWED" ] || [ ${{ steps.cc.outputs.minor }} -gt "$CC_MINOR_ALLOWED" ] || [ ${{ steps.cc.outputs.info }} -gt "$CC_INFO_ALLOWED" ]; then
exit 1
else
exit 0
fi

0 comments on commit 6a05b29

Please sign in to comment.