Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add native support for "Code Climate" / "GitLab Code Quality" report #3155

Open
pmhahn opened this issue Mar 10, 2025 · 0 comments
Open

Add native support for "Code Climate" / "GitLab Code Quality" report #3155

pmhahn opened this issue Mar 10, 2025 · 0 comments

Comments

@pmhahn
Copy link

pmhahn commented Mar 10, 2025

shellcheck can be used with GitLab, which is already documented here: https://github.com/koalaman/shellcheck/wiki/GitLab-CI

There exists several so-called "GitLab components" like https://gitlab.com/pipeline-components/shellcheck which make it very easy to run shellcheck as part of ones own pipeline.

What most of them currently lack is "Code Quality report" integration, showing shellchecks findings next to the lines changed by a "Merge Request" in GitLab. This is currently still supported by running shellcheck via "Code Climate" https://docs.codeclimate.com/docs/shellcheck, but that is deprecated: https://docs.gitlab.com/ci/testing/code_quality/#use-the-built-in-code-quality-cicd-template-deprecated

This is replaced by running linters directly: https://docs.gitlab.com/ci/testing/code_quality/#integrate-common-tools-with-code-quality

The JSON output of shellcheck can be converted to the required "Code Climate" JSON format: https://docs.gitlab.com/ci/testing/code_quality/#code-quality-report-format using jq, see attached shell script.
A GitLab pipeline fragment then might look like this:

$[[ inputs.job_name ]]:  # e.g. "shellcheck"
  stage: $[[ inputs.stage ]]  # e.g. "lint"
  image: $[[ inputs.image ]]  # e.g. your variant of "koalaman/shellcheck:stable"
  variables:
    GIT_DEPTH: "1"
  script: |
    set -e -u -o pipefail
    export severity="$[[ inputs.severity ]]"  # one of "error", "warning", "info" or "style"
    gl-shellcheck | tee gl-code-quality-report.json
  artifacts:
    reports:
      codequality: gl-code-quality-report.json
    when: always
  interruptible: true
  allow_failure:
    exit_codes:
      - 1

This has several drawbacks:

  1. You have to build a Docker image yourself, which both contains shellcheck and jq (and bash).
  2. You have to write the JSON into a file, but optionally also want a human readable output in the console output – see Support multiple output to file #2348 to add support for multiple outputs
  3. If you use | tee to redirect the output to both a file and the console, you loose the exit code from shellcheck

It would be good if shellcheck could directly generate a valid "Code Climate" JSON report.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pmhahn