Skip to content

Commit

Permalink
Add GitHub PRs to the Static Analysis integrations (#20981)
Browse files Browse the repository at this point in the history
* Add GitHub PRs to the integrations

* Update _index.md

* Update content/en/continuous_integration/static_analysis/_index.md

Co-authored-by: Mark Azer <[email protected]>

* Update _index.md

* Write feature overview for GitHub source code management

* Sketch in content outline

* Add page to the TOC

* Add section on configuring a GitHub App

* Add product shot

* Update product screenshot

* Flesh out GitHub App instructions

* Finish first draft of instructions

* Update content/en/static_analysis/github_source_code_management.md

Co-authored-by: Mark Azer <[email protected]>

* Update content/en/static_analysis/github_source_code_management.md

Co-authored-by: Mark Azer <[email protected]>

* Update content/en/static_analysis/github_source_code_management.md

Co-authored-by: Mark Azer <[email protected]>

* Update content/en/static_analysis/github_source_code_management.md

Co-authored-by: Mark Azer <[email protected]>

* Update content/en/static_analysis/github_source_code_management.md

Co-authored-by: Mark Azer <[email protected]>

* Integrate feedback

* Rename file

* Update URL

* Integrate feedback

* Update identifier

* Update _index.md

* Tweak instructions

* Integrate feedback

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Update content/en/static_analysis/github_pull_requests.md

Co-authored-by: Austin Lai <[email protected]>

* Spacing Nit

---------

Co-authored-by: Mark Azer <[email protected]>
Co-authored-by: Austin Lai <[email protected]>
  • Loading branch information
3 people authored and MaelNamNam committed Jan 17, 2024
1 parent d4d7a41 commit 498e078
Show file tree
Hide file tree
Showing 9 changed files with 88 additions and 1 deletion.
5 changes: 5 additions & 0 deletions config/_default/menus/menus.en.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2708,6 +2708,11 @@ main:
parent: static_analysis
identifier: static_analysis_github_actions
weight: 103
- name: GitHub Pull Requests
url: static_analysis/github_pull_requests
parent: static_analysis
identifier: static_analysis_github_prs
weight: 103
- name: Quality Gates
url: quality_gates/
pre: ci
Expand Down
7 changes: 6 additions & 1 deletion content/en/static_analysis/_index.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,12 +39,17 @@ Using Static Analysis provides organizations with the following benefits:

## Integrations

### CI Providers
### CI providers
{{< whatsnext desc="With Static Analysis, you can integrate feedback on code reviews for various languages in any CI platform provider of choice. See the documentation for information about the following integrations:">}}
{{< nextlink href="continuous_integration/static_analysis/circleci_orbs" >}}CircleCI Orbs{{< /nextlink >}}
{{< nextlink href="continuous_integration/static_analysis/github_actions" >}}GitHub Actions{{< /nextlink >}}
{{< /whatsnext >}}

### Source code management
{{< whatsnext desc="During code reviews, source code management (SCM) integrations check for Static Analysis violations in pull requests for repos that have at least one ruleset applied. Violations are flagged with a comment on the relevant line of code. Certain violations also include suggested changes that can be applied directly in the UI of the SCM tool." >}}
{{< nextlink href="static_analysis/github_pull_requests" >}}GitHub Pull Requests{{< /nextlink >}}
{{< /whatsnext >}}

### IDEs
{{< whatsnext desc="With Static Analysis, you can get real-time feedback as you edit a file in your Integrated Development Environment (IDE). See the documentation for information about the following integrations:">}}
{{< nextlink href="developers/ide_integrations/idea/" >}}Datadog Plugin for IntelliJ IDEA{{< /nextlink >}}
Expand Down
77 changes: 77 additions & 0 deletions content/en/static_analysis/github_pull_requests.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
---
title: GitHub Pull Requests
kind: documentation
description: Learn how to use Static Analysis in GitHub pull requests.
further_reading:
- link: "/integrations/github/"
tag: "Documentation"
text: "Learn about the GitHub integration"
- link: "/static_analysis/"
tag: "Documentation"
text: "Learn about Static Analysis"
---

## Overview

Static Analysis can automatically flag rule violations in pull requests on GitHub. To configure the [GitHub integration][2] to include Static Analysis features, see [the setup instructions](#set-up-static-analysis-for-github-pull-requests).

During code reviews on GitHub, the integration checks for Static Analysis violations in pull requests for repos that have at least one ruleset applied. Violations are flagged with a review comment on the relevant line of code.

{{< img src="ci/static-analysis-pr-comment-example.png" alt="Example of a Static Analysis comment on a pull request" style="width:90%;" >}}

The comment includes the name, ID, severity, category, and description of the violation. Certain violations also include suggested changes that can be applied directly in the GitHub UI.

## Set up Static Analysis for GitHub pull requests

### Enable Static Analysis on Datadog

To use Datadog Static Analysis, add the appropriate configuration files to your repository, as described in the [setup instructions][1].

### Configure a GitHub App

To use Static Analysis on GitHub, you can do one of the following:

- Create a GitHub App in Datadog.
- Update an existing GitHub App, if you have already created one in Datadog.

The permissions you grant to the GitHub App determine which [GitHub integration][2] features are available for setup.

#### Create and install a GitHub App

1. In Datadog, navigate to [**Integrations > GitHub Applications > Add New GitHub Application**][3].
1. Fill out any required details, such as the GitHub organization name.
1. Under **Select Features**, check the **Static Analysis: Pull Request Review Comments** box.
1. Under **Edit Permissions**, verify that the **Pull Requests** permission is set to **Read & Write**.
1. Click **Create App in GitHub**.
1. Enter a name for your app, and submit it.
1. Click **Install GitHub App**.
1. Choose which repositories the app should be installed into, then click **Install & Authorize**.

{{< img src="ci/static-analysis-install-github-app.png" alt="GitHub App installation screen" style="width:50%;" >}}

#### Update an existing GitHub App

1. In Datadog, navigate to [**Integrations > GitHub Applications**][5], and search for the GitHub App you want to use for Static Analysis.
{{< img src="ci/static-analysis-existing-github-app.png" alt="Example of a Static Analysis comment on a pull request" style="width:90%;" >}}
1. On the **Features** tab, look at the **Static Analysis: Pull Request Comments** section to determine whether your GitHub App needs additional permissions. If so, click **Update permissions in GitHub** to edit the app settings.
1. Under **Repository permissions**, set the **Pull Requests** access to **Read and write**.
{{< img src="ci/static-analysis-pr-read-write-permissions.png" alt="The dropdown for the pull request read and write permission" style="width:90%;" >}}
1. Under the **Subscribe to events** heading, check the **Pull request** box.
{{< img src="ci/static-analysis-pr-review-comment.png" alt="The checkbox for the pull request review comment permission" style="width:90%;" >}}

### Enable Static Analysis PR comments for your repositories

1. In Datadog, navigate to [**CI Settings** > **Static Analysis Settings**][4].
1. Click the toggle switch next to a given repository to enable **GitHub Comments**. In the example below, comments are enabled for the `demo-static-analysis-gates` repository.

{{< img src="ci/static-analysis-github-comments.png" alt="Example of a Static Analysis comment on a pull request" style="width:100%;" >}}

## Further Reading

{{< partial name="whats-next/whats-next.html" >}}

[1]: /static_analysis#setup
[2]: /integrations/github/
[3]: https://app.datadoghq.com/integrations/github/add
[4]: https://app.datadoghq.com/ci/settings/static-analysis
[5]: https://app.datadoghq.com/integrations/github/configuration
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit 498e078

Please sign in to comment.