如何使用Buddy和GitHub状态检查保护代码
In this guide we'll show you how to secure yourself from merging errors in your GitHub projects with help of BuddyWorks testing features.
Action used in this guide:
Introduction
Git and its branches are one of the best inventions since sliced bread (well, at least for developers). Employing branches, gitflow and pull requests to development workflow is a great way to ensure code quality.
In short, Gitflow is a type of workflow in which all new features and bug fixes are made on dedicated branches; only when the branch is tested it can be merged to the master branch.
Make sure to check out our insight article on 5 types of Git workflows.
Gitflow in practice may look like this:
- Junior Developer receives a task 'develop a new feature'
- They create a new branch and codes the feature
- When the feature is ready, the developer creates a pull request
- Senior Developer reviews the code and assigns back comments
- Finally, the feature branch is merged into the master branch and the new feature is ready for deployment
However, no matter how experienced and thorough the Senior Dev is (the coffee wears off, eventually!), such approach doesn't guarantee the code is free of errors.
The principle rule of Continuous Integration says that all changes to code need to be tested before they can be merged to the master branch.
Automate tests with BuddyWorks
Regardless if you use Test, Behavior or Domain Driven Development, writing tests for your application before deploying it to your client is extremely important. Let's begin with creating a pipeline that will automatically test all changes pushed to your repository.
For the purpose of this guide we'll use a simple calculator app written in PHP and Laravel. Make sure to fork it before going forward!
Go to buddy.works, sign up with your GitHub profile and select the forked repository for the first project:
Create a new pipeline and set the trigger mode to On every push. Assign the branch to Advanced wildcard and set it to
*:
Add the PHP action that will run the tests:
See how it works in practice
According to Gitflow principles, we now need to create a new branch for the changes in the GitHub project. Let's make a change that will not break anything, eg. add a sad comment to method responsible for math operations in app/Calculator.php:
public function div($x, $y) { //Every time you divide by zero, a puppy dies
if($y == 0)
return "don't divide by zero";
$z = $x / $y;
return $z;
}
The commit will immediately trigger the tests in Buddy:
Success! If you open the list of commits in GitHub, you'll see they have passed as well:
What happens when the tests fail
It's time to break something up. For example, change the results of the sum operation to 100:
public function sum($x, $y) {
$z = $x + $y;
return 100;
}
Buddy will run the tests and produce the results:
Ooops! We did - we broke the app. If you fire up the list of commits in GitHub, you'll see that the commit status says "Failed", too.
Protecting your code
Introducing tests like these doesn't secure our code in full: it's still possible to accidentally merge the errors to the production branch. In order to prevent that, we need to secure the main branch on GitHub (usually master):
- Go to Settings → Branches in your GitHub project
- Under Protected branches select the master branch
- Check these boxes:
- Protect this branch
- Require status checks to pass before merging
- the name of the pipeline from Buddy
From now on, it will not be possible to issue a pull request and merge untested code to the master branch. The merge will be simply not be possible if the tests are in progress or have failed:
