Analyze changes
Using Qodana, you can not only scan your entire codebase, but also run analysis on change sets like merge or pull requests, as well as inspect changes between two commits.
Analyze pull and merge requests
If you just finished work and would like to analyze the changes, you can employ the --diff-start
option and specify a hash of the commit that will act as a base for comparison:
To run Qodana CLI in the default mode, you must have Docker or Podman installed and running locally. If you are using Linux, you should be able to run Docker under your current non-root user. Use this command to run Qodana CLI:
In GitHub Actions, the --diff-start
can be omitted because it will be added automatically while running Qodana, so you can follow this procedure:
On the
tab of the GitHub UI, create theQODANA_TOKEN
encrypted secret and save the project token as its value.On the
tab of the GitHub UI, set up a new workflow and create the.github/workflows/code_quality.yml
file.Add this snippet to the
.github/workflows/code_quality.yml
file:name: Qodana on: workflow_dispatch: pull_request: push: branches: # Specify your branches here - main # The 'main' branch - 'releases/*' # The release branches jobs: qodana: runs-on: ubuntu-latest permissions: contents: write pull-requests: write checks: write steps: - uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} # to check out the actual pull request commit, not the merge commit fetch-depth: 0 # a full history is required for pull request analysis - name: 'Qodana Scan' uses: JetBrains/qodana-action@v2024.3 env: QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
Make sure that your project repository is accessible to GitLab CI/CD and the Merged results pipeline
feature is enabled.
In the root directory of your project, save the .gitlab-ci.yml
file containing the following snippet:
Analyze changes between two commits
To inspect a set of changes between two commits, employ both --diff-start
and --diff-end
options:
To run Qodana CLI in the default mode, you must have Docker or Podman installed and running locally. If you are using Linux, you should be able to run Docker under your current non-root user. Use this command to run Qodana CLI:
On the
tab of the GitHub UI, create theQODANA_TOKEN
encrypted secret and save the project token as its value.On the
tab of the GitHub UI, set up a new workflow and create the.github/workflows/code_quality.yml
file.Add this snippet to the
.github/workflows/code_quality.yml
file:name: Qodana on: workflow_dispatch: pull_request: push: branches: # Specify your branches here - main # The 'main' branch - 'releases/*' # The release branches jobs: qodana: runs-on: ubuntu-latest permissions: contents: write pull-requests: write checks: write steps: - uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} # to check out the actual pull request commit, not the merge commit fetch-depth: 0 # a full history is required for pull request analysis - name: 'Qodana Scan' uses: JetBrains/qodana-action@v2024.3 with: args: --diff-start,<GIT_START_HASH>,--diff-end,<GIT_END_HASH> env: QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
Make sure that your project repository is accessible to GitLab CI/CD.
In the root directory of your project, save the .gitlab-ci.yml
file containing the following snippet: