How to protect code with Buddy and GitHub status checks
In this guide we'll show you how to secure yourself from merging errors in your GitHub projects with help of BuddyWorks testing features.
Action used in this guide:
Introduction
Git and its branches are one of the best inventions since sliced bread (well, at least for developers). Employing branches, gitflow and pull requests to development workflow is a great way to ensure code quality.
Gitflow in practice may look like this:
- Junior Developer receives a task 'develop a new feature'
- They create a new branch and codes the feature
- When the feature is ready, the developer creates a pull request
- Senior Developer reviews the code and assigns back comments
- Finally, the feature branch is merged into the master branch and the new feature is ready for deployment
However, no matter how experienced and thorough the Senior Dev is (the coffee wears off, eventually!), such approach doesn't guarantee the code is free of errors.
Automate tests with BuddyWorks
Regardless if you use Test, Behavior or Domain Driven Development, writing tests for your application before deploying it to your client is extremely important. Let's begin with creating a pipeline that will automatically test all changes pushed to your repository.
Go to buddy.works, sign up with your GitHub profile and select the forked repository for the first project: Image loading...
Create a new pipeline and set the trigger mode to On every push. Assign the branch to Advanced wildcard and set it to
*: Image loading...
Add the PHP action that will run the tests: Image loading...
See how it works in practice
According to Gitflow principles, we now need to create a new branch for the changes in the GitHub project. Let's make a change that will not break anything, eg. add a sad comment to method responsible for math operations in app/Calculator.php:
phppublic function div($x, $y) { //Every time you divide by zero, a puppy dies if($y == 0) return "don't divide by zero"; $z = $x / $y; return $z; }
The commit will immediately trigger the tests in Buddy:
Success! If you open the list of commits in GitHub, you'll see they have passed as well:
Image loading...
What happens when the tests fail
It's time to break something up. For example, change the results of the sum operation to 100:
phppublic function sum($x, $y) { $z = $x + $y; return 100; }
Buddy will run the tests and produce the results:
Ooops! We did - we broke the app. If you fire up the list of commits in GitHub, you'll see that the commit status says "Failed", too.
Protecting your code
Introducing tests like these doesn't secure our code in full: it's still possible to accidentally merge the errors to the production branch. In order to prevent that, we need to secure the main branch on GitHub (usually master):
- Go to Settings → Branches in your GitHub project
- Under Protected branches select the master branch
- Check these boxes:
- Protect this branch
- Require status checks to pass before merging
- the name of the pipeline from Buddy
Image loading...
From now on, it will not be possible to issue a pull request and merge untested code to the master branch. The merge will be simply not be possible if the tests are in progress or have failed:
Image loading...
Jarek Dylewski
Customer Support
A journalist and an SEO specialist trying to find himself in the unforgiving world of coders. Gamer, a non-fiction literature fan and obsessive carnivore. Jarek uses his talents to convert the programming lingo into a cohesive and approachable narration.