Skip to main content

GitLab bot for custom linting tools to comment MRs

Project description

Build status PyPI version Python version Downloads Language grade: Python

nittymcpick

Your friendly nitpicking GitLab bot

Purpose

This bot does run custom linting tools on receiving a webhook from GitLab and reporting back its findings as comments to the merge request diff

Prerequisites

  • python 3.6+
  • GitLab CE/EE

Setup

Install tool to a machine

This machine has to be reachable by the GitLab server via network. In the following we will assume a local installation on the GitLab Server itself (127.0.0.1)

  • Install via pypi

    pip3 install nittymcpick
    

Create a GitLab user

  • Go to GitLab with an account that can create users (e.g. root)
    • admin/users/new
      • Name = Nitty McPick
      • Username = nittymcpick
      • Email = foo@localhost (or any other non-exisiting mail address)
      • Access Level = Regular
    • admin/users/nittymcpick/impersonation_tokens
      • Name = e.g. Nitty McPick Bot
      • Scopes = api, read_repository
      • IMPORTANT copy the content of Your New Impersonation Token

Add bot to the project

  • Goto Gitlab with an account that can change project settings
    • [username]/[project]/-project_members/
      • search Nitty McPick at **GitLabd member or Email address*
      • click Invite
      • Change level Nitty McPick from Guest to Reporter

Create a GitLab webhook

  • Goto Gitlab with an account that can change project settings
    • **[username]/[project]/-/settings/integrations
      • URL: http://127.0.0.1:8888
      • Trigger: Merge requests events
      • SSL verification: uncheck the box
      • Click on Add webhook

Create a configuration for the bot

Create a json file like shown at config.json.sample. The file can contain any number of items

linter section
attribute description
name name of the linting tool
path absolute path of binary of the linting tool
args list of additional arguments to be passed to the linter
ret_regex regular expression for evaluation of the output of the linter (see Return Regex)
tweaks.lin e_count_ad just Add number of lines to the reported output line number
tweaks.sin gle_file_e xec Run each matching file in a single linter instance, otherwise all files will be run by a single instance
matches section
attribute description
pattern Regular expression for files that should be checked
Return Regex

The regular expression to extract all the needed data should contain the following named groups

  • severity - for the severity of the finding (optional)
  • line - Line where the findings occured
  • message - A meaningful message
  • file - The file where the of the finding

Run the tool

usage: nittymcpick [-h] [--token TOKEN] [--onlynew] [--nowip] [--host HOST]
                   [--port PORT] [--botname BOTNAME]
                   config

Your friendly linting bot for gitlab

positional arguments:
  config             config file

optional arguments:
  -h, --help         show this help message and exit
  --token TOKEN      Access token to use (default:GL_ACCESS_TOKEN from
                     environment)
  --onlynew          Comment only on changes (default:false)
  --nowip            Ignore WIP merge requests (default:false)
  --host HOST        IP to bind to (default:127.0.0.1)
  --port PORT        Port to bind to (default:8888)
  --botname BOTNAME  Username of the bot in GitLab
                     (default:NITTY_MCPICK_USERNAME from env or 'nittymcpick')

e.g. run

export GL_ACCESS_TOKEN=<Impersonation Token from gitlab>
nittymcpick config.json

now everytime a merge request is opened or changed the tool will run all the configured linting tools. On a finding it would comment directly to the MR like this

Nitty McPick @nittymcpick · just now
Reporter

mytool found a potential error - the code is absolutely insecure

Docker

There is an already prepared container available under privkweihmann/nittymcpick:latest

A word on security

It is heavily advised to run the bot on the gitlab server itself, as currently only http:// as a webhook protocol is supported.

PRs to enable https:// as welcome!

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for nittymcpick, version 1.1.3
Filename, size File type Python version Upload date Hashes
Filename, size nittymcpick-1.1.3.tar.gz (10.5 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page