How to protect code with Buddy and GitHub status checks

Buddy
Buddy
Apr 7 · 4 min read

In this guide, we’ll show you how to secure yourself from merging errors in your GitHub projects with help of BuddyWorks testing features.

Introduction

Git and its branches are one of the best inventions since sliced bread (well, at least for developers). Employing branches, gitflow and pull requests to development workflow is a great way to ensure code quality.

In short, Gitflow is a type of workflow in which all new features and bug fixes are made on dedicated branches; only when the branch is tested it can be merged to the master branch.

Make sure to check out our insight article on 5 types of Git workflows.

Gitflow in practice may look like this:

  1. Junior Developer receives a task ‘develop a new feature’
  2. They create a new branch and codes the feature
  3. When the feature is ready, the developer creates a pull request
  4. Senior Developer reviews the code and assigns back comments
  5. Finally, the feature branch is merged into the master branch and the new feature is ready for deployment

However, no matter how experienced and thorough the Senior Dev is (the coffee wears off, eventually!), such approach doesn’t guarantee the code is free of errors.

The principle rule of Continuous Integration says that all changes to code need to be tested before they can be merged to the master branch.

Automate tests with BuddyWorks

Regardless if you use Test, Behavior or Domain Driven Development, writing tests for your application before deploying it to your client is extremely important. Let’s begin with creating a pipeline that will automatically test all changes pushed to your repository.

For the purpose of this guide we’ll use a simple calculator app written in PHP and Laravel. Make sure to fork it before going forward!

  • Go to buddy.works, sign up with your GitHub profile and select the forked repository for the first project:
Creating a new project
  • Create a new pipeline and set the trigger mode to On every push. Assign the branch to Advanced wildcard and set it to *:
Adding a new pipeline
  • Add the PHP action that will run the tests:
Adding the PHP action

See how it works in practice

According to Gitflow principles, we now need to create a new branch for the changes in the GitHub project. Let’s make a change that will not break anything, eg. add a sad comment to method responsible for math operations in app/Calculator.php:

public function div($x, $y) { //Every time you divide by zero, a puppy dies
if($y == 0)
return "don't divide by zero";
$z = $x / $y;
return $z;
}

The commit will immediately trigger the tests in Buddy:

Success! If you open the list of commits in GitHub, you’ll see they have passed as well:

Successful build on GitHub

What happens when the tests fail

It’s time to break something up. For example, change the results of the sum operation to 100:

public function sum($x, $y) {
$z = $x + $y;
return 100;
}

Buddy will run the tests and produce the results:

Ooops! We did — we broke the app. If you fire up the list of commits in GitHub, you’ll see that the commit status says “Failed”, too.

Protecting your code

Introducing tests like these doesn’t secure our code in full: it’s still possible to accidentally merge the errors to the production branch. In order to prevent that, we need to secure the main branch on GitHub (usually master):

  1. Go to Settings → Branches in your GitHub project
  2. Under Protected branches select the master branch
  3. Check these boxes:
  • Protect this branch
  • Require status checks to pass before merging
  • the name of the pipeline from Buddy
Protecting master branch from merging errors

From now on, it will not be possible to issue a pull request and merge untested code to the master branch. The merge will simply not be possible if the tests are in progress or have failed:

Merge blocked due to errors

The DevOps Corner

Your source of best practices on CI/CD in software delivery.

Buddy

Written by

Buddy

CI/CD made easy • https://buddy.works/

The DevOps Corner

From bare-metal delivery to serverless deployment and Kubernetes orchestration, the articles in the DevOps corner will help you introduce CI/CD to your process and release software more frequently in a secure and professional manner.

Buddy

Written by

Buddy

CI/CD made easy • https://buddy.works/

The DevOps Corner

From bare-metal delivery to serverless deployment and Kubernetes orchestration, the articles in the DevOps corner will help you introduce CI/CD to your process and release software more frequently in a secure and professional manner.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store