Skip to main content

Travis

This article shows you how to integrate Qwiet preZero into your Travis workflow to provide automated code analysis.

Prerequisites

This tutorial assumes that you have:

Integration options

There are two ways you can integrate Qwiet into your Travis builds:

  1. Configuring the YAML file
  2. Customizing the container

Option 1: Configuring the YAML file

With both the hosted and the on-prem versions of Travis, you can configure the travis.yaml file to run Qwiet. The following YAML sample shows how you can modify the config file to obtain Qwiet, authenticate with Qwiet account, and run the code analysis process:

language: java
dist: trusty

install:
 - curl https://cdn.shiftleft.io/download/sl > /usr/local/bin/sl && chmod a+rx /usr/local/bin/sl
script:
 - <run your tests/tasks>
after_script:
 - sl analyze

Authentication

Set an environment variable with your CI config token instead of explicitly providing it in your config script.

When running in a production environment, we recommend using a CI token as the access token. You can create your CI token in the Qwiet Dashboard.

Please note that the presence of any set environment variables will override those in a configuration file.

Option 2: Customizing the container

With the on-prem versions of Travis, you can customize the container to run Qwiet.

Each Travis build uses a Docker container. You can modify the build containers to install and run Qwiet by editing the Dockerfile.