Code Quality (STARTER)

Introduced in GitLab Starter 9.3.

With the help of GitLab CI/CD, you can analyze your source code quality using GitLab Code Quality.

Code Quality:

Going a step further, GitLab can show the Code Quality report right in the merge request widget area:

Code Quality Widget

Use cases

For instance, consider the following workflow:

  1. Your backend team member starts a new implementation for making a certain feature in your app faster.
  2. With Code Quality reports, they analyze how their implementation is impacting the code quality.
  3. The metrics show that their code degrade the quality in 10 points.
  4. You ask a co-worker to help them with this modification.
  5. They both work on the changes until Code Quality report displays no degradations, only improvements.
  6. You approve the merge request and authorize its deployment to staging.
  7. Once verified, their changes are deployed to production.

Template and examples

For most GitLab instances, the supplied template is the preferred method of implementing Code Quality. See Analyze your project's Code Quality for:

  • Information on the builtin GitLab Code Quality template.
  • Examples of manual GitLab configuration for earlier GitLab versions.

Configuring jobs using variables

The Code Quality job supports environment variables that users can set to configure job execution at runtime.

For a list of available environment variables, see Environment variables.

Implementing a custom tool

It's possible to have a custom tool provide Code Quality reports in GitLab. To do this:

  1. Define a job in your .gitlab-ci.yml file that generates the Code Quality report artifact.
  2. Configure your tool to generate the Code Quality report artifact as a JSON file that implements subset of the Code Climate spec.

The Code Quality report artifact JSON file must contain an array of objects with the following properties:

Name Description
description A description of the code quality violation.
fingerprint A unique fingerprint to identify the code quality violation. For example, an MD5 hash.
location.path The relative path to the file containing the code quality violation.
location.lines.begin The line on which the code quality violation occurred.


    "description": "'unused' is assigned a value but never used.",
    "fingerprint": "7815696ecbf1c96e6894b779456d330e",
    "location": {
      "path": "lib/index.js",
      "lines": {
        "begin": 42

NOTE: Note: Although the Code Climate spec supports more properties, those are ignored by GitLab.

Code Quality reports

Once the Code Quality job has completed, GitLab:

  • Checks the generated report.
  • Compares the metrics between the source and target branches.
  • Shows the information right on the merge request.

If multiple jobs in a pipeline generate a code quality artifact, only the artifact from the last created job (the job with the largest job ID) is used. To avoid confusion, configure only one job to generate a code quality artifact.

If the Code Quality report doesn't have anything to compare to, no information will be displayed in the merge request area. That is the case when you add the Code Quality job in your .gitlab-ci.yml for the very first time. Consecutive merge requests will have something to compare to and the Code Quality report will be shown properly.