Setup a CI pipeline

1. Obtain Personal access token and add it to GitHub secrets

  • Create a new personal access token for your GitHub repository. You may do it by going to “Settings” -> “Developer settings” page of your GitHub account. Select “Personal access token” tab and create a new token.

  • Add this token to your repository’s secrets. Go to “Settings” within your repository page and select “Secrets.” Add a new secret by pasting the access token in the Value field and giving a meaning name (e.g., PAT).

2: Add QScored API key to secrets

  • If you do not have a QScored API key for your account, follow these steps to get one.

    • Login to your QScored account. If you don’t have an account yet, create one.

    • Go to the “Settings” page after logging in; it is located on the right top side of the navigation bar. Click on “Request an API key” option; you will get your API key within seconds in your inbox.

  • Add the API key to your GitHub’s repository secrets. Let’s say you name it QSCORED_API_KEY.

3: Add your Designite key to secrets (optional)

If you have Designite’s professional (or academic) license key, add the key to your GitHub’s repository secrets. Let us call it D_KEY.

4: Add a GitHub Actions workflow file

This is the last and very crucial step. Create a folder “.github” on your root directory of the project and create “workflows” folder inside the “.github” folder. Create a workflow file (say “actions.yml”) in the newly created “workflows” folder. The contents of the action.yml file depends upon your project language and tasks.

Sample actions.yml file for a Java project

Change <Your email> and <Project name> in the following action file. Also, you may choose to keep your project private or publicly searchable by setting “is_open_access” to “off” or “on” respectively.

name: CI

    branches: [ master ]
    branches: [ master ]

    runs-on: ubuntu-latest
      - uses: actions/checkout@v2
      - name: Build with Maven
        run: mvn clean install
      - name: Download DesigniteJava
        run: wget ""
      - name: Analyze project with DesigniteJava
        run: |
          java -jar DesigniteJava.jar -ci -repo $GITHUB_REPOSITORY -pat ${{ secrets.PAT }} -k ${{ secrets.D_KEY }}
          curl -X PUT -H "Authorization: Token ${{ secrets.QSCORED_API_KEY }}" -H "repository-link:" + GITHUB_REPOSITORY -H "username: 'Your
        email'" -H "Content-Type: mulitpart/form-data" --url "$GITHUB_RUN_NUMBER&project_name='Project
        name'" -F "file=@Designite_output/DesigniteAnalysis.xml"

Take a look at this post for more details.