BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Atomist Adds Drift Management Features to Minimize Process and Code Divergence

Atomist Adds Drift Management Features to Minimize Process and Code Divergence

Atomist recently released Drift Management as a new feature within their Software Delivery Machine. This tool helps to track and control drift within repositories, libraries, and Docker images. Drift Management is open source and available in Atomist subscription plans including the free tier.

Atomist’s Software Delivery Machine (SDM) is a cloud-native software delivery platform designed with an event-driven model. According to Christian Dupuis, VP of engineering at Atmoist:

The big idea of SDM is that actions like builds or deployments should be driven from events and defined in code rather than a cringe worthy mix of YAML definitions and Bash scripts typical of legacy CI/CD tools. The SDM provides a framework for developing delivery and the runtime for executing it.

With the release of Drift Management, Atomist is providing additional functionality for assessing the health of the codebase and deployment pipelines. According to Ryan Day, COO at Atomist,

Drift is the divergence of your code and configuration from where you would want it to be, from an ideally current state. It happens over time and typically goes unnoticed until something breaks or an exploit happens.

Drift Management provides tooling to analyze, discover, and visualize code and process usage. This includes identifying areas where drift is occuring. The drift report will show areas of code and process by degree of drift: zero, low, medium, and high. As an example, multiple versions of eslint across various Node.js repositories will cause drift to be reported as high.

Drift report for drift within NPM for an organization with drill-in on high drift dependencies.

Drift report showing drift within NPM for an organization. On the right is a drill-in on the high drift dependencies (credit: Atomist)

 

In addition to reporting on sources of drift such as multiple package versions, this release includes the ability to define policies to address specific issues. For example, a policy can be set to detect or address package versions below a specified limit. Policies can be set at the repository or organization level. Atomist also supports gradual rollout of policies by allowing them to be applied to selected repositories before rolling out to the remaining code in the organization.

Policies integrate with the ChatOps features of Atomist by notifying developers of policy violations directly within supported chat tools. Currently Atomist supports an integration with Slack and has an experimental integration with MIcrosoft Teams. This notification allows for application of the policy adjustment directly through an automated pull request.

The policy manager allows for tracking across all repositories. This includes a compliance tracker that displays how repositories are tracking against the currently viewed policy.

Atomist policy complience and tracking screen

The Policy Manager compliance tracker showing compliance against set policies (credit: Atomist)

 

The drift management feature is built upon Atomist’s open source Org Visualizer project. The org visualizer allows for running analyses and reports locally. It also allows for developing and testing Aspects. Aspects are the interface for creating custom analyses and updaters. They capture a concern in code or process and can access anything held in Git including code and Git metadata. Via the Atomist event hub, aspects can access data from processes including build time and merge outcome.

Aspects capture the state of code, configuration, or process into a canonical fingerprint that allows for comparison. Using the Atomist API, the fingerprints can be extracted to prepare visualizations or to trigger updates or workflow changes. Atomist includes a number of sample aspects such as the example below that checks for an open source license file within the repository:

export const License: Aspect = {
  name: LicenseType,
  displayName: "License",
  baseOnly: true,
  extract: async p => {
    const licenseFile = await firstFileFound(p, "LICENSE", "LICENSE.txt", "license.txt", "LICENSE.md");
    let classification: string = NoLicense;
    let content: string;
    if (!!licenseFile) {
      content = await licenseFile.getContent();
      classification = content.trim().split("\n")[0].trim();
    }
    
    const data: LicenseData = { classification, content, path: licenseFile ? licenseFile.path : undefined };

    return {
      type: LicenseType,
      name: LicenseType,
      data,
      sha: sha256(JSON.stringify(data)),
    };
  },
};

The drift report and policy manager is included in all Atomist subscription plans, including the free tier. At the time of shipping, drift management has support for Node.js dependencies, TypeScript versions, Java Maven dependencies, Clojure Leiningen dependencies, Docker base images, Docker exposed ports, and Git branch count.

Rate this Article

Adoption
Style

BT