Standardizing UI Repo "Tools / Scanners"

Hi All,

On the various UI repos (manageiq-ui-service, manageiq-ui-classic, ui-components) we have a variety of “tools / scanners” running. Right now, here’s what I see running on each repo:

Service UI

• Code Climate
• NSP (Node Security Project)
• Travis
• Coveralls

UI Components

• BitHound
• Travis
• Coveralls

Classic UI

• hakiri
• Code Climate
• gemnasium
• snyk
• Travis

I’m wondering if we can come to an agreement of what we need / should have, and then move to get all the repos in sync? Based on what I see / have used, I wonder what does everyone think about using the following:

• Travis = Testing (de-facto standard for ManageIQ org)
• Code Climate = Code Quality
• BitHound = Security Scanner
• Coveralls = Code Coverage (I like Coveralls vs. Code Climate for coverage, because you can set a failure threshold for a drop in code coverage)

Again, just thoughts and this is meant to spawn discussion of getting us all in sync, not in anyway a “this is the way it will be”.

Chris

I agree that standardizing across repos where it makes sense is a reasonable request. The options you suggested seem like the ones that most of our repos are using and we should definitely push forward to fill in the gaps in the other repos so we are consistent.

BitHound doesn’t support ruby, so ui-classic still needs Hakiri and gemnasium.

No idea about snyk.

EDIT: IIRC we used to have Coveralls and disabled it because of bogus coverage info when the tests were still running, so probably not an option either, unless fixed.

Just curious, but what do you all use Ruby for in your repo?

Because ManageIQ is written in Ruby, so for almost everything?

BTW Adrian will write his bachelor’s thesis about automated code review and the practical part will be to implement some miq-bot enhancements. I’ll share a doc with the team where you can drop in your enhancement ideas. Not strictly connected to this topic, just FYI as you might have some ideas from the JS world.