Virtualization Technology News and Information
Get control of your code and process


By Ryan Day, co-founder and COO of Atomist

One of the biggest challenges we face as development teams is keeping our code and development processes current and consistent. Outdated dependencies, container images, or delivery pipelines pose significant risk. Being vigilant over your code, configuration and development practices is hard because there are so many aspects to manage. Toiling at trying to keep things up-to-date takes you away from building and shipping and wears away at the soul.

"In a healthy piece of code, entropic decay is typically staved off by dozens of tiny interventions - bug fixes, test fixes, small refactors, migrating off a deprecated API, that sort of thing." - Kevin Simler

Tame Drift

Today, we're introducing Drift Management to give you control over your code and development process.

Here's an example of the different versions of TypeScript in use in my org (left), and my npm dependencies grouped by degree of Drift (how much spread or entropy of versions in use for each dependency)

Drift is the divergence of your code and configuration from where you would want it to be, from an ideally current state. It happens over time and typically goes unnoticed until something breaks or an exploit happens.

Built on top of the Software Delivery Machine, Drift Management helps you take control of code and process:

  • Analyze, discover and visualize code and process usage
  • Identify drift and issues that need attention
  • Fix issues and reduce drift through policies
  • Track progress and manage policies over time

Discover and visualize what you use

Continuously analyze repositories for aspects of code and configuration, like dependencies and languages, to understand what versions are used and how much drift there is. See potential process issues like high Git branch count-too many branches may be a process smell that needs attention. Understand how things like Docker base images and Kubernetes specs are used-outdated and unauthorized container images are security and operational hazards.

Docker base image distribution across the organization (this chart is interactive in the Drift Report)

Identify issues that need attention

The Drift Report shows aspects of code and process by degree of Drift (Zero, Low, Medium, High). For example, if there are many different versions of eslint in use across Node.js repositories, Drift will be high.


Left: NPM dependency drift for an organization. Higher drift dependencies are interesting to explore. Right: Drilling in on High drift dependencies to see which need attention

The interactive charts in the Drift Report let you drill in and explore facets of your code and process to identify issues. We might want to set a policy to reduce our eslintvariants in this organization, for example.

Define and set policies

Atomist connects you to more than your code. It also connects automation and policy to people via chat. Notification of an available update is sent to developers before a pull request is raised. Developers decide when they are ready to accept and apply the update.

Developers decide when to accept a policy update and apply via an automated pull request

When setting policy, you can try it on one repository and then roll it out to the whole organization. If you need to get an update out to your entire organization quickly, you can opt to send pull requests immediately.

Setting a policy for eslint NPM dependency

Track progress toward policy goals

The Policy Manager shows current usage across all repositories, including a compliance tracker to see what proportion of repositories are on the current policy.


Track Policies and Compliance

Built on an extensible open source foundation

The Drift Management feature is built on open source. There are two layers.

  • Org Visualizer: an open source project for running analysis and reporting locally, as well as for developing and testing Aspects, which is the interface for creating custom analyses and updaters. See org-visualizer on GitHub for info on getting started using and extending it.
  • Drift Report and Policy Manager: included in Atomist subscription plans (including Free tier); automatically analyzes and reports on usage and drift across aspects found in your code base, provides interactive visualization and policy management interface.

Policy Aspect support

Today, we're shipping the Drift Management feature with support for:

  • Node.js dependencies
  • TypeScript versions
  • Java Maven dependencies
  • Clojure Leiningen dependencies
  • Docker base images
  • Docker exposed ports
  • Git branch count

This is just the beginning - this list will continue to expand. The open source org-visualizer project includes support for more technologies and it's a framework for you to build support for the aspects of your code and process that you want to discover and manage. Share what you've built with others in the community. 🙌

Get your Drift Report right now to see your own technology usage and drift.



Published Tuesday, September 03, 2019 1:04 PM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<September 2019>