Configuration Smells in Continuous Delivery Pipelines: A Linter and a Six-Month Study on GitLab
An effective and efficient application of Continuous Integration (CI) and Delivery (CD) requires software projects to follow certain principles and good practices. Configuring such a CI/CD pipeline is challenging and error-prone. Therefore, automated linters have been proposed to detect errors in the pipeline. While existing linters identify syntactic errors, detect security vulnerabilities or misuse of the features provided by build servers, they do not support developers that want to prevent common misconfigurations of a CD pipeline that potentially violate CD principles (“CD smells”). To this end, we propose CD-Linter, a semantic linter that can automatically identify four different smells in pipeline configuration files. We have evaluated our approach through a large-scale and long-term study that consists of (i) monitoring 145 issues (opened in as many open-source projects) over a period of 6 months, (ii) manually validating the detection precision and recall on a representative sample of issues, and (iii) assessing the magnitude of the observed smells on 5,312 open-source projects on GitLab. Our results show that CD smells are accepted and fixed by most of the developers and our linter achieves a precision of 87% and a recall of 94%. Those smells can be frequently observed in the wild, as 31% of projects with long configurations are affected by at least one smell.
Tue 10 NovDisplayed time zone: (UTC) Coordinated Universal Time change
17:00 - 17:30 | |||
17:00 2mTalk | Configuration Smells in Continuous Delivery Pipelines: A Linter and a Six-Month Study on GitLab Research Papers Carmine Vassallo University of Zurich, Switzerland, Sebastian Proksch Delft University of Technology, Netherlands, Anna Jancso University of Zurich, Switzerland, Harald Gall University of Zurich, Switzerland, Massimiliano Di Penta University of Sannio, Italy DOI Pre-print | ||
17:03 1mTalk | Dimensions of Software Configuration: On the Configuration Context in Modern Software Development Research Papers Norbert Siegmund Bauhaus-University Weimar, Nicolai Ruckel Bauhaus-University Weimar, Janet Siegmund TU Chemnitz, Germany DOI | ||
17:05 1mTalk | Global Cost/Quality Management across Multiple Applications Research Papers Liu Liu Rutgers University, USA, Sibren Isaacman Loyola University Maryland, USA, Uli Kremer Rutgers University, USA DOI | ||
17:07 1mTalk | Inferring and Securing Software Configurations using Automated Reasoning Visions and Reflections Paul Gazzillo University of Central Florida DOI | ||
17:09 1mTalk | Understanding and Discovering Software Configuration Dependencies in Cloud and Datacenter Systems Research Papers Qingrong Chen University of Illinois at Urbana-Champaign, USA, Teng Wang National University of Defense Technology, China, Owolabi Legunsen Cornell University, Shanshan Li National University of Defense Technology, China, Tianyin Xu University of Illinois at Urbana-Champaign, USA DOI | ||
17:11 19mTalk | Conversations on Configuration Paper Presentations Carmine Vassallo University of Zurich, Switzerland, Liu Liu Rutgers University, Nicolai Ruckel Bauhaus-University Weimar, Paul Gazzillo University of Central Florida, Qingrong Chen University of Illinois at Urbana-Champaign, USA, M: Sarah Nadi University of Alberta |