Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Note that this capability is only available for the following MettleCI releases:

  • MettleCI Workbench build 1658 or later

  • MettleCI Command Line Interface build 243 or later (this includes the required version of the Compliance Plugin)

    • More specifically, you need MettleCI Compliance Plugin build 421 or later

    (this is the plugin on its own which can be downloaded to replace the plugin in an existing installation of the CLI)
    • . i.e. dm-compliance-plugin-2.2-421.jar or later.

Each Compliance rule can be augmented with additional rule metadata through the use of annotations, the most significant of which is the Tag annotation which is described here.

...

  • Identifying the ‘severity’ of each rule. The MettleCI tools that use Compliance results (the Workbench user interface and the mettleci compliance test CLI command) need to know how to respond to Compliance Rule breaches. How a rule’s breach should be indicated in Workbench or whether its use in a CI pipeline should produce a warning message or abort the pipeline entirely can be defined using Tags.

  • Grouping Compliance Rules into ‘bundles’ of functionally related rules. This could enable users to report or test by functional area. Functional groups into which Compliance Rules could be bundled might be Performance, Security, Maintainability, etc. Tagging also permits a single rule to be associated with multiple functional areas, if required.

  • Enabling the fine-grained sharing of rules across teams within organisations (i.e. tags could be used to identify which DataStage teams they apply to)

  • Defining rules’ behaviour in different environments (e.g. Workbench vs. CI/CD plans)

...

Here’s an example of a rule definition which incorporates some Tags.

Code Block
# Rule attributes
package datamigrators

# Rule tags (effectively user-defined, free-form attributes)
@Tag("security")            # This rule identifies a potential security vulnerability
@Tag("portability")         # This rule identifies a issues with assets' portability between environments
@Tag("maintainability")     # This rule identifies a potential maintainability issue
@Tag("CorpDataWarehouse")   # This rule is specific to the 'CorpDataWarehouse' team
@Tag("fail-ci")             # This rule is mandatory and so should fail continuous integration if breached

# Rule attributes
@AssetType("data_intg_flow")
package datamigrators

# Rule definition
<blah blah blah>

...

The mettleci compliance test command (available within the Compliance namespace of the MettleCI Command Line Interface) provides -include-tagtags and -exclude-tagtags options to filter the rules which will be used by the command. MettleCI interprets these options so that set of include tags is used first to generate a set of candidate rules, then the set of exclude tags is removed to leave the rules that will be used. In the diagram above, only the rules with tags in set A and NOT in B will be used to select Compliance Rules (formally referred to as the 'relative complement of B in A').

Tags Example

Code Block
$> mettleci compliance test \
   -assets /my/datastage/assets \
   -report "my/compliance/report.xml" \
   -junit \
   -rules /my/compliance/directory \
   -exclude-tags example \
   -project-cache /my/project/cache \
   -ignore-test-failures \
   -test-suite "CI Warnings"

MettleCI Command Line (build 161)
(C) 2018-2022 Data Migrators Pty Ltd
compliance test (v2.2-425)
rules configuration discovered
included rule - 'Adjacent Transformers' (PARALLEL_JOB)
... etc.

Some notes on Tag behaviour:

  • Tags are case insensitive.

  • We strongly recommend that the values your use for Tags employ only alphanumeric characters (0-9, a-Z, A-Z) as Data Migrators can’t guarantee the support for non-alphanumeric tags across all potential possible CI platforms and use cases.

  • The default behaviour of not specifying tagging is that everything is included:

    • Omitting an Include

    tags
    • tag option

    is that
    • results in everything

    is The default behaviour of not specifying any Include or Exclude tag options is that everything is included
    • being included.

  • The default behaviour of not specifying any Exclude tags option is that nothing is excluded.

    • Omitting an Exclude tag option results in nothing being excluded (i.e. everything is included).

    • Omitting Include and Exclude tag options results in everything being included.

  • When at least one tag is specified (either Include or Exclude), Compliance Rules are scanned recursively.

  • When no Include and Exclude tags are specified Compliance Rules are not scanned recursively (existing behaviour).  When at least one tag is specified (either Include or Exclude), rules are scanned recursively.

  • You can use the asterisk (*) character to match all tags so you can use * , which can be a useful technique to trigger recursive scanning when you need it:

    • Specify an Include tag using * (to include everything) and leave Exclude tags blank

    . This will
    • to trigger recursive scanning of rules

    (different from leaving both blank which results in the existing,
    • . This is different to omitting both specifications (or leaving them blank) which would results in shallow, non-recursive

    behaviour).
    • scanning.

  • Multiple tags are expressed as a comma separated list with no spaces. (e.g. -include-tags MyTag,AnotherTag,YetAnotherTag)

Workbench Configuration

The MettleCI Workbench permits you to specify which include and exclude tags will be used when testing your Job’s Compliance interactively from within the Workbench interface.

Image ModifiedImage Modified