Successfully reported this slideshow.
Your SlideShare is downloading. ×

Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad

Check these out next

1 of 32 Ad

Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)

Download to read offline

Background. Containerization technologies are widely adopted in the DevOps workflow. The most commonly used one is Docker, which requires developers to define a specification file (Dockerfile) to build the image used for creating containers. There are several best practice rules for writing Dockerfiles, but the developers do not always follow them. Violations of such practices, known as Dockerfile smells, can negatively impact the reliability and the performance of Docker images. Previous studies showed that Dockerfile smells are widely diffused, and there is a lack of automatic tools that support developers in fixing them. However, it is still unclear what Dockerfile smells get fixed by developers and to what extent developers would be willing to fix smells in the first place.
Objective. The aim of our exploratory study is twofold. First, we want to understand what Dockerfiles smells receive more attention from developers, i.e., are fixed more frequently in the history of open-source projects. Second, we want to check if developers are willing to accept changes aimed at fixing Dockerfile smells (e.g., generated by an automated tool), to understand if they care about them.
Method. In the first part of the study, we will evaluate the survivability of Dockerfile smells on a state-of-the-art dataset composed of 9.4M unique Dockerfiles. We rely on a state-of-the-art tool (hadolint) for detecting which Dockerfile smells disappear during the evolution of Dockerfiles, and we will manually analyze a large sample of such cases to understand if developers fixed them and if they were aware of the smell. In the second part, we will detect smelly Dockerfiles on a set of GitHub projects, and we will use a rule-based tool to automatically fix them. Finally, we will open pull requests proposing the modifications to developers, and we will quantitatively and qualitatively evaluate their outcomes.

Giovanni Rosa, Simone Scalabrino, and Rocco Oliveto (University of Molise)

https://arxiv.org/abs/2208.09097

Background. Containerization technologies are widely adopted in the DevOps workflow. The most commonly used one is Docker, which requires developers to define a specification file (Dockerfile) to build the image used for creating containers. There are several best practice rules for writing Dockerfiles, but the developers do not always follow them. Violations of such practices, known as Dockerfile smells, can negatively impact the reliability and the performance of Docker images. Previous studies showed that Dockerfile smells are widely diffused, and there is a lack of automatic tools that support developers in fixing them. However, it is still unclear what Dockerfile smells get fixed by developers and to what extent developers would be willing to fix smells in the first place.
Objective. The aim of our exploratory study is twofold. First, we want to understand what Dockerfiles smells receive more attention from developers, i.e., are fixed more frequently in the history of open-source projects. Second, we want to check if developers are willing to accept changes aimed at fixing Dockerfile smells (e.g., generated by an automated tool), to understand if they care about them.
Method. In the first part of the study, we will evaluate the survivability of Dockerfile smells on a state-of-the-art dataset composed of 9.4M unique Dockerfiles. We rely on a state-of-the-art tool (hadolint) for detecting which Dockerfile smells disappear during the evolution of Dockerfiles, and we will manually analyze a large sample of such cases to understand if developers fixed them and if they were aware of the smell. In the second part, we will detect smelly Dockerfiles on a set of GitHub projects, and we will use a rule-based tool to automatically fix them. Finally, we will open pull requests proposing the modifications to developers, and we will quantitatively and qualitatively evaluate their outcomes.

Giovanni Rosa, Simone Scalabrino, and Rocco Oliveto (University of Molise)

https://arxiv.org/abs/2208.09097

Advertisement
Advertisement

More Related Content

Recently uploaded (20)

Advertisement

Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)

  1. 1. Fixing Dockerfile Smells: An Empirical Study Giovanni Rosa, Simone Scalabrino and Rocco Oliveto University of Molise, Italy ICSME ’22 Registered Reports - Oct 6th 2022 Limassol, Cyprus
  2. 2. Containerization, how it works? Build Ship Run Software containers
  3. 3. Containers in production environments 2020 2023 2025 85% of organizations will adopt containers
  4. 4. Why Docker? #1 Most-Wanted and #1 Most Loved tool
  5. 5. Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
  6. 6. Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
  7. 7. Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
  8. 8. Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
  9. 9. Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
  10. 10. How to measure Dockerfile quality? I’M FLAWLESS!
  11. 11. Haskell Dockerfile Linter How to measure Dockerfile quality?
  12. 12. Dockerfile smells Smells in Dockerfiles
  13. 13. Smells can negatively affect Docker images Image size Build reliability Security vulnerabilities
  14. 14. 84% of 70000 Dockerfiles contain smells 2017 Cito et. al
  15. 15. “Version pinning smell is the biggest quality issue […] there is a declining trend of Dockerfile smells” Eng et. al 2021
  16. 16. It is not clear what smells are relevant and need to be fixed
  17. 17. Lack of advanced supporting tools for developers It is not clear what smells are relevant and need to be fixed
  18. 18. Empirical Study
  19. 19. Smell survivability Empirical Study
  20. 20. Smell survivability Fix recommendations Empirical Study
  21. 21. How do developers fix Dockerfile smells? RQ 1
  22. 22. RQ1 9.4M unique Dockerfiles from 2013 to 2020 Dockerfile snapshots over time
  23. 23. Smell survivability RQ1 Extraction of smell-fixing commits Dockerfile snapshots over time
  24. 24. RQ1 Extraction of smell-fixing commits Dockerfile snapshots over time Manual validation (1000 commits)
  25. 25. Manual validation smelly not smelly smelly not smelly
  26. 26. Extraction of smell-fixing commits Dockerfile snapshots over time Manual validation (1000 commits) Smell survivability RQ1
  27. 27. Which Dockerfile smells are developers willing to address? RQ 2
  28. 28. Eng et. al 2021 8+ smells RQ2 11.5M commits Most frequent and fixed smells
  29. 29. hadolint wiki RQ2 Most frequent and fixed smells Rule-based Refactoring tool
  30. 30. RQ2 Most frequent and fixed smells Rule-based Refactoring tool Refactoring recommendations Responses from developers
  31. 31. Not Accepted Accepted Pending Response status RQ2 Most frequent and fixed smells Rule-based Refactoring tool Refactoring recommendations Responses from developers Evaluation
  32. 32. Giovanni Rosa University of Molise, Italy giovanni.rosa@unimol.it Summary

×