SR
Uploaded bySven Rautenberg
ODP, PDF333 views

Automatic codefixes

The document discusses the challenges faced by the PHP user group in Munich regarding code automation and maintenance over the past two years, including issues with package creation, coding standards, and the need for better dependency management. It highlights the implementation of automation tools like Jenkins and Greenkeeper.io to facilitate automatic code fixes and updates, as well as the importance of continuous integration. Ultimately, the document emphasizes the benefits of automating tedious processes to improve code quality and workflow efficiency.

Embed presentation

Download to read offline
Automatic Code Fixes PHP User Group Munich 2017-05-24
Stuff we do to our code automatically beyond fixing* PHP User Group Munich 2017-05-24 * which still is a manual process, we won't lose our jobs soon
Having fun doing automation and learning new things PHP User Group Munich 2017-05-24
The situation 2 years ago ● around 120 repositories with internal packages ● around 10 applications using internal and external packages ● hosted on a local Atlassian Stash instance (now Bitbucket) ● local Satis instance to access all packages ● agreed to use PSR-2 coding standard ● had a template repo for new packages (copy&paste ready)
The situation 2 years ago ● someone installed the “Job DSL” plugin on Jenkins – uses Groovy to create/update job configurations and views – first use for a new PHP mobile app project – found useful and applied to some legacy software – allows to create jobs to test every branch
Problems slowly manifesting ● creating new internal packages not straightforward – requires manual addition to Satis ● correctly editing the config file ● on the correct server ● in an SVN repository with gigabytes of data ● hopefully not destroying the internal order of data structures ● BASICALLY: “Ask Sven, he'll do it for you.”
Problems slowly manifesting ● creating new internal packages not straightforward – may require adding the repo under "repositories" ● good for local development with "dev-branch" dependency ● bad everywhere else when merged to prod version, including ● bad for deployment because it will clone the repo, not download ZIP ● bad for intermediate packages ("repositories" is root-only setting)
Problems slowly manifesting ● creating new internal packages not straightforward – meta data was not really maintained ● template has placeholders for “homepage”, “source”, “wiki”, “issues” ● unclear what to fill in ● what to do if not yet available ● how to fill the list of authors – resulting in a Satis overview page with several dead links
Problems slowly manifesting ● PSR-2 standard agreed upon but not enforced – not ideal for code reviews ● wasting peoples brains to complain about whitespace ● becoming insensitive to the issue and stop caring about it – pre-commit hooks are opt-in ● no general way to share them ● requires additional time executing – pre-push hooks keep people from doing their work ● also require execution time ● complain about style at inappropriate step in the workflow
Problems slowly manifesting ● other aspects – maintaining and updating dependencies – checking for insecure versions ● What if we'd need one global aspect of the code checked or changed everywhere?
Beware the tech feedback loop ● people are creative in finding solutions for their problems ● if the tech stack does not allow something to be easy, you'll see workarounds popping up ● adding packages should be easy because isolating common code into a lib is generally better ● also making it impossible to commit/push with “clean” code will create workarounds like “only changed files must be clean” ANNOYING PROCESSES WILL MAKE PEOPLE GET ANGRY AND PUSH BACK
Automation to the rescue!
Hold on for a second!
We do not want yet another Jenkins job complaining about our code.
greenkeeper.io
greenkeeper.io ● maintainer registers a repository with npm dependencies ● greenkeeper detects if dependencies release an update ● sends a pull request with the new version ● travis.ci will automatically test each pull request ● feedback from continous integration if the new version works ● maintainer merges the pull request ● PROFIT
Sending pull requests normal work goes on automatic update in branch code with automatic update
Sending pull requests normal work goes on automatic update in branch code with automatic update repeat regularly
for all repositories Sending pull requests normal work goes on automatic update in branch code with automatic update repeat regularly
Stuff you'll need ● a continous integration environment – Jenkins ● access to your repository server: list repos, create pull requests – Atlassian Stash, Bitbucket Server API ● a way to automatically create jobs on your CI server – Jenkins JobDSL plugin ● ideas what to fix in your code
creator job list of repos one fix job per repo fix job clone one repo branch and fix push fix branch create PR run nightly
Anatomy of a fix job ● clone/update the codefixer repository – contains all the scripts ● run a shell script – clone/update the repository to fix into a subdirectory – apply code fixes and send pull request – run checks and make job red/green
Cloning/updating the repo master git clone -b "$branch" $repo "$WORKSPACE/repo" fresh clone existing clone git checkout "$branch" git reset --hard git fetch --prune git rebase
Apply code fixes master codefix create new branch
Apply code fixes master codefix continue existing branch
Apply code fixes master codefix does it merge?
Apply code fixes mastercodefix start branch new and avoid dealing with conflicts
Apply code fixes ● each code fix assumes an unchanged branch ● change the source according to it's task ● then commit the change with a meaningful message
Apply code fixes ● each code fix assumes an unchanged branch ● change the source according to it's task ● then commit the change with a meaningful message echo "Removing autoload paths outside of the package" php "$WORKSPACE/fixes/remove_autoload_outside_of_package.php" git commit -am "Remove autoloading paths outside of the package"
Send changes to central repo ● only send if the repository allows it – check presence of a file ● only push if something changed – force-push because the branch might be created on a changed master
Create the pull request ● source branch is the codefix branch just pushed ● target branch is master ● reviewers are taken from two sources – the last committer on master – one random selected entry from composer.json author list – all maintainer roles from composer.json
Code checks ● checkout master branch ● run checks ● fail the build if one check fails
CI and human interaction ● Bitbucket informs reviewers about the new pull request ● also notifies Jenkins about the push ● CI system runs tests for the codefix branch ● test results are reported back to Bitbucket ● failing tests will prevent merging the changes via UI ● changes are reviewed and merged manually
Checks vs. fixes ● checks only alert someone about something ● those person has to have time to deal with it ● read the report, checkout the repo, fix the problem ● push, create pull request, find reviewer ● fixes work on their own, all the time
Checks vs. fixes ● checks only alert someone about something ● those person has to have time to deal with it ● read the report, checkout the repo, fix the problem ● push, create pull request, find reviewer ● ● fixes work on their own, all the time ● ● IF POSSIBLE, WRITE A FIX SCRIPT
What to fix ● composer.json – add authors from git – add missing license tag – fix mail adresses – fix platform config – fix source repository link – remove autoload outside package – remove empty arrays – remove git repo entries – add unwanted files/folders to exclude list – update dependencies – update dev-dependencies – update packages
What to fix ● composer.json – add authors from git – add missing license tag – fix mail addresses – fix platform config – fix source repository link – remove autoload outside package – remove empty arrays – remove git repo entries – add unwanted files/folders to exclude list – update dependencies – update dev-dependencies – "composer update"
What to fix ● add or update default CI script ● add .mailmap file ● fix build.xml script ● fix coding style – using php-cs-fixer
What to check ● stuff that's usually too complex to fix automatically ● but is important enough to know about ● works on master – validate composer.json – check for insecure versions – check for minimum versions – check for abandoned packages – check for PHP 7 compatibility
Adding authors and fixing mail addresses ● Bitbucket API allows access to user db with search feature ● previously wrong addresses have been added – which miraculously had a pattern – also due to merger the mail domain changed for everyone ● if composer.json has less than 2 authors, add more from Git – top committers get added – blacklist removes people which left and mailing lists – affects the outcome from pull request creation
Update dependencies ● affects the “require” section ● a central configuration file has the minimum versions we should use for some package – example: minimum version of a SOAP lib because of a new service version ● script will detect the already locked version and update the requirement if possible – previously required: 1.1.0, minimum configured: 1.3.0 – if 1.3.0 or higher is used, script will update composer.json
Composer update ● add pyrech/composer-changelogs ● remove vendor folder ● run composer update --lock –prefer-dist ● pipe changelog output to file ● commit git commit -a -F ../changelog-summary.txt ● let continous integration find any problems
Effects ● commiting coding style fixes will annoy everyone for a while ● possibly turn around your whole code base ● continuously updating dependencies creates pull requests – we limited updates to Mondays :) ● after a while some fixes seem useless – but why remove them if the problem can come back in new code ● automatic merges are the next step – CI should be able to test and greenlight the merge
Thank you! Any questions? Find me on twitter: @SvenRtbg Find me on StackOverflow: SvenRtbg Find me on GitHub: SvenRtbg Find me on Slideshare: SvenRtbg

More Related Content

PDF
Codifying the Build and Release Process with a Jenkins Pipeline Shared Library
byAlvin Huang
 
PDF
Git essentials
byOtto Kekäläinen
 
PDF
Perl Continous Integration
byMichael Peters
 
PDF
Jenkins Declarative Pipelines 101
byMalcolm Groves
 
ODP
Pipeline based deployments on Jenkins
byKnoldus Inc.
 
PPTX
Releasing High Quality Packages - Longhorn PHP 2021
byColin O'Dell
 
PPTX
Jenkins pipeline as code
byMohammad Imran Ansari
 
PDF
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
byEdureka!
 
Codifying the Build and Release Process with a Jenkins Pipeline Shared Library
byAlvin Huang
 
Git essentials
byOtto Kekäläinen
 
Perl Continous Integration
byMichael Peters
 
Jenkins Declarative Pipelines 101
byMalcolm Groves
 
Pipeline based deployments on Jenkins
byKnoldus Inc.
 
Releasing High Quality Packages - Longhorn PHP 2021
byColin O'Dell
 
Jenkins pipeline as code
byMohammad Imran Ansari
 
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
byEdureka!
 

What's hot

PDF
Developing PHP Applications Faster
byAdam Culp
 
PDF
You Were Lied To About Optimization
byChris Tankersley
 
PPTX
Pipeline as code using Jenkins -Ministry of Testing
bySwapnil Jadhav
 
ODP
Introduction to Version Control
byJeremy Coates
 
PDF
Bgoug 2019.11 test your pl sql - not your patience
byJacek Gebal
 
PDF
Jenkins : Pipeline As Code
byShreyas Chaudhari
 
PDF
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
bySteffen Gebert
 
PDF
JUC Europe 2015: The Famous Cows of Cambridge: A Non-Standard Use Case for Je...
byCloudBees
 
ODP
Smolder Introduction
byMichael Peters
 
PPTX
Bootify your spring application
byJimmy Lu
 
PDF
JUC Europe 2015: Jenkins-Based Continuous Integration for Heterogeneous Hardw...
byCloudBees
 
PDF
From Virtual Machines to Containers
bycamunda services GmbH
 
PDF
Building Good Containers for Python Applications
byAll Things Open
 
PPTX
Tuenti Release Workflow v1.1
byTuenti
 
PDF
JUC Europe 2015: Orchestrating Your Pipelines with Jenkins, Python and the Je...
byCloudBees
 
PPTX
Introduction to Git
byJose Emilio Labra Gayo
 
PDF
Jenkins to Gitlab - Intelligent Build-Pipelines
byChristian Münch
 
PDF
Queick: A Simple Job Queue System for Python
byRyota Suenaga
 
PPTX
CI/CD on Android project via Jenkins Pipeline
byVeaceslav Gaidarji
 
PDF
What is version control software and why do you need it?
byLeonid Mamchenkov
 
Developing PHP Applications Faster
byAdam Culp
 
You Were Lied To About Optimization
byChris Tankersley
 
Pipeline as code using Jenkins -Ministry of Testing
bySwapnil Jadhav
 
Introduction to Version Control
byJeremy Coates
 
Bgoug 2019.11 test your pl sql - not your patience
byJacek Gebal
 
Jenkins : Pipeline As Code
byShreyas Chaudhari
 
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
bySteffen Gebert
 
JUC Europe 2015: The Famous Cows of Cambridge: A Non-Standard Use Case for Je...
byCloudBees
 
Smolder Introduction
byMichael Peters
 
Bootify your spring application
byJimmy Lu
 
JUC Europe 2015: Jenkins-Based Continuous Integration for Heterogeneous Hardw...
byCloudBees
 
From Virtual Machines to Containers
bycamunda services GmbH
 
Building Good Containers for Python Applications
byAll Things Open
 
Tuenti Release Workflow v1.1
byTuenti
 
JUC Europe 2015: Orchestrating Your Pipelines with Jenkins, Python and the Je...
byCloudBees
 
Introduction to Git
byJose Emilio Labra Gayo
 
Jenkins to Gitlab - Intelligent Build-Pipelines
byChristian Münch
 
Queick: A Simple Job Queue System for Python
byRyota Suenaga
 
CI/CD on Android project via Jenkins Pipeline
byVeaceslav Gaidarji
 
What is version control software and why do you need it?
byLeonid Mamchenkov
 

Similar to Automatic codefixes

PDF
Create a PHP Library the right way
byChristian Varela
 
PDF
Getting Git Right
bySven Peters
 
PPTX
Releasing High-Quality Packages - php[world] 2018
byColin O'Dell
 
PPTX
Releasing High Quality PHP Packages - ConFoo Montreal 2019
byColin O'Dell
 
PDF
My "Perfect" Toolchain Setup for Grails Projects
byGR8Conf
 
PDF
Migrating from Subversion to Git and GitHub
byMatthew McCullough
 
PDF
Open Source Tools for Leveling Up Operations FOSSET 2014
byMandi Walls
 
PPTX
Essential Tools for Modern PHP
byAlex Weissman
 
PPTX
Ultimate Git Workflow - Seoul 2015
byAtlassian 대한민국
 
PDF
Intro to Git and GitHub
byPanagiotis Papadopoulos
 
KEY
Development tools
byRobert Deutz
 
PDF
Be a Happier Developer with Git / Productive Team #gettinggitright
byShunsuke (Sean) Osawa
 
PDF
CICD_1670665418.pdf
byedsonJeancarloRuedaS
 
PPTX
Git/Github/Bitbucket@TalkIt. Humber college.
byAndrew Romanenco
 
PDF
Care and Feeding of Large Web Applications
byPerrin Harkins
 
PDF
Os Harkins
byoscon2007
 
PPTX
[Mas 500] Software Development Strategies
byrahulbot
 
PDF
Understanding Distributed Source Control
byLorna Mitchell
 
PDF
Updated non-lab version of Level Up. Delivered at LOPSA-East, May 3, 2014.
byMandi Walls
 
PDF
Stop Sucking at Building Stuff!
byPuppet
 
Create a PHP Library the right way
byChristian Varela
 
Getting Git Right
bySven Peters
 
Releasing High-Quality Packages - php[world] 2018
byColin O'Dell
 
Releasing High Quality PHP Packages - ConFoo Montreal 2019
byColin O'Dell
 
My "Perfect" Toolchain Setup for Grails Projects
byGR8Conf
 
Migrating from Subversion to Git and GitHub
byMatthew McCullough
 
Open Source Tools for Leveling Up Operations FOSSET 2014
byMandi Walls
 
Essential Tools for Modern PHP
byAlex Weissman
 
Ultimate Git Workflow - Seoul 2015
byAtlassian 대한민국
 
Intro to Git and GitHub
byPanagiotis Papadopoulos
 
Development tools
byRobert Deutz
 
Be a Happier Developer with Git / Productive Team #gettinggitright
byShunsuke (Sean) Osawa
 
CICD_1670665418.pdf
byedsonJeancarloRuedaS
 
Git/Github/Bitbucket@TalkIt. Humber college.
byAndrew Romanenco
 
Care and Feeding of Large Web Applications
byPerrin Harkins
 
Os Harkins
byoscon2007
 
[Mas 500] Software Development Strategies
byrahulbot
 
Understanding Distributed Source Control
byLorna Mitchell
 
Updated non-lab version of Level Up. Delivered at LOPSA-East, May 3, 2014.
byMandi Walls
 
Stop Sucking at Building Stuff!
byPuppet
 

Recently uploaded

PDF
apidays Paris 2025 | Zero Trust By Design
byapidays
 
PDF
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
PPTX
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
PPTX
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
PDF
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
PDF
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
PDF
Agent Factory -AIOUG Multicloud - Feb 2026
bySandesh Rao
 
PDF
final.pdf
byomarbishtawi04
 
PPTX
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PPTX
Real-Time KPI Dashboard Playbook: What to Track Live and What Not To
byvictorworkvebo
 
PDF
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
PDF
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PDF
AI in the Real World: From University to Industry
byDarvan Shvan
 
PPTX
Exploring-AI-Basics in Artificial Intelligence
bysharmilas219546
 
PDF
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
PDF
AI TOOLS FOR PRODUCTIVITY IN MODERN TIMES.pdf
bySantunu
 
apidays Paris 2025 | Zero Trust By Design
byapidays
 
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
Agent Factory -AIOUG Multicloud - Feb 2026
bySandesh Rao
 
final.pdf
byomarbishtawi04
 
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
Real-Time KPI Dashboard Playbook: What to Track Live and What Not To
byvictorworkvebo
 
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
AI in the Real World: From University to Industry
byDarvan Shvan
 
Exploring-AI-Basics in Artificial Intelligence
bysharmilas219546
 
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
AI TOOLS FOR PRODUCTIVITY IN MODERN TIMES.pdf
bySantunu
 

Automatic codefixes

  • 1.
    Automatic Code Fixes PHP UserGroup Munich 2017-05-24
  • 2.
    Stuff we doto our code automatically beyond fixing* PHP User Group Munich 2017-05-24 * which still is a manual process, we won't lose our jobs soon
  • 3.
    Having fun doingautomation and learning new things PHP User Group Munich 2017-05-24
  • 4.
    The situation 2years ago ● around 120 repositories with internal packages ● around 10 applications using internal and external packages ● hosted on a local Atlassian Stash instance (now Bitbucket) ● local Satis instance to access all packages ● agreed to use PSR-2 coding standard ● had a template repo for new packages (copy&paste ready)
  • 5.
    The situation 2years ago ● someone installed the “Job DSL” plugin on Jenkins – uses Groovy to create/update job configurations and views – first use for a new PHP mobile app project – found useful and applied to some legacy software – allows to create jobs to test every branch
  • 6.
    Problems slowly manifesting ●creating new internal packages not straightforward – requires manual addition to Satis ● correctly editing the config file ● on the correct server ● in an SVN repository with gigabytes of data ● hopefully not destroying the internal order of data structures ● BASICALLY: “Ask Sven, he'll do it for you.”
  • 7.
    Problems slowly manifesting ●creating new internal packages not straightforward – may require adding the repo under "repositories" ● good for local development with "dev-branch" dependency ● bad everywhere else when merged to prod version, including ● bad for deployment because it will clone the repo, not download ZIP ● bad for intermediate packages ("repositories" is root-only setting)
  • 8.
    Problems slowly manifesting ●creating new internal packages not straightforward – meta data was not really maintained ● template has placeholders for “homepage”, “source”, “wiki”, “issues” ● unclear what to fill in ● what to do if not yet available ● how to fill the list of authors – resulting in a Satis overview page with several dead links
  • 9.
    Problems slowly manifesting ●PSR-2 standard agreed upon but not enforced – not ideal for code reviews ● wasting peoples brains to complain about whitespace ● becoming insensitive to the issue and stop caring about it – pre-commit hooks are opt-in ● no general way to share them ● requires additional time executing – pre-push hooks keep people from doing their work ● also require execution time ● complain about style at inappropriate step in the workflow
  • 10.
    Problems slowly manifesting ●other aspects – maintaining and updating dependencies – checking for insecure versions ● What if we'd need one global aspect of the code checked or changed everywhere?
  • 11.
    Beware the techfeedback loop ● people are creative in finding solutions for their problems ● if the tech stack does not allow something to be easy, you'll see workarounds popping up ● adding packages should be easy because isolating common code into a lib is generally better ● also making it impossible to commit/push with “clean” code will create workarounds like “only changed files must be clean” ANNOYING PROCESSES WILL MAKE PEOPLE GET ANGRY AND PUSH BACK
  • 12.
  • 13.
    Hold on fora second!
  • 14.
    We do notwant yet another Jenkins job complaining about our code.
  • 15.
  • 16.
    greenkeeper.io ● maintainer registersa repository with npm dependencies ● greenkeeper detects if dependencies release an update ● sends a pull request with the new version ● travis.ci will automatically test each pull request ● feedback from continous integration if the new version works ● maintainer merges the pull request ● PROFIT
  • 17.
    Sending pull requests normalwork goes on automatic update in branch code with automatic update
  • 18.
    Sending pull requests normalwork goes on automatic update in branch code with automatic update repeat regularly
  • 19.
    for all repositories Sendingpull requests normal work goes on automatic update in branch code with automatic update repeat regularly
  • 21.
    Stuff you'll need ●a continous integration environment – Jenkins ● access to your repository server: list repos, create pull requests – Atlassian Stash, Bitbucket Server API ● a way to automatically create jobs on your CI server – Jenkins JobDSL plugin ● ideas what to fix in your code
  • 22.
    creator job list ofrepos one fix job per repo fix job clone one repo branch and fix push fix branch create PR run nightly
  • 23.
    Anatomy of afix job ● clone/update the codefixer repository – contains all the scripts ● run a shell script – clone/update the repository to fix into a subdirectory – apply code fixes and send pull request – run checks and make job red/green
  • 24.
    Cloning/updating the repo mastergit clone -b "$branch" $repo "$WORKSPACE/repo" fresh clone existing clone git checkout "$branch" git reset --hard git fetch --prune git rebase
  • 25.
  • 26.
  • 27.
  • 28.
    Apply code fixes mastercodefix startbranch new and avoid dealing with conflicts
  • 29.
    Apply code fixes ●each code fix assumes an unchanged branch ● change the source according to it's task ● then commit the change with a meaningful message
  • 30.
    Apply code fixes ●each code fix assumes an unchanged branch ● change the source according to it's task ● then commit the change with a meaningful message echo "Removing autoload paths outside of the package" php "$WORKSPACE/fixes/remove_autoload_outside_of_package.php" git commit -am "Remove autoloading paths outside of the package"
  • 31.
    Send changes tocentral repo ● only send if the repository allows it – check presence of a file ● only push if something changed – force-push because the branch might be created on a changed master
  • 32.
    Create the pullrequest ● source branch is the codefix branch just pushed ● target branch is master ● reviewers are taken from two sources – the last committer on master – one random selected entry from composer.json author list – all maintainer roles from composer.json
  • 33.
    Code checks ● checkoutmaster branch ● run checks ● fail the build if one check fails
  • 34.
    CI and humaninteraction ● Bitbucket informs reviewers about the new pull request ● also notifies Jenkins about the push ● CI system runs tests for the codefix branch ● test results are reported back to Bitbucket ● failing tests will prevent merging the changes via UI ● changes are reviewed and merged manually
  • 35.
    Checks vs. fixes ●checks only alert someone about something ● those person has to have time to deal with it ● read the report, checkout the repo, fix the problem ● push, create pull request, find reviewer ● fixes work on their own, all the time
  • 36.
    Checks vs. fixes ●checks only alert someone about something ● those person has to have time to deal with it ● read the report, checkout the repo, fix the problem ● push, create pull request, find reviewer ● ● fixes work on their own, all the time ● ● IF POSSIBLE, WRITE A FIX SCRIPT
  • 37.
    What to fix ●composer.json – add authors from git – add missing license tag – fix mail adresses – fix platform config – fix source repository link – remove autoload outside package – remove empty arrays – remove git repo entries – add unwanted files/folders to exclude list – update dependencies – update dev-dependencies – update packages
  • 38.
    What to fix ●composer.json – add authors from git – add missing license tag – fix mail addresses – fix platform config – fix source repository link – remove autoload outside package – remove empty arrays – remove git repo entries – add unwanted files/folders to exclude list – update dependencies – update dev-dependencies – "composer update"
  • 39.
    What to fix ●add or update default CI script ● add .mailmap file ● fix build.xml script ● fix coding style – using php-cs-fixer
  • 40.
    What to check ●stuff that's usually too complex to fix automatically ● but is important enough to know about ● works on master – validate composer.json – check for insecure versions – check for minimum versions – check for abandoned packages – check for PHP 7 compatibility
  • 41.
    Adding authors andfixing mail addresses ● Bitbucket API allows access to user db with search feature ● previously wrong addresses have been added – which miraculously had a pattern – also due to merger the mail domain changed for everyone ● if composer.json has less than 2 authors, add more from Git – top committers get added – blacklist removes people which left and mailing lists – affects the outcome from pull request creation
  • 42.
    Update dependencies ● affectsthe “require” section ● a central configuration file has the minimum versions we should use for some package – example: minimum version of a SOAP lib because of a new service version ● script will detect the already locked version and update the requirement if possible – previously required: 1.1.0, minimum configured: 1.3.0 – if 1.3.0 or higher is used, script will update composer.json
  • 43.
    Composer update ● addpyrech/composer-changelogs ● remove vendor folder ● run composer update --lock –prefer-dist ● pipe changelog output to file ● commit git commit -a -F ../changelog-summary.txt ● let continous integration find any problems
  • 44.
    Effects ● commiting codingstyle fixes will annoy everyone for a while ● possibly turn around your whole code base ● continuously updating dependencies creates pull requests – we limited updates to Mondays :) ● after a while some fixes seem useless – but why remove them if the problem can come back in new code ● automatic merges are the next step – CI should be able to test and greenlight the merge
  • 45.
    Thank you! Any questions? Findme on twitter: @SvenRtbg Find me on StackOverflow: SvenRtbg Find me on GitHub: SvenRtbg Find me on Slideshare: SvenRtbg