ispo-working-group
ispo-working-group copied to clipboard
InnerSourceCommons
InnerSource Project linter / automated project readiness checks
At SAP we are working on an InnerSource project linter, the idea behind this task is to surface the concept and checks we are using that would fit InnerSource in general.
Checks
Here we collect possible checks that a linter could/should automate:
README.mdand its structure- Community health files (e.g.
CONTRIBUTING.md,SUPPORT.md,CODE_OF_CONDUCT.md)- Reference - see the InnerSource Pattern Standard Base Documentation
SECURITY.mdCHANGLOG.md(https://changelog.md/)- repository topics (e.g. SAP uses
innersourceto indicate a repo represents and InnerSource project/component) CODEOWNERS, branch protection rules- Repository description
- Number of maintainers (e.g. not too many, not to few)
- Machine readable SLAs to be enforced
- This is an idea, it probably already exits, but if not, might be worth looking into it
- A metadata file (e.g.
sla.yml) or section into existing metadata files, that describe the project's SLA (e.g time to first reply, time to review PR), etc...
Current status at SAP
SAP has built an in-house solution (Java). It works in two ways:
- A GitHub App that projects can install, it will then run periodic checks on their repositories and create a "Dashboard Issue" (inspired on Renovate), to show the results of the checks and how to solve them, including the automated proposal of solutions (e.g., creating a Draft PR with contribution guidelines based on templates).
- Scanning all repositories that have the topics
innersourceorinner-sourceand running a "basic lint" (checks that can be done without the installation of the app), and creating an issue with the results + recommendation to install the app
Number 1 did not have a lot of adoption yet. Number 2 is not yet used productively but it will launch soon and it consider it an "automated roll out" to leverage adoption as in 1.
The Status as of November 2024 was presented in the InnerSource Summit 2024 with the presentation Repository Linter@SAP.
Related projects and Existing solutions
- https://sap.github.io/fosstars-rating-core/
- https://github.com/todogroup/repolinter
- Fork from Philips: https://github.com/philips-forks/repolinter
- https://github.com/amosproj/amos2021ss04-is-project-linter
Thanks, Gerardo! Do you mean that about this particular issue or the overall ISPO working group board?
Here's an idea for part of the readiness checks.
https://github.com/pengwynn/flint
I ran it against our ispo-working-group repo and here's the output.
flint
[WARNING] CHANGELOG not found
[INFO] Add a changelog to show what's new or improved with each release. http://keepachangelog.com/
[WARNING] Bootstrap script not found
[INFO] A bootstrap script makes setup a snap. http://bit.ly/JZjVL6
[WARNING] Test script not found
[INFO] Make it easy to run the test suite regardless of project type. http://bit.ly/JZjVL6
[WARNING] CODE_OF_CONDUCT not found
[INFO] Let people know what to expect when they participate in the project
@rrrutledge has someone to assign to this in the summer if nobody else has a chance to get to it.
@voongc says: We've been looking at CMS OSPO's repo-scaffolder that is based on this maturity model. Fosstars also looks really interesting!
https://github.com/github/automatic-contrib-prs From Slack: https://innersourcecommons.slack.com/archives/C04DT6NQX7G/p1713388645954299
Remy Decausemaker and team did a presentation at OSS - North America on repo-scaffolder (which I believe uses repolinter). Looked like good stuff.
@dellagustin to have a presentation to describe the tooling.
Maybe a pattern describing why do do this as a deliverable?