Get to know the RADON Framework for IaC Defect Prediction

Nowadays, IT infrastructures are constantly evolving both in size and complexity. However, there is still little known on how to best maintain, evolve, and continuously improve the code behind the Infrastructure-as-Code (IaC) practice; and yet it is picking up more and more traction in different domains. This is actually problematic for organizations where the use of software is essential. As the RADON team mentions ‘infrastructure failures are even more demanding in environments where IT systems are more than just business-critical and where there is no tolerance for downtime.’

In the Deliverable 3.6 Defect prediction tool I, our team presented a software defect prediction tool for IaC to help software practitioners in prioritizing their inspection efforts for IaC scripts by proposing prediction models of defective IaC scripts and investigating the role of code and process metrics for their prediction.

As part of the RADON framework, the Defect Prediction (DP) tool focuses on IaC correctness. It consists of several components to mine open-source repositories to extract quality metrics and features to guide the empirical training and enrichment of the model for defect prediction, and finally predicting possible code smells and errors in IaC blueprints.

The Defect Prediction is envisioned as a tool which is:

  • agnostic to IaC technologies
  • specific to address certain IaC defects, with a focus on code smells.

In the phase of the initial release, the DP targets particularly Infrastructure-as-Code templates and blueprints in Ansible and will be extended to TOSCA blueprints in the project’s third period.

As the RADON team explains, the tool consists of three artefacts, namely a crawler to collect relevant open-source IaC repositories, a repository miner to identify existing defect-free and defect-prone scripts and a defect prediction component to continuously/periodically build a Machine-learning classifier to detect defect-prone scripts.

All DP-related artifacts described in this document are publicly available on GitHub.

You can read the Deliverable 3.6 here.