Plugin Health Scoring at DevOps World 2022
In the Jenkins ecosystem, there are over 1800 plugins. The plugins are not equal in terms of their quality, maintenance or support. As an instance administrator or an engineer working in a shared service team, determining which plugins are of good quality can be complicated. When someone asks you to install a plugin, what should you check before installing it? If you are a maintainer, what should you prioritize and focus on first when improving your plugin?
It’s really easy to get lost, confused and just install any plugin requested. This leads to instances running plugins that are not supported by anyone, having instances with hundreds of plugins, while most of them are not really used. All this makes the upgrade process more complicated, creates regressions, and leads to general displeasure. Is there a better way to indicate the quality and activity of a plugin? We think so.
During this year’s Google Summer of Code event, Adrien Lecharpentier, Aditya Srivastava, and myself have been working with contributor Dheeraj Singh Jodha on building the foundation for a Plugin Health Scoring System for Jenkins plugins.
The idea of this system is to come up with a composite score for each plugin. This final score will be calculated from multiple probes that cover every area of what makes a great plugin; such as maintainer activity, security, open bugs, automation, code coverage and other best practices. Each of these probes will have different weights, commonly agreed upon by the Jenkins community, associated with them as some probes are more important than others at any given time. One key aspect we are keeping in mind while building the foundation is the flexibility and adaptability of changing these probes. This is extremely important for this project, for as time goes on, probes will be removed or added, weights of the probes will change as best practices get more widely adopted across the plugin ecosystem and new ways of doing things inevitably become mainstream.
Whether you are the end user getting a more secure, stable, and quality plugin, administrator being more informed on the plugins, or open source maintainers getting more guidance on how to make an awesome plugin, we think that the plugin health scoring system will be a net benefit to the Jenkins project and provide value to various roles and people.
Thursday, September 29, 2022 @ 1:45PM
Runxia Ye and myself will be presenting this topic at this year’s DevOps World 2022. Join us on Thursday, September 29th at 1:45 pm for this presentation where we will discuss in detail the ins and outs of this project and the benefits it will bring to the Jenkins community. We also welcome you to provide feedback on our project’s Gitter channel and follow the project on GitHub.