Code analysis policy management

Code analysis policies are a set of rules that you can apply to different projects allowing flexibility when introducing coding standards.

To improve the code quality, as an administrator you can:
  • Create policies with different rules.
  • Apply different policies to different folders on the Automation page.
  • Easily access the policy rule details while managing code analysis policies.

Enable code analysis policy

As an administrator, you can enable code analysis policy by navigating to Administration > Settings > Policies tab. Click Edit to enable the code analysis policy. When you enable code analysis policy:

  • Code analysis automatically runs on all the botsin the public workspace that have Not Scanned status and reside in folders that are assigned code analysis policy. This provides visibility on coding best practices for the bots in the public workspace. Code analysis runs every five minutes and scans 1000 bot files in five minutes.
  • Code analysis is invoked when you save a bot in the Bot editor.
  • Code analysis results summary is visible on the Automation page.
  • Code analysis results are displayed in the Assistant tab.
  • Run code analysis icon is available from the row level action on the Automation page. Running code analysis from the Automation page enables you to download the code analysis violation report.

When you disable code analysis policy, the code analysis functions and features are not available.

Performance impact of background scanning

The automated scanning for code analysis is a background job that runs in the Control Room. It runs every five minutes and scans files in batches of 1000.

To minimize the impact on Control Room performance, automated code analysis runs only on a single Control Room node (in case of multi-node deployments). Only one background scanning job is run at a time, that is the job runs until it is complete before another instance of the job is launched. The background job scans the files sequentially one by one, so the maximum number of files being scanned by the background job at any given time is only one.

Given below are the conditions when a full scan of the entire public repository is initiated:
  • Policy is added to the root folder.
  • Policy applied to the root folder changes.
  • Policy is added or changed on all folders in the public repository.
Note:
  • For larger repositories, the background scanning job will take several hours to scan.
  • Only files with Not Scanned status are scanned with automated code analysis and if you change policies, all the files within folders that have the updated policies will be set to Not Scanned status.

Regardless of whether code analysis is enabled or disabled, you can still create multiple policies and assign those policies to different folders in the Automation page.

The following video displays how to enable the code analysis policy:

Create and assign code analysis policy

You can configure multiple named policies for code analysis. With this feature, you can create different policies with different rules configured with different settings and different severity levels. You can use these named code analysis policies to define different code quality standards and apply to different automation projects by assigning the policy to specific folders. This provides the flexibility to gradually introduce code quality standards on existing and older projects and also apply more firmer standards on newer projects.

You need the View policies and Manage policies permissions to set up a code analysis policy. These permissions allow you to view, edit, and assign policies that define how developers can build automations. The Manage policies permission allows the assignment of policies to folders for which you have access.

The Administration > Policies page has two tabs; Policies and Assign. You can create and name these policies in the Policies tab. You can create any number of policies. You can search for any policy using the search tool at the top. You can use either the policy name or description in the policy selector window to search for a policy. You can also view, edit, and delete any policies by clicking the actions menu (vertical ellipses) on the right and selecting the appropriate action.

Use the Assign tab to assign a policy to a folder on the Automation page. You can optionally remove the assigned policy on any folder by clicking the actions menu (vertical ellipses) on the right and selecting the Unassign policy.

Policy summary pop-up: The policy summary pop-up provides a quick and easy reference to the rule details defined in the policy and their severity. With this pop-up, it is easier to understand which policy is applied to different folders without navigating back and forth between policy and assign tabs in the policy manager. It also helps you quickly decide which policy you want to assign to a particular folder.

This policy summary pop-up is provided in the following tabs:
  • Policy tab: Click the number of rules.
  • Assign tab: Click either the assigned policy or the number of rules in the Assign policy option.

Policy behavior on folder operations

The following table describes the behavior of the polices when certain operations are performed on the folder.
Folder operation Policy behavior
Create Folder inherits the policy from the nearest parent folder
Rename Folder retains the current policy
Move Folder either retains the current policy or inherits the policy from the nearest parent folder
Delete The policy assigned to the folder is removed

When you run code analysis on a bot, it uses the applicable policy for the folder (assigned or inherited) where the bot is located.