This report is prepared to have a fair idea on the application after the initial run/out of the box/ minimal configuration of the app. This report contains the details of the application size, transaction coverage, imaging view and missing components. (Approximately the time required to prepare this report is 60 mins to 90 mins).
Make sure that any screenshots added to the document are not re-sized and always ensure that screenshots should be in the readable format.
Aim of the Document:
Having a clear view on out of the box analysis/Initial analysis with minimal configuration
Collecting data for further analysis, like missing code, missing entry/exit point and defining the scope of the application boundary
Providing visibility on next steps of analysis
From operator perspective:
Have the out of the box data of the application and compare this data after on-boarding finalization, this will help to provide feedback to the product team.
Listing the next actions to be taken for on-boarding/deep analysis
Questions to be shared with PM/Client
Define application boundaries and share the assumptions made with PM/Client
From PM Perspective:
Having quickly some screenshot of analysis
Having quickly some rough idea of quality
Having quickly some data to share with customer/client.
Collecting possible important point to share with customer, and/or preparing possible meetings for missing information
Generic Information
Always use the latest version of the Imaging Console: The latest version on which we have tested is Imaging Console 2.9.0 with Core AIP 8.3.52.
Product team always suggests using the On-boarding using Fast Scan, in some exception cases we can use the on-boarding without fast scan.
Extensions to be force Installed.
Missing Tables extensions: This will give the list of Missing tables for J2EE/.NET/NoSQL. For Mainframe we need to use the UC extension for now. Go to the link below and install the missing tables extension based on the technologies used in the application.
Add the application name in the format <Account Name>: <Application Name>
Date
Slide 2: Agenda
Agenda: No changes required (based on the app requirement user can make changes)
Slide 3: Application Discovery Proces
No need to make any changes in the application discovery process steps as these steps are common to all application.
Imaging dashboard: Screenshot of the Imaging which showcases the application architecture (preferably Level 3)
Health Dashboard and Engineering Dashboard: Screenshots of the HD and ED
Slide 4: Source code discovery report
Add the screenshot/table which gives the details of the application size, no, of files delivered and size of the code if available (Screenshot is available in the fast scan on-boarding and table has to be created manually in the on-boarding without fast scan)
Architecture preview screenshot from console
Frameworks identified. (List available in the application Overview of the Imaging Console)
Detailed Database Artifacts can be taken from the SQL analysis logs file; these details are present at the end of the log.
Slide 5: Analysis Report
Change the words which are highlighted in Yellow.
Add the screenshot of the Analysis Report, this is readily available in the Imaging Console Overview Page.
Add the screenshot of the File Filter, these are the exclusions which are performed before running the deep analysis (in case of Fast Scan), in the on-boarding without Fast scan, these details are present in the exclusions during the add version phase.
Download the Analysis report from the Imaging Console Overview Page, there is a download report icon on the right-hand side of the Analysis Report.
Attach the downloaded report by re-naming the file to Analysis_Report_<APPNAME>.xlsx
This report contains the details of the analyzed, unanalyzed and excluded files.
Go the details sheet in the report and add a filter on the column E (Status), we will have different filters like Analyzed, Not Analyzed, Excluded and Not Analyzed - Exclude Third-party Code
Analyzed Files are the ones which have been considered by analyzer.
Not Analyzed - Exclude Third-party Code: These are the files which are excluded by the CAST Analyzers due to extension properties.
Excluded files are the ones which are not considered for analysis, and these are due to the added file filters before deep analysis.
Not Analyzed: These are the files which are considered for analysis but not analyzed, we need to look at these files and add details why these files are not analyzed, something like files not referred in the project file, not supported by CAST, text files, static code files, etc.
Slide 6: Entry points
List the entry points configured for the app.
Also add the details of how many objects are part for each entry point, how many are valid and how many are empty.
How to Generate the entry points tables
User has to export the files from the transactions.
Go to Imaging Console >> Transactions >>Transactions View.
Download the CSV using the Download Icon (Cloud symbol) and open the CSV
Delete the last column named "Excluded", add a new column named Total, this is the sum of the columns "Data Entities" and "End Points".
Now insert a pivot table with Row as "Type", Value as "Full Name", Filter as "Total (New column created)"
Now using the pivot table, complete the Entry points table which is present in the PPTX
Filter can be used to get the valid and empty transactions count (If we select 0 in the filter, this is no, of empty transactions, rest other are no. of valid transactions)
Limitation: The type will not match with the entry point names which are defined in the rules of Imaging Console>>Transactions>>Rules
Slide 7: Exit Points
List the exit/end points configured.
Add the details of the how many objects are part of each exit point especially for the database (No. of tables, no of table part of the transaction and no. of table not part of the transaction)
If there are many exit points which are configured by default, download the list from Console and attach the excel sheet and list down few important ones in the slide.
Sample Worksheet has been attached for reference in the sample report.
How to create the Exit Point Table and sheet attached
Go to Imaging Console >> Transactions >> Transaction end points
Download the CSV using the download icon (Cloud Symbol)
Open the CSV and remove the column B (Package)
Using the Column A (Name) and Column B (Objects), fill the table in the PPTX (Add only the important end points in the table)
Convert the CSV to XLSX format and attach in the PPTX.
Add the number of Tables, this can be obtained from slide 4 (This should be the first end/exit point in the list)
Slide 8: Missing source code and database
List of the missing objects has to be provided.
Please provide the list in the same format as attached in the sample report.
To get this list, user has to go through the log warnings and sometimes warnings may be due to bad configurations.
To ensure that the artifacts are really missing in the delivered code, we need to cross check the missing code with the delivered code rather than deployed code.
Sample Worksheet is attached in the sample report for reference.
List of missing Tables
We now have missing table extension for most of the major technologies, this extension has to be installed during the analysis and list of missing tables has to be provided in the same format as attached in the sample report.
Sample Worksheet is attached in the sample report for reference.
Users can find the missing tables in the reports section in the Imaging Console or the other way to get the list of Missing Tables is to go to the Imaging Console
Go to Transactions View >> Rules >> Transactions End Points
Find the Standard end point with the name "Standard End Point - SQL Missing Table", On the right click on the three dots (More) and Click Check Content
This will give a pop up with the list of Missing Tables and you can download this report using the Download CSV icon (Cloud)
How to find actual missing source code
For Java:
Get list of missing components full name from logs
Get details for jar file contents by full name, also get all full names which are analyzed
Do a lookup in excel to see if any of the reported missing component in log is actually found in jar file content
Remove the ones which are present in jar and then share the list with customer
Note: Make sure to change configurations to consider those jar files for analysis which are having missing components - not recognized by logs
For Mainframe
Below extensions will help in getting missing code details.
DOTNET.0150: Address first the corresponding DOTNET.0142 Message, if any corresponding. Provide the missing dll, nupkg file, or user project.
DOTNET.0147: Provide the missing dll.
DOTNET.0142: Provide the missing .nupkg file with the sources of the application. Once downloaded from Nuget Gallery (https://www.nuget.org/), the .nupkg file should be provided with the source code in the root folder.
DOTNET.0038: Add missing project.
DOTNET.0001: During the delivery of the source code, ensure that the framework assemblies are delivered and check that mscorlib is delivered as well. Note that if you are using ≥ 1.1 of the .NET Analyzer extension, CAST provides some specific frameworks and third party packages with the extension, which will automatically be "used" during an analysis - as such, no specific package is required for these. However, as it is not necessary to package the frameworks and third party packages used by your source code, missing library/assembly alerts for these items will be generated during the packaging action. The alerts can be safely ignored if the alert references an item that CAST provides in the extension. See the section Dependent frameworks and third-party packages provided in the extension documentation for more information and for a list of the specific frameworks and third party packages provided with the extension.
CS0234: Ensure that all required source code is packaged and delivered. If you are using release ≥ 1.1 of the .NET Analyzer extension, CAST provides some specific frameworks and third party packages with the extension, which will automatically be "used" during an analysis - as such, no specific package is required for these assemblies. However, as it is not necessary to package the frameworks and third party packages used by your source code, missing library/assembly alerts for these items will be generated during the packaging action. The alerts can be safely ignored if the alert references an item that CAST provides in the extension. See the section Dependent frameworks and third-party packages provided in the extension documentation for more information and for a list of the specific frameworks and third party packages provided with the extension. Since release ≥ 1.2.4 of the .NET Analyzer extension, this message is available only in debug mode. In normal mode, multiple occurrences of CS0234 are replaced by a single DOTNET.150 message for one symbol per project.
Slide 9: Architecture Overview
No changes required except the screenshots of the imaging. This screenshot can be obtained from the Imaging (Welcome Page: Select the "Technologies" under section "Do you want to learn about your application?")
You can hide the external objects to get a better view of Technologies and also capture the Object Types present in the same view on the right-hand side.
Make sure that the screenshots are in readable format.
Slide 10 : Architecture overview – Frameworks
Add the application frameworks screenshot of the application from Imaging and its related objects from the list of the objects.
This screenshot can be obtained from the Imaging (Welcome Page: Select the "Frameworks" under section "Do you want to learn about your application?")
You can hide the external objects to get a better view of Technologies and also capture the Object Types present in the same view on the right-hand side.
Slide 11: Project Structure
This view can be obtained from Imaging (Welcome Page: Select the "Project Structure" under section "Do you want to learn about your application?")
In order to get this view in Imaging, user need to install the extension "Architecture Discovery" (com.castsoftware.architecture) before running the analysis.
Even after installing this extension and analyzing the application, if user is not able to see this view in imaging, then user has to verify the "Run extension after analysis" log file and validate if there are any warnings or errors related to this extension. Also verify if there are any other warnings or errors related to any extensions, if there are warnings or errors, please raise Zendesk ticket to rectify these warnings or errors as this will have an impact on the results.
Slide 12: Database View
Choose an object which is an end point (preferably table) and showcase the data call graph (Table to entry point). Add the call graph screenshot and do not change the aspect ratio of the graph.
Add the details of the data call graph in the description (table name): Highlighted in the sample report.
This screenshot can be obtained from the Imaging (Welcome Page: Select the "Investigate Data Call Graphs" under section "Do you want to implement changes in code?")
You can avoid adding the high-level screenshot if the slide looks clumsy.
If the user is not able to find the Database View in Imaging, then user has to check the transaction configurations and see if there is a DB delivered for the app and user has configured the DB properly.
Slide 13: Transaction View
Similar to Database view, choose an appropriate entry point which showcases the transaction call graph from entry point to end point.
Add the description of then entry point and screenshots of the call graph. Highlighted in the sample report.
Choose the entry point wisely which showcases most of the frameworks/technologies used in the application. Do not modify the aspect ratio of the call graph (if required use the shortest path to showcase the view)
This screenshot can be obtained from the Imaging (Welcome Page: Select the "Investigate Transactions" under section "Do you want to implement changes in code?")
You can avoid adding the high-level screenshot if the slide looks clumsy.
If the user is not able to find the Transaction View in imaging, then the user has to check the transaction configurations and see if there are valid transactions, Imaging displays only valid transactions.
Slide 14: Cloud Readiness
This view is obtained from Imaging (Welcome Page: Select "Cloud Readiness" under section "Do you want to know if your application is cloud-ready?")
This View is visible only if HL2MRI extension is part of the analysis.
Do not change the description as this is standard for the could readiness.
Add a screenshot of the Cloud readiness details of the application from imaging and make sure that screenshot is nor clumsy and blockers/boosters are in readable format.
If user is not able to find the Cloud Readiness view in the Imaging, then user has to check the logs "Extensions before analysis" and "Run extensions after analysis" and check if the log has any warnings or errors related to extension "com.castsoftware.highlight2mri", if there are any warnings/errors, check with the support team and get the issue resolved, post this you will have to re-run the analysis and upload the results to imaging once the issue is resolved.
Slide 15: Containerization Insights
This view is obtained from Imaging (Welcome Page: Select "Containerization Insights" under section "Do you want to know if your application is cloud-ready?")
This View is visible only if HL2MRI extension is part of the analysis.
Do not change the description as this is standard description for the containerization.
Add a screenshot of the Cloud containerization from imaging. Screenshot should be in the readable format.
If user is not able to find the Cloud Containerization view in the Imaging, then user has to check the logs "Extensions before analysis" and "Run extensions after analysis" and check if the log has any warnings or errors related to extension "com.castsoftware.highlight2mri", if there are any warnings/errors, check with the support team and get the issue resolved, post this you will have to re-run the analysis and upload the results to imaging once the issue is resolved
Slide 16 & 17: Summary
In the summary add the details of the code coverage based on the Snapshot Indicators (Artifacts in transaction)
How many transactions configured. how many are valid, how many empty. Add the list of valid and empty transactions.
Attach the list of Complete transactions and Empty Transactions, this can be obtained from the Console, Under Transactions View, go to Transactions and download the CSV, this will give the list of both complete transactions and empty transactions, separate these into two sheets and attach.
In order to get the empty transactions list, add filter on Data Entities and End Points (both having value 0)
Delete the empty transaction which you filtered above, you will have list of complete transactions.
Add comments based on the star rating which is visible in snapshot indicators and explain what the star rating means and explain where we with the current app like 2 stars are or 1 star.
Similarly add the details of the Data Functions based on the data entities used in the transactions.
Star rating details and attach the list of the tables which are not used in the transactions. (Star rating details can be found in snapshot indicators)
Add details like where the app stands in terms of data coverage.
The list of tables not used in the transaction can be obtained from the Snapshot Indicators in Console. Snapshot Indicator "Data entities used by transactions", Download the report of this indicator and format the worksheet as Similar to the sample report attached in sample PPT.
Please note that the name of the downloaded report is misleading, the name of the downloaded csv is "fp_data_used.csv", this report contains the list of the tables which are not used in the transactions.
Also, if Imaging Indicator extension is added during the analysis, please add the Imaging indicator output file for reference, convert the csv file to xlsx and format. (Sample attached in the sample report).
Imaging Indicator report can be obtained in the LISA folder of the analyzed VM.
User can generate this report using the query as well, connect to PgAdmin >> connect to the CSS instance and open a query tool.
Use the below query to get the report.
SELECT * FROM xxxx_local.img_indicators
You can download the csv from the query window and attach in the PPTX.
Slide 18:
Summary (Add parameters which useful for PM):
Details of the analyzed code, KLOC reported and KLOC analyzed/present in dashboard.
Details of the transactional coverage, number of valid transactions, artifact coverage, ratio of the valid transactions per KLOC
If Green IT is in scope, add the score of green IT.
If security dashboard is scope, check the dashboard status and update comments.
Add info related to Imaging upload status, source code visibility, Imaging views viability like Project Structure, SCA, Cloud Views, Cloud tags availability.
Slide 19: Assumptions and Open Questions
Document all the details of the assumptions made during the application analysis.
This is required to have a check with client if the assumptions made are right or we need to make any changes.
Document the open questions which has to be checked with the client/FO
Ex: there are many tables delivered in the code which are not at all used in the app, if user is unable to find any links between technologies
Before adding any questions, please have a check internally in the delivered source code and then raise questions.
Annexure:
No need to make any changes, this is just for information of the user.
