In the past 10 years, the software architecture has undergone tremendous changes, from the earlier popular monolithic MVC architecture to the so-called 5:5 split, that is, distributed vs monolithic. It's just that there are a large number of software developers who cannot see the whole picture of the system, or change from a single-minded thinking. Therefore, even in the case of using microservices, the implementations are one by one monomer, but they become "distributed monomers".
Architecture governance becomes an urgent problem.
The challenges we face
As an architect or software developer, we face many challenges in architecture governance:
- Design and implementation do not match. There is a huge difference between the designed software architecture and the actual implemented architecture. And this difference often needs to be coded online, or even discovered after a period of time.
- No specs/non-compliance with specs. As a senior developer, we have a set of specifications that not many team members are willing to follow.
- The amount of code is huge and it is difficult to identify the problem. In a system created by a dozen or dozens of microservices, it is often difficult to quickly discover the intricate relationships between them.
- Errors can be made at every level of the architectural model. Such as API coupling between services, coupling between codes, database coupling, etc.
- Architects, developers themselves lack rich experience. I know there is a problem, but I can't tell where it is, and I don't know how to improve it.
To deal with these challenges, we need a platform/tool to help us solve these problems. So, combined with our past series of software development and refactoring experience, we (Thoughtworks consultants) started the development of ArchGuard, an architecture governance platform, in 2020 (when the epidemic started).
Now, it is open source, GitHub: https://github.com/archguard/archguard
What can it do?
ArchGuard performs layered analysis according to the popular C4 architecture model. That is, on the four different architectural views of System Context (context), Container (container), Component (component), and Code (code), they are different levels of abstraction and correspond to different audiences, such as developers in the team who care about code Internal dependencies, architects care about dependencies between components and windows.
In the final implementation form, they exist in the form of codebases and documentation. ArchGuard is a code-based static analysis tool, which will also be provided by design in the future.
In ArchGuard, we need to create a series of system components first, that is, to configure the corresponding language and GitHub address, we can scan the code.
Component/Module
In the component view, we can see the overall situation of a single project, according to the corresponding code submission history, unstable code modules:
API declaration and usage, etc.:
And through the five dimensions of volume dimension, coupling dimension, cohesion dimension, redundancy dimension, and testing dimension, the architecture is evaluated, and a series of indicators are used to analyze the situation of the system:
System Dependency Analysis: Service Map
Note : This dependency analysis method depends on team developers having a unified coding standard.
For microservices, ArchGuard can automatically analyze the dependencies between different services and visualize the dependencies:
PS: Since ArchGuard used to be a microservice architecture, after being merged into a single unit, there is a situation where it calls itself.
At the same time, the system can help you automatically analyze which APIs are used and which APIs are not used (some APIs cannot be analyzed temporarily):
Currently, ArchGuard can support several limited API call identifications such as Spring, RestTemplate, Axios, UMI-Request, etc.
Database Dependency Analysis: Database Maps
Note : This dependency analysis method depends on team developers having a unified coding standard.
For inter-database dependencies, ArchGuard can parse the SQL calls in the code, and try to match the dependencies with different microservices, and then analyze which services are coupled at the database layer. Due to inconsistent coding standards, in some cases, we did not identify database tables in the code:
With this dependency, we can see the most frequently used tables in our code. Combined with our functions in code analysis, you can view the call map of the database (in front-end implementation).
code analysis
For development teams, they can view the dependencies between modules, packages, classes, and methods of the project on ArchGuard:
Through the above LoginModuleRepository, the corresponding results of the database can be matched.
Change Impact Analysis (in development)
One of the functions we are implementing is to analyze and configure the system for potential code modification points, and then through dependencies, to analyze the impact of changes. It can not only help architects to analyze the impact of requirements, but also help testers to test the content of the system more accurately.
How does ArchGuard achieve the above functions?
ArchGuard has two built-in code analysis engines: Bytecode analysis + source code analysis.
- Bytecode analysis. As the name implies, it analyzes the dependencies in the code by analyzing the bytecode in the JVM.
- Source code analysis. That is, by analyzing the syntax tree of the compiled language, a specific data structure is produced.
The source code analysis is mainly static analysis, combined with the Chapi code analysis engine ( https://github.com/modernizing/chapi ) previously open-sourced under the refactoring automation open source organization Modernizing . Chapi is based on the syntax analysis implemented by Antlr and supports mainstream programming languages: TypeScript/JavaScript, Kotlin, Java, C#, etc. As shown in the table below:
| Features/Languages | Java | Python | Go | Kotlin | TypeScript | C | C# | Scala | C++ |
|---|---|---|---|---|---|---|---|---|---|
| http api decl | ✅ | 🆕 | 🆕 | ✅ | ✅ | 🆕 | 🆕 | 🆕 | 🆕 |
| syntax parse | ✅ | ✅ | ✅ | ✅ | ✅ | 🆕 | 🆕 | ✅ | 🆕 |
| function call | ✅ | 🆕 | ✅ | ✅ | |||||
| arch/package | ✅ | ✅ | ✅ | ✅ | |||||
| real world validate | ✅ | ✅ | ✅ |
Due to static code analysis, some content is not very accurate.
Combined with several scanning tools in ArchGuard Scanner ( https://github.com/archguard/scanner ) to stream data into the database:
- scan_git, analyzes basic information such as Git commit history, line number, language, etc.
- scan_jacoco, analyze code test coverage
- scan_bytecode, bytecode analysis
- scan_sourcecode, source code analysis (including HTTP API analysis, database analysis)
- scan_test_badsmell, test code bad smell
- collector_ci, collects history in CI/CD
other
Welcome to join the development of ArchGuard, GitHub: https://github.com/archguard/archguard
java
python
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。