The policy dashboard provides an overview of the policies monitored by AppControl for your apps. Policies are monitored automatically by AppControl for each deployed revision by performing a set of checks against your app. These checks are based on policy rules for security, quality, maintainability, and development standards. By default AppControl checks your app against a library of community best practices maintained and developed by Blue Storm. This default configuration is the called the global policy.
It is possible to configure policies that are specific to your needs. The following policies can be configured:
Global Policy. This policy applies to all apps managed by AppControl.
Group Policy. This policy applies to all apps in a specific group.
App Policy. This policy applies to a specific app.
Note: Only a single policy is used to check an app. Policy rules are inherited (Global -> Group -> App), and it is possible to make rules mandatory so that they cannot be overriden by a lower level policy.
For information on how to configure policies see the policy administration page in this documentation. The following information is available in the policy dashboard overview.
Environment Selector
Select the environment type that you wish to view the policy status for for. The default is 'Production'.
Policy Overview
For each deployed app with an environment that matches the environment type that you selected there is a single row in the overview. If an app is not visible it means one of the following:
The revision for the app in the selected environment has not yet been processed by AppControl.
The app does not have an environment of the type you have selected.
For each app the following information is displayed:
App. The name of the app.
Revision. The branch and revision that was analyzed for the policy.
Security / Maintainability / Quality / Standards. The total number of low, medium, and high risk policy checks that failed for the given check category.
Policy Compliance. A summary of the total policy checks that failed for this app. The percentage shows the percentage of checks that were configured in the policy that passed. The star rating is a simple visualization of this percentage where 100% = 5 stars.
Click on an app to view its details. The following information is available for each app:
Policy Configuration
This tile displays the policy configuration that was used to generate the policy status:
Mendix version. The version of Mendix that is in use by the revision that was checked.
Branch. The name of the branch that the analyzed revision belongs to.
Revision. The revision that was checked.
Policy Scope. The policy that was used. This can be Global, Group or App.
Policy version. The version of the policy that was used. Every time you change a policy the version number increases.
Ingore Marketpalce modules? If TRUE, the policy ignores results for model elements that are part of modules downloaded from the Mendix Marketplace.
Ignored check results. How many check results were ignored for this app. Click on the 'manage' link to view the check results that were ignored and not used for calculating the compliance score for this app.
Policy Overview
The policy overview tile shows a summary of the results for each category of checks. For each category the following information is displayed:
Total check results. The total number of failed check results. (check result = unique combination of check type and specific element)
Percentage. The percentage shows the percentage of checks (=check types) that were configured for this scorecard that passed (= did not generate any failed check results).
Star rating. The star rating is a simple visualization of the percentage of checks that passed where 100% = 5 stars.
Policy History
The policy history tile shows the compliance of your app over time to your policy. For each revision of your app that has been checked an dditional point is added to the graph. By default only the Policy Compliance score is shown, however by clicking on the graph you can turn on or off the other policy check categories to see their score.
Check Results
This tile shows an overview of all failed check results for this app. Click on a check result to view its details.
Check Result
The check result pop-up appears when you click on a check result from the policy viewer. This shows you the details of a check result and what triggered it. The following information is available:
Check type. The check that was used. For more details click the help icon to open the online documentation.
Severity. The severity level of the check result. Possible values are Low, Medium and High.
Category. The check type category. Possible values are Security, Maintainability, Quality, and Standards.
Message. An optional message generated by the check. This provides extra information to help you fix the issue found by the check.
Target. The best practice target value configured for this check. This is taken from the check configuration.
Value. The actual value found by the check.
Element type. The type of model / app element that was checked.
Element name. The name of the model / app element that was checked. Note: Some element types do not have a name (E.g. the 'app' element).
Ignore Check
The ignore check pop-up can be accessed from the check result pop-up. This dialog enables you to ignore a check result. Ignored check results are not used when calculating the compliance score for an app. After ignoring a check the score for the current app is re-calculated. The next time a new revision is checked the list of ignored check results will also not be used to calculate the score.
The following options are available:
What do you want to ignore?
Ignore specific check result : If you select this, the currently selected combination of check type, element type, and element name will be ignored.
Ignore all check results of same type : If you select this, all check results of this type will be ignored.
Check type. The name of the check type to be ignored.
Element type. The element type to be ignored.
Element name. The element name to be ignored.
Ignored Checks
The ignore checks page is accessed by clicking on the 'manage' link from the policy configuration tile in the policy viewer. This page shows you the check results that have been ignored when calculating the compliance score for this app. From this overview you can choose to remove a single check result (the combination of a check type and a specific model element) or all check results of a specific check type.
