Sunday, April 10, 2011

Announcing Windows Azure Migration Scanner

I’m pleased to announce the availability of a new community tool to aid in migration of applications to Windows Azure: Windows Azure Migration Scanner, or WAMS. WAMS scans your source code and brings potential migration issues to your attention.

As anyone knows who has tried it, a migration of software from one environment to another usually involves accommodating some differences and this can mean a small or a large amount of work at times. Accordingly, you really want to know what you’re in for before you start. Indeed, knowing the scope may help you decide whether or not the migration is even worth doing at all. In a move to cloud computing, migration analysis is doubly important since the cloud is so different from the enterprise.

There are already some great technical and business tools out there for helping scope a migration to Windows Azure such as SQL Azure Migration Wizard, the Windows Azure TCO Tool, and Azure ROI Calculator. WAMS comes alongside these with one more form of insight that comes from scanning source code.

What WAMS does is scan your source files, looking for regular expression matches against a keyword rules base. For example, a rule like this one tells WAMS to raise an issue when it sees a reference to transparent data encryption in SQL Server scripts because SQL Azure does not have a matching feature. You can customize the rules file with your own rules, or use the default rules which are maintained in a central location online.

<category name="SQLAzure_TDE" filetypes=".sql" issuelevel="HIGH" ignorecase="true"
guidance="SQL Azure does not currently support transparent data encryption (TDE).">
  <keyword>ENCRYPTION KEY</keyword>
  <keyword>SET ENCRYPTION</keyword>
  <keyword>sys.dm_database_encryption_keys</keyword>
  <keyword>encryption_state</keyword>
</category>

This approach makes it simple to add rules for any text-based code, including scripts and configuration files. The rules mechanism is fairly powerful since you can specify not just text keywords but complete regular expressions.

WAMS can display its findings in a window, output them to a CSV file you can view in Excel, or both. Each issue reported describes the filename, line number, rule category, severity level, code line, and guidance text. Options allow you to consolidate duplicate issues into a short list.

WAMS is also supplied in the form of a command line tool you can use in scripts and builds. There’s an option to add a timestamp to the output file name.

WAMS has some limitations. In its first incarnation, its rules base only applies to C#, .SQL scripts, and .NET config files. As we regularly extend the rules base, we’ll get more breadth and depth in the types of source code included and the coverage of the rules (contact me if you’d like to help in that effort!). WAMS can also be fooled, since the contents of a string literal or a comment could conceivably contain a match to one of its rules. Still, we think WAMS is a useful tool: while it is unlikely to uncover all of your migration issues, it’s nonetheless valuable in bringing considerations to your attention you might have otherwise missed.

WAMS is the result of community collaboration. It resides on codeplex at http://wams.codeplex.com and the project includes an installable .msi, documentation, the keywords rules XML file, and source code.

6 comments:

Simon said...

Very nice - this will help many figure out a migration path.

Debashish said...

What happpened to the scanner? It's not showing up on codeplex and not searching for it is not giving any results either!!

David Pallmann said...

Simon, one of the contributors asked me to take WAMS down until some of the code could be updated. We're hoping it will be back online before long.

Vishnu Arunachalam said...

David, Can you update me on when this tool would be back online?

Vikram said...

Hi David,
Any update or information on when the WAMS tool would be made available for download again?
Thanks,
Vikram

David Pallmann said...

I'm waiting on one of the contributors. As soon as it can go back online, I'll be sure to post it.