Forum Discussion

Nimbostratus

May 18, 2023

Automated Linters on F5

Hi We are currently uplifting our jenkins pipeline for F5 and there is a requirement for static analysis on the code. Since TCL scripts are not supported by default on Sonar. I am looking for automat...

devops

JRahm

Admin

May 25, 2023

whisperer has the right advice here where traffic policies can be implemented in lieu of iRules. iRules are great, but should be used only where necessary. For static analysis, I'm not sure there are tools for that for iRules because it's a heavily extended/customized version of Tcl 8.4.6. I'm checking with someone who might have a more definitive answer, will update here when I hear back.

That said, if you have the ability to upload qkviews of BIG-IP systems configs (even if just a dummy config for the purposed of testing), you could use the ihealth API to check for any iRules-related diagnostics/heuristics that might trigger against your configurations.

On the flip side, if you're look for iRules unit testing, you can check out the questionably named TestTcl, um, package.

JRahm

Admin

May 25, 2023

Asked around internally and there is a package that Simon_Kowallik put together that might help:

GitHub - simonkowallik/irulescan: irulescan - static security analyzer for iRules

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)