Wilson Mar bio photo

Wilson Mar

Hello. Join me!

Email me Calendar Skype call 310 320-7878

LinkedIn Twitter Gitter Google+ Youtube

Github Stackoverflow Pinterest

All the stats that fits on a dashboard



There are several approaches to providing visibility of workflow to DevSecOps, to display dashboard the various statistics of a software delivery pipeline.

Organizations can make use of general-purpose visualization tools

There are also purpose-built dashboard software. Hygieia (pronouced hi-GEE-ya), open-sourced by Capital One (the credit card company) is named after the daughter of the Greek god of medicine and personification of hygiene and prevention of illness.


These videos describes:

https://www.youtube.com/watch?v=WuPQOBMmzSE [4:01] May 10, 2016

Introducing Hygieia [4:53] Jul 17, 2015 on CapitalOne’s GitHub


https://www.youtube.com/watch?v=WZ3S1xOn8Wg (music, no narration)


Team Dashboard Widget View

Each team has its own “tactical” dashboard to present detailed information real-time:

(Click for pop-up full image)

Hygeia provides visual and quick access to detailed process data collected from several sources, so team members don’t have to keep several tabs open:

  • “Build” from individual projects in Jenkins, Bamboo, Hudson, TeamCity, udeploy, xldeploy, Cucumber CI tools

  • “Feature” shows features and items in projects within JIRA, versionone.

  • “Code repo” (commits per day) of a specific branch of a single repo collected from within GitHub, Subversion, BitBucket, GitLab

  • “Quality” shows code coverage and number of defects found in code scans done by SonarQube

  • “Monitor” shows deployments to servers. Red and green dots represent whether the server is up or down

  • Version numbers in a Maven build specification file

  • “Nexus artifacts” from the binary repository

  • <a target=”_blank” ChatOps

  • <a target=”_blank” AWS

Additional collectors specified in docker-compose.yml include artifactory, appdynamics. Emmett?

PROTIP: Again, this visibility should not used for those outside the team to meddle with questions such as “why is this particular one 15”?

QUESTION: Does the dashboard cover these 16 gates in the pipeline (10 Commandments in octal):

DOES16 San Francisco - DevOps at Capital One: Focusing on Pipeline and Measurement IT Revolution by Topol Pal, (Director, Engineering Fellow, Capital One)

  1. Source code version control
  2. Optimum branching strategy [Git and GitHub or GitLab, etc.]
  3. Static analysis [SonarQube]
  4. Code coverage
  5. Vulnerability scan
  6. Open source scan [Black Duck]
  7. Artifact version control [Nexus or Artifactory]
  8. Auto provision
  9. Immutable servers
  10. Integration testing
  11. Performance testing
  12. Build, Deploy, Testing automated for every commit
  13. Automated Change Order
  14. Zero downtime release

Program-level Pipeline Dashboard

hygieia-pgm-shift-left-600x219 *

Added since version 2 is statistical analysis for trends of health and speed. One row for each team (such as “Tetris” in the example).

PROTIP: I recommend against a competitive comparison of numbers achieved by each team because that encourages unintended consequences such as increase in hidden quality issues and technical debt. Each team has different challenges.

Hygieia limits itself to just these environments:

commit > build > DEV > QA > INT > PERF > PROD

Higher Order Metrics

PROTIP: Consider using metrics that reveal “higher order” calculations that can be use to predict future health and be used as the basis for recommendations.

  • Elapsed response time as a function of load?


Was this pattern of performance predicted from testing?

  • Network latency separate from server response time by having monitoring clients near the server.

  • Difference in response time before and after a change.


  • Cycle time to instantiate a server.


  • Man-Months of backlog in innovations and defect fix effort

  • Man-Months of “Technical Debt”

  • Percent of work unplanned (“error budget”)

  • Percent of development (coding) innovation vs. repetitive work

  • http://www.veracode.com/services/veracode-vs.-on-premise-tools


  • http://www.smlcodes.com/tutorials/hygieia-dashboard-tutorial/

Displays of trends over time are important to keep numbers in perspective, both to keep from over reacting to momentary anomalies and from under-reacting to underlying patterns that need to be fixed.

PROTIP: So it’s better to have a set of rotating dashboards (showing trends) than having just a number on a dashboard without context to whether that number is “good” or “bad”.

PROTIP: Have a projection of what was expected at each point in time, especially in the future.

Having an arbitrary target number can be counter-productive unless individual employees have a coherent approach that balances the many conflicting needs.

For example, an insistance on “100% all the time” can lead staff to prioritize caution over innovation.

QUESTION: Should trend information be considered during a Production Readiness Review (PRR)?

Financial and Strategic

Executives and business managers typically focus on financials :

  • Total cost per transaction ratio
  • Total cost as percent of revenue
  • Total revenue per employee

Upper management need to manage over a longer time horizon. So they need to see trends over time, especially those that reflect customer experience (not just internal processes):

  • Availability of the system
  • Productivity of end-users using the system being developed, such as
    purchases, invoices, or other business transactions processed during a peak hour.

  • Customer Net Promoter Score

  • Employee satisfaction
  • Employee turnover rate

Many may balk that the above are not “relevant” to DevOps. But if not, then how important is the justification for going DevOps?

Hygieia Build

http://www.capitalone.io/Hygieia/setup.html references code and automation at

  1. In a Google Compute Cloud Console.

    QUESTION: Is there a Terraform template?

  2. Within the Google Cloud Console execute:

    curl -fsSL https://github.com/wilsonmar/hygieia sh
  3. Automation to instantiate a cluster of servers to establish Hygieia is at:


    NOTE: Hygieia was written in Java to store data in a MongoDB database.

    The Hygieia API server exposes REST APIs written in Spring Boot and mysema.querydsl.

    The Hygieia core server provides the UI to data collected.


  4. Fork https://github.com/capitalone/Hygieia to your own account.

  5. Create a container folder to hold several related repositories.

    git clone https://github.com/ My GitHub Acct /Hygieia

    At the time of writing, this took up 131.1 MB of disk space.

    git clone https://github.com/ My GitHub Acct /Hygieia –depth=1

    At the time of writing, this took up 114.2 MB of disk space.

  6. Download and build via maven using pom.xml file:

    mvn clean install package

    PROTIP: If you enjoy reading the deluge to the console, expand the Terminal width to avoid wrapping.

    The response:

    [INFO] Total time: 08:34 min
    [INFO] Finished at: 2017-03-18T21:11:46-04:00
    [INFO] Final Memory: 108M/1581M

    At the time of writing, after install the folder takes 1.23 GB of disk space.

  7. Install MongoDB for the API data store
  8. Run collectors with properties to connect to CI tools
  9. Seteup Dashboard widgets & Visualize

    QUESTION: Can only have one dashboard?

PROTIP: Have computer programs monitor servers and take automatic actions.

More Info


More on DevOps

This is one of a series on DevOps:

  1. DevOps_2.0
  2. ci-cd (Continuous Integration and Continuous Delivery)
  3. User Stories for DevOps

  4. Git and GitHub vs File Archival
  5. Git Commands and Statuses
  6. Git Commit, Tag, Push
  7. Git Utilities
  8. Data Security GitHub
  9. GitHub API
  10. TFS vs. GitHub

  11. Choices for DevOps Technologies
  12. Java DevOps Workflow
  13. AWS DevOps (CodeCommit, CodePipeline, CodeDeploy)
  14. AWS server deployment options

  15. Digital Ocean
  16. Cloud regions
  17. AWS Virtual Private Cloud
  18. Azure Cloud Onramp
  19. Azure Cloud
  20. Azure Cloud Powershell

  21. Packer automation to build Vagrant images
  22. Terraform multi-cloud provisioning automation

  23. Powershell Ecosystem
  24. Powershell on MacOS
  25. Powershell Desired System Configuration

  26. Jenkins Server Setup
  27. Jenkins Plug-ins
  28. Jenkins Freestyle jobs
  29. Jenkins2 Pipeline jobs using Groovy code in Jenkinsfile

  30. Dockerize apps
  31. Docker Setup
  32. Docker Build

  33. Maven on MacOSX

  34. Ansible

  35. MySQL Setup

  36. SonarQube static code scan

  37. API Management Microsoft
  38. API Management Amazon

  39. Scenarios for load