Show HN: Metaport – proactive upgrades and patching for PMs

getmetaport.com

2 points by theruss 3 days ago

Hey folks!

Like many of you I guess, having worked several development roles since the late 90s mainly on OSS stacks, I would see the same behaviour over and over where teams promised the earth in RFPs, delivered a super shiny thing approximately on time and on budget, but amazingly, put little-to-no effort into anything more than barely keeping the lights on.

Teams would be barely satisfying their SLAs, occasionally risking security and certification mandates as a result, which were set down at project commencement.

Fast forward to 2023 and my manager at the time is banging her head against the desk having encountered an easily avoidable situation for the nth time: Some key software component is close to, or is already out of support and the client isn't happy (it was sometimes the client who noticed it first...).

I suggested a quick-win -- a spreadsheet which tracked the EOS and EOL dates of each component and presented it as a gantt chart. PMs and DLs would then use that to present to clients well-ahead of key dates so that upgrades and budgets could be discussed proactively. I duly delivered the sheet while still not quite believing such a thing didn't already exist.

Now of course being a developer, I was already thinking about how best to automate this. I had already found a potential means of obtaining pertinent data, and having used an internal tool at a previous company intended for tracking security advisories as well as other useful data-points for Drupal CMS, I decided to roll everything into a single system. It had previously struck me as being odd that this internal tool was Drupal specific. Why wasn't it framework, language or runtime agnostic? The company after all produced software using a variety of technologies. I had made attempts to get internal resource aimed at patching and improving the product which ended up not working out. So as one does, I took the best ideas of the software, made it language agnostic and rolled portfolio-wide EOL/EOS charting and dependency and vulnerability search into a single tool and named it "Metaport".

Metaport CE is in beta and I'm really keen to get people playing with it who are not me. Does it really help in the way it purports to, and for the right people? Could it be architected differently to support say multi-tenancy? (I probably know the answer to this). Metaport is built with PHP and React and is available as a Docker image. Development, evaluation and install instructions are here: https://getmetaport.com/#install and the docs are at https://docs.metaport.sh/.

Super happy to get feedback!