… in continuation to my Node.js series previous post
After setting up a software repository in git hub next setup is to choose a framework and a development setup.
Most part of my software development i wrote server application that ran on Linux environment. So i prefer to have a framework and setup that is suited for Linux. On exploring a bit two options stands out, Botkit and Botbuilder.
BotBuilder is managed by Microsoft and BotKit is managed by independent entity BotKit itself. The post from Jon Church, Picking a Chatbot Framework: Botkit vs Microsoft Bot Builder, gave me a good insight on how these two frameworks stack up. Based on these details looks like BotKit is a better option than BotBuilder. But once started setting up the bot i realised its a fremium service. The free trie would be good for development but not suitable for production. It needs a credit card info for free account also and a more groose things is that if the traffic exceeds the free tier range the account will be automatically upgraded to next tier and the credit card will be charged accordingly in the next billing cycle.
I decide to go with BotKit. Primary reasons being it is good to have low level access to Teams API and I dont really intend to run this application with any other application. Secondly I have tried few bots with BotBuilder so trying out BotKit will be a good learning.
To being with Icreated a clone of my git hub repository and did a ‘npm init’. Install botkit node.js application:
npm install — save botkit
Create package related files using BotKit Studio.
The next choice to make is about securing the application. Since this application deals with Jira a security breach could expose the companies road maps, strategies, weakness, etc. Ideally one would not like these information to leave organizations private network. The basic setup with Botkit and Bot Builder exchanges traffic with external entity. In spite of the connection being secure, a software component outside of an organization is an security and privacy threat. Need to figure out an approach to make the information exchanges secure and confined to organization boundaries.