Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Code Review is an Architectural Necessity - Github Universe 2016

Colin Dean
September 15, 2016

Code Review is an Architectural Necessity - Github Universe 2016

Code Review is not a new concept, but a specific term for an older concept -- Peer Review -- that focuses the review process on the code under examination instead of the person who submitted it. While Code Review is common in open source projects, organizations developing in private often employ inefficient, frustrating, or virtually non-existent review processes. This talk looks at Code Review from an architect's viewpoint, arguing that Code Review is an essential component in a product's architectural plan because of the quality attributes it may provide. It also covers tips and sets expectations for what Code Review can and cannot solve.

Colin Dean

September 15, 2016
Tweet

More Decks by Colin Dean

Other Decks in Technology

Transcript

  1. #githubuniverse #codereview Code review is an architectural necessity Colin Dean

    @colindean 1
  2. #githubuniverse #codereview @ColinDean Software Engineer Organizer, Abstractions.io Wearer of many

    hats 2
  3. #githubuniverse #codereview My words are my own and not my

    employer’s, past or present. Please save questions until the end of the presentation. 3
  4. #githubuniverse #codereview Agenda • Quick anecdote • What is code

    review? • What problems does code review solve? • Quality attributes code review ensures • Tips for code reviews • Limitations 4
  5. #githubuniverse #codereview 5

  6. #githubuniverse #codereview Agenda • Quick anecdote • What is code

    review? • What problems do code review solve? • Quality attributes code review ensures • Tips for code reviews • Limitations 6
  7. #githubuniverse #codereview What is code review? 7

  8. #githubuniverse #codereview Code review is the process by which those

    who maintain a software codebase evaluate a proposed change to that codebase, regardless of the source of the proposed change. 8
  9. #githubuniverse #codereview Code review is systematic examination of computer source

    code. Code Review, Wikipedia 9
  10. #githubuniverse #codereview Peer Review 10

  11. #githubuniverse #codereview Code Review 11

  12. #githubuniverse #codereview Code Review Vocabulary • Change - an individual

    unit of work altering what exists • Submission - a collection of changes • Submitter - the person proposing the submission • Reviewer - the people evaluating the submission • Annotation - remarks or ratings bestowed upon the submission 12
  13. #githubuniverse #codereview The submitter proposes changes in a submission, which

    is evaluated by a reviewer, who annotates or accepts it. 13
  14. #githubuniverse #codereview Inspection Team review Walkthrough Pair programming Peer deskcheck,

    passaround Ad-hoc review Wiegers’ peer review formality spectrum Least formal Most formal 14
  15. #githubuniverse #codereview Most formal Least formal Inspection Team review Walkthrough

    Pair programming Peer deskcheck, passaround Ad-hoc review Wiegers’ peer review formality spectrum 15
  16. 16

  17. #githubuniverse #codereview Agenda • Quick anecdote • What is code

    review? • What problems does code review solve? • Quality attributes code review ensures • Tips for code reviews • Limitations 17
  18. #githubuniverse #codereview Code review solves two major problems. Aside from

    the primary goal of reducing defects, 18
  19. #githubuniverse #codereview Mental model synchronization Code review solves 19

  20. #githubuniverse #codereview 20

  21. #githubuniverse #codereview 21

  22. #githubuniverse #codereview Close enough Need guidance On target 22

  23. #githubuniverse #codereview Alternative solutions New idea Open to new idea

    23
  24. #githubuniverse #codereview Tribal knowledge development 24 Code review solves

  25. #githubuniverse #codereview Michael Keeling
 Creating an Architecture Oral History, SATURN

    2012 “Architecture oral history requires that the team is both willing and able to retell the stories and keep the oral history alive.” 25
  26. #githubuniverse #codereview Application code Code review audits 26

  27. #githubuniverse #codereview Application infrastructure Code review audits 27

  28. #githubuniverse #codereview Application architecture 28 Code review audits

  29. #githubuniverse #codereview Write it down. Make it searchable. Code review

    forces us to 29
  30. #githubuniverse #codereview Agenda • Quick anecdote • What is code

    review? • What problems does code review solve? • Quality attributes code review ensures • Tips for code reviews • Limitations 30
  31. #githubuniverse #codereview Maintainability Code review ensures 31

  32. #githubuniverse #codereview Maintainability • Learnability • Understandability • Serviceability Code

    review drives 32
  33. #githubuniverse #codereview Learnability • Developing Code • Patterns & Conventions

    • Risks & Goals • Developing People • Common Vocabulary • Teaching Moments Understandability Serviceability Code review drives 33 Maintainability Learnability
  34. #githubuniverse #codereview Learner Expert Coding Reviewing Coding Reviewing Synchronous Pairing

    & Teaching Exemplary Reading Constructively Critical Evaluation Serendipitous Evaluation of Example Understandability Serviceability 34 Maintainability Learnability
  35. #githubuniverse #codereview Understandability • Establishes common yet evolving mental model

    • Builds confidence in direction and design decisions • Builds tribal knowledge • Bonus: Enables elevator pitch Serviceability Code review drives 35 Maintainability Learnability Understandability
  36. #githubuniverse #codereview Serviceability • Exposes addressable “gotchas” • Exposes end-user

    interaction points • Establishes consensus on supported workflows Maintainability Learnability Understandability Serviceability Code review drives 36
  37. #githubuniverse #codereview Linus’s Law “Given enough eyes, all bugs are

    shallow.” 37
  38. #githubuniverse #codereview Maintainability ✓Learnability ✓Understandability ✓Serviceability Code review drives 38

  39. #githubuniverse #codereview First programming job out of school - B2B

    imprinting company if($customer == “spacely_sprockets”) { do_something(); }
 else { cry(); } • Version control! • No code review tooling or process • Minimal pairing • Continuous integration easily circumvented 39
  40. #githubuniverse #codereview Lack of code review Lost Opportunities 40

  41. #githubuniverse #codereview Lack of code review Lost Opportunities Lost Revenue

    41
  42. #githubuniverse #codereview Lack of code review Lost Opportunities Lost Revenue

    Lost Job 42
  43. #githubuniverse #codereview Compliance 43 Code review ensures

  44. #githubuniverse #codereview Compliance • Accessibility • Auditability • Idiomaticity Code

    review drives 44
  45. #githubuniverse #codereview Second job out of school - Consulting •

    Lone wolf working alongside other lone wolves • No version control in proprietary software with custom “IDE” a.k.a. textarea. • Last modified and modifier only • No process of our own 45
  46. #githubuniverse #codereview First professional code review experience was group review

    • Subcontractor on government project, 2010-2012 • Lone SME on platform • Borland StarTeam + in house review system • My tools for version control integration • Weekly merge window • Round robin inspection 46
  47. 47

  48. #githubuniverse #codereview Not a pleasant experience • Three to four

    hour weekly round robin inspection • Cutthroat mixture of competing contractors, subcontractors, and employees • Embarrassment galore ‛ Not a learning environment • Immediate defensive posture • “Merge next week” = you failed, possibly delayed project 48
  49. #githubuniverse #codereview $1,450 per hour 49

  50. #githubuniverse #codereview $1,450 per hour $5,800 per weekly meeting 50

  51. #githubuniverse #codereview $1,450 per hour $5,800 per weekly meeting $290,000

    per year 51
  52. #githubuniverse #codereview Effects? • Waste • “Get this over with.”

    • Obstructionism • Plenty of bugs • “I’ll fix that mistake later.” 52
  53. #githubuniverse #codereview Missed opportunities • Accessibility expert was most vocal

    • Project manager was vocal on contractual and HF matters ➡Both could have reviewed asynchronously • Project was behind ➡Too many people could say No 53
  54. #githubuniverse #codereview Security 54 Code review ensures

  55. #githubuniverse #codereview Security • Spot vulnerabilities • Teach best practices

    • Filter unnecessary code • YAGNI Code review drives 55
  56. #githubuniverse #codereview Reviewers are like your lawyer Screening and recommending

    actions to minimize risk, avoid preventable mistakes 56
  57. #githubuniverse #codereview Agenda • Quick anecdote • What is code

    review? • What problems does code review solve? • Quality attributes code review ensures • Tips for code reviews • Limitations 57
  58. #githubuniverse #codereview When should you integrate code review? 58

  59. #githubuniverse #codereview Context • Project • Technical 59

  60. #githubuniverse #codereview Keep reviews informal and short. 60

  61. #githubuniverse #codereview Tips for thorough code review • Devote time

    • Accept debt • Identify churn • Minimize pedantry • Make progress 61
  62. #githubuniverse #codereview Major things we look for • Algorithmic complexity

    • Exception & error handling • Exception, class, & variable naming • Logging sufficiency & level • Style conformation (automate!) • Long lines & methods • Readability • Single purpose per commit 62
  63. #githubuniverse #codereview Most importantly Does it work? Is it tested?

    63
  64. #githubuniverse #codereview Agenda • Quick anecdote • What is code

    review? • What problems does code review solve? • Quality attributes code review ensures • Tips for code reviews • Limitations 64
  65. #githubuniverse #codereview Analyze dynamic structures 65 Code review cannot

  66. #githubuniverse #codereview Go on endlessly 66 Code review cannot

  67. #githubuniverse #codereview Solve political problems 67 Code review cannot

  68. #githubuniverse #codereview Agenda • Quick anecdote • What is code

    review? • What problems do code review solve? • Quality attributes code review ensures • Tips for code reviews • Limitations 68
  69. #githubuniverse #codereview 69

  70. #githubuniverse #codereview Code Review is systemic examination of proposed changes

    to a codebase. solves mental model synchronization and tribal knowledge development. ensures maintainability, compliance, & security. must be short, thorough, and automated where possible. will not solve all human problems, but some is better than none. 70
  71. #githubuniverse #codereview www.codeandsupply.co the folks behind @codeandsupply 71

  72. #githubuniverse #codereview @ColinDean github.com/
 colindean/talks speakerdeck.com/colindean 72

  73. #githubuniverse #codereview –Johnny Appleseed FIN 73

  74. #githubuniverse #codereview Attributions • Westminster College picture: https://www.flickr.com/photos/westminstercollege/15759678054/in/album-72157649340620016/ • RMU

    picture: http://cfbarchitects.com/higher-education/selected-projects/academic-buildings-libraries-learning-commons/robert- morris-university/ • Pittsburgh picture: probably Dave DiCello • “Their first code review” http://classicprogrammerpaintings.tumblr.com/post/142702963264/their-first-code-review-william-frederick • Bass, Len; Paul Clements, and Rick Kazman. Software Architecture in Practice. Addison Wesley, 2013. • Wiegers, Karl E. Peer Reviews in Software. Addison Wesley, 2012. • Cohen, Jason, Steven Teleki, and Eric Brown. Best Kept Secrets of Peer Code Review. Smart Bear Software, 2006. • Wilhelm, Alex and Alexia Tsotsis. Julie Ann Horvath Describes Sexism and Intimidation behind Her Github Exit. TechCruch, 2014 March 15. Retrieved 2016 April 26. http://techcrunch.com/2014/03/15/julie-ann-horvath-describes-sexism-and-intimidation-behind- her-github-exit/ • Baccehlli, Alberto and Christian Bird. Expectations, Outcomes, and Challenges Of Modern Code Review. Proceedings of the International Conference on Software Engineering, Proceedings of the International Conference on Software Engineering, May 2013. • and others mentioned in the slides 74
  75. #githubuniverse #codereview No, really. Fin. Srsly. 75

  76. #githubuniverse #codereview Third out of school and current job -

    Engineering • Highly disciplined team using Java, Scala, and Groovy • Git + Gerrit • Constructively critical feedback • No criticism without alternative solution and reasoning • Wide experience range: 1-2 yrs to 25+ yrs • Team split in late 2014, I was asked to be tech lead 76
  77. #githubuniverse #codereview Github Enterprise in 2016 • All new projects

    • Same workflow as public Github 77
  78. #githubuniverse #codereview Code Review Tools Used Haven’t Used Like Dislike

    ̣ Github ̣ Gerrit ̣ Gitlab • Gitbucket • BitBucket ̣ StarTeam •Phabricator • git-assess 78