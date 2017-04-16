Ask Slashdot: How Would You Stop The Deployment Of Unapproved Code Changes? 64
Over a million lines of code -- in existence for over 10 years -- gets updates in six-week "sprints" using source control and bug-tracking systems. But now an anonymous reader writes: In theory users report bugs, the developers "fix" the bugs, the users test and accept the fix, and finally the "fix" gets released to production as part of a larger change-set. In practice, the bug is reported, the developers implement "a fix", no one else tests it (except for the developer(s) ), and the "fix" gets released with the larger code change set, to production.
We (the developers) don't want to release "fixes" that users haven't accepted, but the code changes often include changes at all levels of the stack (database, DOAs, Business Rules, Webservices and multiple front-ends). Multiple code changes could be occurring in the same areas of code by different developers at the same time, making merges of branches very complex and error prone. Many fingers are in the same pie. Our team size, structure and locations prevent having a single gatekeeper for code check-ins... What tools and procedures do you use to prevent un-approved fixes from being deployed to production as part of the larger code change sets?
Fixes are included in a test build for users to test and accept -- but what if they never do? Leave your best answers in the comments. How woud you stop un-approved code changes from being deployed?
Hulk smash!
Yes, or even more. How many people do you think usually look at each line of text or each line of music before it gets published? And there, the stakes are usually considerably lower than for code.
That doesn't work. I manage devs on five different continents, and my boss always wins. There is no way to beat bad management.
This. Bad management merges bad code, and there is ni overcoming that.
That right there is a part of the problem. Software testers report bugs. Hints about potential bugs can come from end users, but end users are not software testers.
There is no substitute to a really good (professional.... and paid) software tester that and reliably reproduce bugs that need to be removed. If anything, they are far more valuable than even code monkeys writing thousands of lines of code per month (something also largely irrelevant for quality software). If anything, I would pay the softwar
Are you the owner of Ham Radio Deluxe?
Fire the manager. This sounds like very bad management. This is a process to follow, not a tool to blame when developers fuck up.
I used to work as a QA manager. What I tested and accepted was generally committed and released on my OK and the senior Dev was rational and sane so we were almost always on the same page. The one time we really disagreed, he reminded me I wasn't his boss. I agreed, then repeated previous points made by our shared boss, and then he promptly gave in. Our boss was really good at
Entice users to test the new code (Score:2)
More money, better computers, whatever it takes - get a subset of the users on board to test the new code before it's final.
If it's not strictly a bug fix, feature flags are a good way to go. Keep a standard of adding any reasonably sized addition behind a feature flag. That way it's easy to turn on/off your new button, or swap between two methods of doing something.
If it's testable, have a code review and release process built around difference testing. Reviewers have to sign off on the externally visible differences in the code's effect. Release engineers can close bugs based on expected diffs and reject releases in the fa
- You set up the central repository to only accept code if it can be merged and results in all tests passing.
- You make sure that there is defined code ownership and that people can only change code with a review and with the approval of the owners, also enforced by the source code control system.
Long-term, there are two more things that should happen:
- Developers need to learn how to break up large diffs into many small, individually testable diffs.
- You need to break up your codebase so that it's not a single project with 1Mloc, but 50 small projects with 20kloc each.
Code ownership is so 1960s
...
Presumably you tagged the sources that went into the build that went to your customers?
If you did, when you make bug fixes you need to check out against that tag, not to the bleeding edge code where new features are being added.
Depending on how many fixes there are and how complex and messy the source tree is, you can either try to merge the changes into your bleeding edge code base or make the changes twice. In general, if the bleeding edge is being vigorously refactored or otherwise aggressively reorgani
and the "fix" gets released with the larger code change set, to production...
The problem here is that the fix "gets released." I agree, that it seems like releases should at least have the criteria that at least one other person has reviewed the code being released. Otherwise, they have the criteria that one person decided to release it (by definition.)
I think you could create a system by which pull requests are approved by someone other than the person that created them, and then, after it's been approved,
Step one is to get high-level management to understand and agree with the risks as well as to understand and agree with the costs of preventing them.
You would think that this is a no-brainer, but its not. I've listened to a COO tell me from across a boardroom table that they have to be able to bypass deployment processes for business-critical hot fixes because time is of the essence in those situations, and that was the end of it. So what you've got is that in an "emergency" an "informal" approval from an
When people are worried about changes in "many layers of the stack", it's usually a good time to re-architect the system and build microservices. Basically, you get the entire stack in every microservice and you stop worrying about ripple effects; you upgrade or troubleshoot things at a much smaller scale.
I highly recommend this book:
https://www.amazon.com/Buildin... [amazon.com]
It explains how to achieve this, including how to deal with the tough parts like the database layer.
You lay down a CVS Tag and the build technician builds from it. Releases are clearly identified with an MD5 identifier.
If only one official binary exists, it's what people will run.
Next person to release an untested line of code will play the piano for us *SLAM*
Unless testing really isn't that important. Depending on your needs it might not be (despite all the indignation that engenders). One thing I've learned about
Yeah, this is a management problem. The technical safeguard I proposed won't work unless management buys in, which clearly they haven't already since this could be addressed by policy, but it hasn't been.
Communicate
Remove the stigma that developers can