How code reviews can improve your DevOps code maintainability

The humble but effective way to better code

Code maintainability is all about how easily code can be read, changed, corrected, or enhanced across the span of its use. The more maintainable the code, the simpler it is to adapt and manage throughout its lifecycle.

Why is this important in DevOps? The core purpose of DevOps is to create and deliver quality software fast. Being able to operate effectively as a DevOps practice requires agility—and nothing hampers your ability to keep pace with changes like poorly written and overcomplicated code.

Code that's been written without maintainability in mind takes time and effort (read: money) to amend, update and preserve, and generally slows the otherwise swift process of DevOps down.

Putting a focus on maintainability throughout the development process reduces the amount of technical debt accrued throughout the SDLC, optimising costs and freeing up developers to work on creating new features rather than fighting fires.

The best practice for maintainability? Code reviews

There are many best practices you can implement to improve the maintainability of your team's code. Good source code management, for example, is vital for making sure everyone on the team has access to the codebase so that they can propose changes, and reuse code to speed up the development process.

But the most effective tip for ensuring code maintainability is also the simplest: code reviews.

A humble but effective way to review code for errors, inconsistencies and overall quality, code reviews can be carried out by another member of the team or shared around a group of colleagues to get additional pairs of eyes on the code. Like many DevOps practices, parts of the code review process can be automated.

A robust review should examine the code across several key areas, including:

• Functionality - does it do what the end user requires it to do? How does it perform?
• Design - is it logical and well-structured? Can it be easily modified with minimal disruption?
• Style - does it adhere to any style guidelines that your team or organisation has?
• Complexity - is there a simpler way to achieve the goal of the code?
• Naming - are naming conventions used consistent, descriptive and understandable to others?
• Testing - are tests appropriate, comprehensible, and cover all code?

Not only does reviewing code against these pillars reduce bugs and support better code, but this practice is also great for disseminating knowledge between team members, sharing best practices, and improving collaboration.

Incorporating code reviews into your DevOps pipeline

If you're thinking about implementing code reviews or want to improve the review process you have in place currently, there are a few steps you can take.

Establish best practices (and share them)

Failure to establish coding standards and guidelines will wreck your code review process before it starts.

Start your process implementation by establishing best practices for code development and management, like refactoring, automated testing, and CI/CD. Document everything so that practices are consistent and accessible, ensuring everyone is on the same page. (A code review checklist wouldn't go amiss while everyone is settling into the process.)

Once these processes have been nailed down, communicate them. Provide training for all on your DevOps team about why you're implementing code reviews, what the procedure is, and what to look for.

Consistency is key here. Establish, if not a schedule, then at least expectations around when code reviews should be conducted. Reviews and refactoring should be carried out regularly to be most effective at catching any potentially costly errors, and generally adhering to the "little and often" ethos of DevOps.

Invest in tools

Give your team the best chance of success with code reviews by implementing tools that help maintain code quality. These can include tools for static code analysis, code coverage analysis, and tracking of code metrics.

Code maintainability is a capability that requires organisation-wide coordination since it relies on being able to search, reuse, and change other teams' code. But when working in large organisations or with sizable code bases, managing dependencies can become a challenge.

Consistent tooling helps avoid problems with dependencies and flags the potential consequences of code changes. This in turn will improve design decision-making for all engineers, and boost code quality to create more stable, reliable software.

Automate where possible

Don't overlook the importance of automated testing and code coverage analysis. You can simplify (and speed up) code reviews while upholding quality by automating the more tedious, time-consuming stages.

You certainly don't want to waste valuable time or demoralise your reviewers by having them to do tasks that could be done just as effectively through automation. Things like notifying team members when a code review is due, branch coverage, and compliance with your pre-agreed tech stack can and should be left to the automated routines.

Make approval part of the deployment process

If you've already implemented continuous integration, continuous delivery, and/or continuous deployment, that doesn't mean you can't still conduct manual code reviews during that process.

Build a code review step into your automated production deployment process so that you can be sure all code generated for deployment has been checked for quality and maintainability before it goes out into the world. This will improve your overall code maintainability and reduce the need to address errors and bugs further down the line.

Vitali Pozniak is principal DevOps consultant at RiverSafe