Interested in finding out how you guys approach code ownership in your respective workplaces. This could mean for sources, feature areas and bug routing. What do you like and dislike about your current process?
- Ownership is only the point person of knowlage/direction/insights
- Anyone can work on the code "owned" by someone else
- Idealy the writer fixes their own bugs and does their own refactoring (for speed and learning reasons) but that should NEVER obstruct delivery of a feature or value add to the company.
The moment a team starts pointing fingers for issues or starts building moats around "their" code then you have a toxic environment.
> - Ownership is only the point person of knowlage/direction/insights
this is such a key factor to preventing the toxic attitudes that can develop, imo.
At the end of the day, everyone who touches the code base is "responsible" for keeping the machine running.
Any team that favors blaming/shaming for bad code should be avoided at all costs. The mindset should be "what is wrong? How do we fix it? How do we prevent it in the future?" At no point should "who did this?" enter the equation, unless they are harboring some secret fix that no one else knows about (and this just points to other deficiencies in the process).
I do believe in giving people responsibility for an area/concern/system of code. It gives them a sense of responsibility and and encourages them to do good work. It allows some creativity and style. I limits turn-over. I agree with totally however.
It's usually a bad idea to have code "owners". Yes, sometimes someone will know the most about a specific piece of code if either they wrote it or worked on it a lot. Sometimes people will not want to touch a piece of code.
My rule is that once you submit the code for review and it passes and gets merged everybody owns the code. Everybody.
The person who is modifying the code has the responsibility
to identify the best reviewers (by looking at history, chatting with others, etc) to ensure high quality and understanding.
Some people have claimed that in my organization. I think that can work for library code, and particularly libraries that are used in many different places.
But once you're talking about a service, or code that is only used by one service, then you need to have an owner (or a team of owners). If you still think there's no owner, then ask yourself who is going to get woken up at 2AM when it breaks, and that's your owner.
That's the beauty of code review, it gets also checked for maintainability and whether it's a code style everybody accepts. It's also possible without code review but that requires much more things to be in place.
Nothing is more frustrating than a single person pushing code that the other devs don't agree on and do have to fix/maintain actually.
We care a lot about "ownership" in our teams. In fact, its one of our core values. But I don't think we define it the way you mean here. To us, it means putting care, professionalism, and follow-through into the feature or release you're working on (as others have mentioned). Did you put thought into your design and seek feedback before you started coding? Did you confirm your assumptions about how things work now? Did you write/update tests? Did you write/update documentation? After release/deployment to production, did you verify acceptance criteria and monitor performance?
That's what we mean when we say "ownership".
Your question implies a single person owning a specific feature or system component ad infinitum. That's generally a bad idea. Yes, some people will naturally have more experience/expertise in some areas. Yes, those people should be called to review PRs/releases in those areas. But your long-term goal should be to increase your bus factor[1] and spread knowledge. It is a win-win: it improves velocity and reduces risk for your org, while also giving your engineers a chance to learn and grow professionally.
Long-term silos of ownership shouldn't be your goal.
In my experience with several big organizations (20,000+ employees), they tend to have a home-grown application to track ownership of resources (assets) - including source code (repositories), and servers, databases, scheduled jobs (in autosys or suchlike).
Generally each of these entities is grouped into some bucket for an application / "system" / business area, and then that bucket has a few owners assigned, and also other non-ownership roles assigned (developer role can check in code to those repos, prod support role can log into the servers owned by the bucket, etc).
It's generally heavily integrated with an LDAP directory, HR system to handle joiners and leavers, and also change management (Developers can only ssh to a production host during the change window of a change for that bucket).
These home-grown apps are generally old and clunky (written for IE6, with piecemeal improvements since then, that kind of thing), but hard to replace because they're integrated with so many other applications.
I tend to think that this would be a good opportunity for some (startup) to do a great job of this as an off-the-shelf product, with good integrations with Linux + Windows authentication, an API, nice web app, etc - it would be very easy to do better than the in-house systems filling this niche.
The office I work in has five development teams that cover different aspects of our service (provisioning from our customers, core product on Android, the UI for the Android code, servers, and call processing [1]). Each team has ownership of their respective products and how things are divided up are left to the teams themselves.
The team I'm on has three developers (I'm one of them) and for our team, we just kind of fell into ownership of different aspects. I deal with the programs that are customer facing (CDMA and SIP interfaces); the second developer deals with the business logic (a separate program) and the third deals with SMPP (also customer facing, but not as critical as the CDMA and SIP interfaces). And it's not like we (my team) are fiercely protecting our turf (each of our programs)---I have worked on both the business logic and SMPP service, but generally, each of us just gravitated to what we find enjoyable.
I do not know how the other teams divide their work.
Bug reporting is pretty each to route as each portion of our service is clearly delineated (with the possible exception of the Android core and UI teams).
As far as features go, it depends upon the feature. Yes, there are some features that affect all the teams (such as number to name translation---have to provision that, deal with obtaining the info during call processing and having the phone receive and display such information) and some that only affect one department (like supporting SIP---largely my team).
In our case, teams don't own projects/code-bases, they own "features" and "releases".
About 67% of our code is some form of Ruby - some of it Rails, some of it custom Ruby code running in Kubernetes+Docker processing data.
The other 33% of our code is Rust - and not just service side code but Rust that has to run on multiple platforms with varying deep operating systems knowledge.
My team generally owns Features and Releases related to the Rust code because two of the three members are OS programmers by experience. That said, we don't exclusively work on the Rust code and sometimes wander into the Ruby code base.
Similarly, other teams occasionally need to update the Rust code to generate some new data - a lot of that is pretty basic stuff and doesn't require deep OS knowledge. So they'll make changes there.
Since our stack is so heterogenous, it's hard to have everyone work on everything. However, from what I know of most companies outside Apple/MSFT/Google/etc, they're gonna fall in the "we own web services" where the only real bifurcation will be "frontend code" and then "middle-to-backend code". Maybe throw in some apps as well.
=========
Now all of that said - the reason we went to teams owning "features" and "releases" was to push folks to not be possessive of code. Stuff changes and it changes quickly, so there's not much use trying to isolate folks. Document gratuitously, test heavily, and refactor often.
I like the idea of owning features and releases. This lets the team to assign a responsible person for documenting and demoing the new feature or release.
How do you respond to emergencies when your people don't own projects or code bases? Who gets woken up at midnight? The person responsible for the latest release? Wouldn't that discourage people from deploying new releases?
At my current workplace, most top-level subdirectories in the source tree have a primary author. That person is (nominally) "owner" of that code. If they aren't the one making changes, they're almost always at least the one doing the code review.
Bugs by default get routed to the person who wrote the code (presuming that we can tell which code the bug is in). If that person finds out the bug is somewhere else, the bug gets transferred to a new owner.
> Bugs by default get routed to the person who wrote the code...
That was the root of some very toxic teams I've seen. Because it built a lack of shared ownership as a team, it inspired competition instead of cooperation, and people would just ignore problems because "it wasn't my code".
Admittedly, that is a problem with the leadership that took the team to that place, but I'd be interested in hearing counter-examples of how to avoid such pitfalls.
Ideally you want to restrict changes to the owners (I don’t mean hard limits)
So instead of having a team responsible for a part of code, they are responsible for the product. So if a new integration is needed, the owner is a service provider and should provide the interface or service for their client. That is fairly easy to setup with Microservices. However, that is a bit harder in a monolithic application code base.
In my workplace, we use the above model for almost everything. And there is one old code base where we use Github code ownership feature to force everyone to ask for a code review from owners. But even there, it doesn’t happen very often that people from different domain need to touch a code of another domain.
And that is the second point as well. Dividing responsibilities base on domains instead of components/modules between teams make it easier as most of the time they are not going to touch a code outside their own domain.
I work for a large global company, and my department is building a fairly large Angular application. My team "owns" the primary project and several shared component libraries, and other teams build features for this project.
These teams are from all over the world, and many of us have never worked closely before this project began.
When we first started the project, we decided to split the UI into feature projects which are packaged and referenced in the common project. Each team owns their own feature projects; however, everyone is welcome to contribute PRs to any of the projects.
Some of our projects are shared and maintained by many teams, but we always have one team that owns each project.
By trusting the people working here. Anyone can commit anywhere, so long as they get a reviewer. We ask the reviewer to punt to someone better qualified if they're not sure how to best proceed.
I, too, am curious about this especially if your repository has started to become a mono-repo. My team has started owning most of the code reviews as more teams get added and contribute to their sections of the code base but it gets pretty hectic. It's not as simple as assigning certain folders as a group because lots of things are intertwined.
We struggle with this question where I work and there is some toxicity.
I've been wondering if you could add a comment to the top of files to indicate ownership (//owners:someTeam, someGuy). Then your CI could parse the modified files and require a review from a team and/or send a notification to said user.
sure everyone “owns” the code, but I think having at least two people be the true owners and have full understanding of a module so they can debate details/direction, then everyone else floats around them contributing. I always imagine this as an ideal setup
I also enjoy the slight irony of advocating grammatical accuracy in a thread that uses the word "owns" to indicate "is responsible for maintainance, failure and modification", or what the top poster defined it as, or some other meaning that's definably not ownership ;-)
[+] [-] mharroun|7 years ago|reply
- Ownership is only the point person of knowlage/direction/insights
- Anyone can work on the code "owned" by someone else
- Idealy the writer fixes their own bugs and does their own refactoring (for speed and learning reasons) but that should NEVER obstruct delivery of a feature or value add to the company.
The moment a team starts pointing fingers for issues or starts building moats around "their" code then you have a toxic environment.
[+] [-] protonimitate|7 years ago|reply
this is such a key factor to preventing the toxic attitudes that can develop, imo.
At the end of the day, everyone who touches the code base is "responsible" for keeping the machine running.
Any team that favors blaming/shaming for bad code should be avoided at all costs. The mindset should be "what is wrong? How do we fix it? How do we prevent it in the future?" At no point should "who did this?" enter the equation, unless they are harboring some secret fix that no one else knows about (and this just points to other deficiencies in the process).
[+] [-] scarface74|7 years ago|reply
I have just the opposite problem. No one else wants to add features to code that I wrote because they don’t want to ramp up.
This isn’t difficult to understand code - some of it is less than a 30 line Python AWS Lambda function.
The process is documented in the repo in the readme.
[+] [-] externalreality|7 years ago|reply
[+] [-] mirceal|7 years ago|reply
My rule is that once you submit the code for review and it passes and gets merged everybody owns the code. Everybody.
The person who is modifying the code has the responsibility to identify the best reviewers (by looking at history, chatting with others, etc) to ensure high quality and understanding.
[+] [-] breischl|7 years ago|reply
But once you're talking about a service, or code that is only used by one service, then you need to have an owner (or a team of owners). If you still think there's no owner, then ask yourself who is going to get woken up at 2AM when it breaks, and that's your owner.
[+] [-] blablabla123|7 years ago|reply
Nothing is more frustrating than a single person pushing code that the other devs don't agree on and do have to fix/maintain actually.
[+] [-] xsmasher|7 years ago|reply
[+] [-] callmeed|7 years ago|reply
That's what we mean when we say "ownership".
Your question implies a single person owning a specific feature or system component ad infinitum. That's generally a bad idea. Yes, some people will naturally have more experience/expertise in some areas. Yes, those people should be called to review PRs/releases in those areas. But your long-term goal should be to increase your bus factor[1] and spread knowledge. It is a win-win: it improves velocity and reduces risk for your org, while also giving your engineers a chance to learn and grow professionally.
Long-term silos of ownership shouldn't be your goal.
[1] https://en.wikipedia.org/wiki/Bus_factor
[+] [-] tacostakohashi|7 years ago|reply
Generally each of these entities is grouped into some bucket for an application / "system" / business area, and then that bucket has a few owners assigned, and also other non-ownership roles assigned (developer role can check in code to those repos, prod support role can log into the servers owned by the bucket, etc).
It's generally heavily integrated with an LDAP directory, HR system to handle joiners and leavers, and also change management (Developers can only ssh to a production host during the change window of a change for that bucket).
These home-grown apps are generally old and clunky (written for IE6, with piecemeal improvements since then, that kind of thing), but hard to replace because they're integrated with so many other applications.
I tend to think that this would be a good opportunity for some (startup) to do a great job of this as an off-the-shelf product, with good integrations with Linux + Windows authentication, an API, nice web app, etc - it would be very easy to do better than the in-house systems filling this niche.
[+] [-] catchmeifyoucan|7 years ago|reply
[+] [-] HeWhoLurksLate|7 years ago|reply
[+] [-] spc476|7 years ago|reply
The team I'm on has three developers (I'm one of them) and for our team, we just kind of fell into ownership of different aspects. I deal with the programs that are customer facing (CDMA and SIP interfaces); the second developer deals with the business logic (a separate program) and the third deals with SMPP (also customer facing, but not as critical as the CDMA and SIP interfaces). And it's not like we (my team) are fiercely protecting our turf (each of our programs)---I have worked on both the business logic and SMPP service, but generally, each of us just gravitated to what we find enjoyable.
I do not know how the other teams divide their work.
Bug reporting is pretty each to route as each portion of our service is clearly delineated (with the possible exception of the Android core and UI teams).
As far as features go, it depends upon the feature. Yes, there are some features that affect all the teams (such as number to name translation---have to provision that, deal with obtaining the info during call processing and having the phone receive and display such information) and some that only affect one department (like supporting SIP---largely my team).
[1] I work in the call processing side of things.
[+] [-] rufius|7 years ago|reply
About 67% of our code is some form of Ruby - some of it Rails, some of it custom Ruby code running in Kubernetes+Docker processing data.
The other 33% of our code is Rust - and not just service side code but Rust that has to run on multiple platforms with varying deep operating systems knowledge.
My team generally owns Features and Releases related to the Rust code because two of the three members are OS programmers by experience. That said, we don't exclusively work on the Rust code and sometimes wander into the Ruby code base.
Similarly, other teams occasionally need to update the Rust code to generate some new data - a lot of that is pretty basic stuff and doesn't require deep OS knowledge. So they'll make changes there.
Since our stack is so heterogenous, it's hard to have everyone work on everything. However, from what I know of most companies outside Apple/MSFT/Google/etc, they're gonna fall in the "we own web services" where the only real bifurcation will be "frontend code" and then "middle-to-backend code". Maybe throw in some apps as well.
=========
Now all of that said - the reason we went to teams owning "features" and "releases" was to push folks to not be possessive of code. Stuff changes and it changes quickly, so there's not much use trying to isolate folks. Document gratuitously, test heavily, and refactor often.
[+] [-] snidane|7 years ago|reply
How do you respond to emergencies when your people don't own projects or code bases? Who gets woken up at midnight? The person responsible for the latest release? Wouldn't that discourage people from deploying new releases?
[+] [-] AnimalMuppet|7 years ago|reply
Bugs by default get routed to the person who wrote the code (presuming that we can tell which code the bug is in). If that person finds out the bug is somewhere else, the bug gets transferred to a new owner.
[+] [-] codingdave|7 years ago|reply
That was the root of some very toxic teams I've seen. Because it built a lack of shared ownership as a team, it inspired competition instead of cooperation, and people would just ignore problems because "it wasn't my code".
Admittedly, that is a problem with the leadership that took the team to that place, but I'd be interested in hearing counter-examples of how to avoid such pitfalls.
[+] [-] catchmeifyoucan|7 years ago|reply
What if that person leaves the company? Can that information get old.
[+] [-] Hamuko|7 years ago|reply
Helps to document things, so you at least have something to throw at people when they come asking.
[+] [-] stunt|7 years ago|reply
In my workplace, we use the above model for almost everything. And there is one old code base where we use Github code ownership feature to force everyone to ask for a code review from owners. But even there, it doesn’t happen very often that people from different domain need to touch a code of another domain.
And that is the second point as well. Dividing responsibilities base on domains instead of components/modules between teams make it easier as most of the time they are not going to touch a code outside their own domain.
[+] [-] om3n|7 years ago|reply
These teams are from all over the world, and many of us have never worked closely before this project began.
When we first started the project, we decided to split the UI into feature projects which are packaged and referenced in the common project. Each team owns their own feature projects; however, everyone is welcome to contribute PRs to any of the projects.
Some of our projects are shared and maintained by many teams, but we always have one team that owns each project.
[+] [-] ori_b|7 years ago|reply
[+] [-] dkaranth|7 years ago|reply
https://www.softwareyoga.com/individual-code-ownership https://www.softwareyoga.com/collective-code-ownership
[+] [-] augbog|7 years ago|reply
[+] [-] elpakal|7 years ago|reply
I've been wondering if you could add a comment to the top of files to indicate ownership (//owners:someTeam, someGuy). Then your CI could parse the modified files and require a review from a team and/or send a notification to said user.
[+] [-] gwbas1c|7 years ago|reply
[+] [-] unknown|7 years ago|reply
[deleted]
[+] [-] neko_ranger|7 years ago|reply
[+] [-] gcb0|7 years ago|reply
hum.. person left.
recode my way around that code so the new feature works and I'm not tagged as the owner by future git blames.
/sarcasm. I think.
[+] [-] jgrahamc|7 years ago|reply
2. Code is owned by teams of people and not individuals.
[+] [-] NickBusey|7 years ago|reply
The definition of "folks" is "people in general"
I'm not sure what point you are trying to make here.
[+] [-] drewmol|7 years ago|reply
I also enjoy the slight irony of advocating grammatical accuracy in a thread that uses the word "owns" to indicate "is responsible for maintainance, failure and modification", or what the top poster defined it as, or some other meaning that's definably not ownership ;-)
[+] [-] ryantuck|7 years ago|reply