gerrit code review

Main sponsor

GerritLuca Milanesio

Copyright © 2012 – LMIT Softwarereview.GerritForge™.com

Who’s that guy ?

Luca MilanesioLMIT Software / GerritForge LLP

• Jenkins contributor and founder

of JenkinsMobi.com

• Git enthusiast since 2009

and innovator in large

enterprises

• Gerrit contributor since

2011


Agenda

• Agile and the broken build dilemma• Can Git solve it ? • “Agile” workflow with Git• Gerrit: the smart way• Just about code-review ?• Let’s play with Gerrit live !


Agile and continuous integration

• Who is using CI ? … raise your hand !!!!

• Good or bad ?

• Why ?


Continuous Integration is GOOD

• Live “weather forecast” of the project• Detect and resolve conflicts earlier• Bring TDD to life• Enforce collective code ownership• … and much more


Breaking the build id BAD !

• All devs gets tests broken• Build stops • Test are NOT executed

… all team goes at “DEFCON1” to fix it ASAP !!


Broken build dilemma: how to avoid it ?

1. Do not PUSH until you’re 100% sure of GREEN bar

2. Create multiple personal CI builds and validate builds before PUSH

3. Install a “Jenkins Build Game” plug-in and get free beers

… DO ANY OF THEM REALLY WORK ?


Git … can you help out ?

Git short story: the anti-Subversion• Apr 2005 – Linus writes PERL scripts for Linux Kernel SCM• Jul 2005 … Git 0.99 is out !

Git principles:• Continuous branching / merging / rebasing /

stashing• Distributed repositories• Distributed patch distribution• Early integration

(before breaking the CI)


Git topic-branches workflow

A1 A2

topic1

topic2

masterA3

B4 B5

C2 C3 C4

Agile workflow – one topic branch per story• Keep on branch whilst RED / AMBER bar• Continuous rebase on master• Merge on GREEN bar


Problem resolved ?

• Let’s use Git then ?“My repo is the master” “Git is all about peer-to-peer dev” “Who has reverted my commits ? … !$@#!$!”

• Git doesn’t enforce any policyPeer-to-peer development allowedDictatorship or anarchy of changes are both

allowed

… is there a “better Git” out there ?


Gerrit, brief history

The idea: Guido Van Rossum Code-review for Perforce Porting to SVN and OpenSourced Python-based

2008 - Project fork for AOSP(Shawn Pearce / Joe Onorato)

Name changed to Gerrit Rietveld Based on Git Set of “patches” on original Guido’s

Rietveld project

2009 - Gerrit 2, the Java + GWT rewriting

(Shawn Pearce)

Google Mondrian

Rietveld

Gerrit Rietveld

gerrit


What is Gerrit today ?

• 100% pure Java SSH and HTTP Git backendPowered by JGit

• GWT Web-view administrationUsers and GroupsProject and branch securityGit repository browsing

• Git repository replication engine• Code collaboration and review• Code validation through Jenkins Triggers


Gerrit: high level workflow

A1 master

CI Build: OK



A1 master

A1

clone

localmaster

CI Build: OK



A1 master

A1

clone

C2local

master

CI Build: OK



A1

refs/for/master

master

C2

A1

clone

C2local

master

push

CI Build: OK



A1

refs/for/master

master

C2

A1

clone

C2local

master

push

Verified: -1(build failed)

CI Build: OK



A1

refs/for/master

master

C2 C2*

A1

clone

C2local

masterC2*

push


push

CI Build: OK



A1

refs/for/master

master

C2 C2*

A1

clone

C2local

masterC2*

push


push

Verified: +1(build OK)

CI Build: OK



A1

refs/for/master

master

C2 C2*

A1

clone

C2local

masterC2*

push


push


Reviewed: +2

CI Build: OK



A1

refs/for/master

master

C2 C2*

A1

clone

C2local

masterC2*

push


push


Reviewed: +2

CI Build: OK

C2*

CI Build: OK


Cool, isn’t it ?

• Gerrit allow “automatic” topic-branches• Triggers with Jenkins branch validation• Enforce collective code-ownership

People “interacts” with the code changesDiscussion on style and architectureDemocratic voting (+1 / -1)

• Project historyReason behind changes is recorded in code-

review


See Gerrit “live” in action


1. Set-up

• Option-A: download and install1. Download from

http://code.google.com/p/gerrit/downloads/list2. Gerrit install wizard:

java –jar gerrit-2.2.2.1.war init -d ~/gerrit

3. Run Gerrit:~/gerrit/bin/gerrit.sh start

• Option-B: Gerrit as hosted serviceAssembla.com (free for OpenSorce projects)GitEnterprise.com (free up to 10 users)

http://code.google.com/p/gerrit/downloads/list

http://code.google.com/p/gerrit/downloads/list


2. Create user and add SSH keys

• Option-A: not easy Gerrit doesn’t support a “local user registry”Options: LDAP or OpenID

• Option-B: use the provider user registrationAssembla:

https://www.assembla.com/signupGitEnterprise:

https://gitent-scm.com/signup

https://www.assembla.com/signup







3. Talk to Gerrit via SSH

• Gerrit SSH console Listen at 29418 port Not a real SSH server (just Gerrit listening)


4. Create a Gerrit project

• Gerrit Project is: Git repository (use “path notation” to organise projects) Access permissions Code-review and change-sets

• Option-A: use Gerrit SSH command$ ssh -p 29418 lmilanesio@localhost gerrit create-project lmit/33degree

• Option-B: user the provider-specific page Assembla: N/A (only 1 project associated to your “space”) GitEnterprise:

https://gitent-scm.com/newrepo






5. Clone repo from Gerrit• Git SSH repository URL is:

ssh://<user>@<host>:29418/<Gerrit project>.git

• Gerrit supports HTTP or HTTP/S repository URL:http://<Gerrit URL>/p/<Gerrit project>.git

NOTE: For HTTP authentication, put your credentials on ~/.netrc filemachine <hostname> login <username> password <password>


6. Gerrit Change-Id

• SHA-1 GUID of a change-set under review• MUST be last line of commit msg

Hint: install Gerrit post-commit hook for auto-generating Change-Id after each Git commit

Now all Git commit will auto-generate a Change-Id !


7. Submit a change for review

• Change for review committed locally• Push to refs/for/<branch> for submitting local

Git changes for review on <branch>


8. Verify change against CI


9. Additional patch-set to Change-Id

• Fix the problem locally• Amend the commit (same Change-Id)• Push again to refs/for/<branch> for adding one

extra change-set


10. Change-Id is validated against CI

• Request code-review


11. Review and comment changes


12. Review merge and submit change

• One or more reviewers can “vote” for the change

• Authorised users can then “Submit” the change.

• Change is automatically merged to master


13. Master build is triggered … SUCCESS !!


… is just about code-review then ?

GitHub BitBucket Gitorious GerritSSH / HTTPS

Free public repo

Free private repo

Repo security

Branch security

Code review

Hooks / API

Replication

CI Integration

OpenSource / extensible

Issue-tracker integration


Credits and resources

• Many thanks toShawn Pearce, father of GerritIts contributors and Google Inc.

• Google Gerrit code-reviewhttp://code.google.com/p/gerrit/

• Assembla Gerrithttp://review.assembla.com

• GitEnterprisehttp://review.gitent-scm.com@gitenterprise

Slides available at http://www.slideshare.net/lucamilanesioFollow me: @lucamilanesio

http://www.google.com/

http://code.google.com/p/gerrit/

http://code.google.com/p/gerrit/

http://review.assembla.com/

http://review.gitent-scm.com/

http://review.gitent-scm.com/


BACKUP


Gerrit: just code-review then ?

• Git Security – GroupsDefine different “roles” in the projectSystem groups

• Anonymous users: use for public projects• Registered Users: all users• Administrators: to administer Gerrit• Project Owners: to administer projects• Non-interactive Users: for CI or batch

operationsGroups can be hierarchical (groups of

groups)


Define groups and members

Admin > Groups


Putting all together with projects

• Git Security: rights to projectsDefine access rights to Git operationsControl the Gerrit identity vs Git author /

committerDelegate project administrationAssign code-review voting range rightsDefine who can submit and merge

changesOrganise project rights hirarchically


Define project access rights per refspec

Admin > Projects > 33degree > Access


Assign access rights to Groups


… and Gerrit replication

Master gerrit

Remotegerrit or git

Remotegerrit or git

Git

pro

toco

l

Git

pro

toco

l

gerrit code review

Education

lmit software

git gerrit

high level workflowci

build failedc2 c2

gerrit rietveld

ok ci build

high level workflow

build failedbuild okc2