Community Blog Code Review - Alibaba DevOps Practice Guide Part 11

Code Review - Alibaba DevOps Practice Guide Part 11

Part 11 of this 27-part series explains code review and offers recommendations and tools to help.

This article is from Alibaba DevOps Practice Guide written by Alibaba Cloud Yunxiao Team

Code Review (CR) is a way for programmers to work in pairs and learn from each other. In the strict sense, CR can improve code quality, foster talent growth, and develop passions for technology.

First of all, code is an asset with liquidity. Generally, it takes about three to five years to maintain. During this process, the maintenance personnel may be replaced, or the code is referenced by other people. No one wants to maintain or reference lines of code that is messy Therefore, in addition to logic problems in programming, other problems in design, performance, security, and specifications can also be found through CR.

Secondly, CR is an opportunity for programmers to check each other’s code for errors and learn programming skills from each other. If core team members can participate in the daily architecture review, design review, and code review, they will help other’s R&D personnel grow, regardless of whether the R&D personnel is a new employee or an old employee in a bottleneck period. We expect that CR can enhance a team’s strengths. Meanwhile, CR involves interactive discussions on a specific issue or scenario between R&D engineers. Thus, it becomes the best way for engineers to improve their programming capabilities.

Finally, CR gradually becomes a developer culture of IT enterprises through the internal review practice of small teams. When an enterprise has a specific technical culture, it is crucial to help attract and develop talents.

Problems in the Conventional Review Process


As shown in the figure above, code review is divided into three phases: starting a review, review in progress, and ending a review.

  1. At the beginning of a review, the initiator needs to select several people who are most familiar with code changes from a large number of library members as reviewers, select working branches and target branches, fill in the review description, and start a review. A review notification is sent to the invited reviewers. A reviewer usually receives multiple review invitations. He needs to arrange his work and select the appropriate reviews to attend or conduct reviews within a fixed period. The reviewer clicks the review link to browse the code logic in sequence. For more complex nesting or call dependencies, the reviewer needs to go to the local IDE to view the internal logic and scope of impact.
  2. During the review process, reviewers will submit comments on multiple dimensions, such as vulnerability anomalies, code styles, performance defects, and duplicate lines of code. After receiving notifications for comments made on the code, the review initiator will re-examine the code, revise or reconstruct lines that contain errors, and resubmit and update the review request. This repeats until all errors are solved.
  3. After the review ends, the reviewer clicks the button to approve the code. If the source branch conflicts with the target branch, the review initiator needs to resolve the conflict and merge the code.

In summary, the conventional code review process has the following major problems:

  1. Review Request Creation Is Slow: The initiator has to select a branch, enter the description, select reviewers, and associate work items to create a review request.
  2. Large Investment in Workforce: The most conventional types of code review are pair programming and round-table review, which requires a larger workforce or longer work hours.
  3. Complex Content Review: Non-standard reviews involve too many change documents, disordered change versions, and mixed requirements, which makes the code hard to understand. In addition, reviewers feel starting the review process and associating the logic between files is hard, and they often forget the logic mentioned earlier since the content intervals are too long.
  4. Difficulty in Evaluating the Results of the Code Review: Managers often find it difficult to evaluate code reviews. They believe reviews are an important and positive process to promote code quality and team cooperation. However, whether team members can implement reviews and ensure the review quality instead of randomly completing the process is something that confuses managers. This is also what they need to know urgently. At the same time, managers want to know whether the investment in the review process can bring enough benefits.

Intelligent Code Review

Alibaba's Code Platform Team uses the intelligent process control methods to solve the problems in the conventional review process and improve the review efficiency, as shown in the following figure:


Specifically, the review process is optimized from the following aspects:

  1. The required information for creating a review request is filled in automatically after the review data in the code library is analyzed intelligently, improving the review request creation efficiency. The initiator can also quickly create a review request by using client commands.
  2. A variety of automatic code detection tools are provided to minimize the content for manual review. For example, Alibaba’s Java compliance tool can detect code that does not conform to code specifications and provide repair suggestions automatically.
  3. Reviews involving many files are split intelligently into several small reviews based on the file relevance. Reviewers are selected intelligently based on the review content and the workloads of current reviewers. This way, the review effectiveness can be improved by streamlining the review content, and cursory reviews can be avoided.
  4. Although the review is still manual, the whole process is digital, providing rich code report data to help managers manage and optimize the review process better. Then, managers can evaluate the positive effects brought by code review.

Reviewer Recommendation

Intelligent algorithms can recommend the most appropriate reviewers automatically. The automatic recommendation mechanism can reduce a large number of communication costs and quickly push the review process forward for large-sized applications and middle platform applications built across different teams.

Time Estimation

The reviewer can analyze how long it may take for the current review to be completed by submitting the data, helping reviewers arrange their workloads reasonably. In addition, if a reviewer has multiple code review invitations at the same time, they can prioritize the review tasks based on the estimated required time.

Review Tool git-repo

git-repo is a client-side tool developed by Alibaba that allows you to directly initiate a code review request from a client. A review request can be created quickly on the client and browsed on a web browser. git-repo does not change the use habits of Git users but provides extensions to git commands.

In the conventional code review work model, code contributors push code to individual/feature branches and initiate a merged request on a browser page. The whole process goes through multiple steps, and developers must switch among different tools. With git-repo, as long as a user has the read permission on the repository, the user can run commands in the local workspace to contribute code to the server in the form of merged requests.


Alibaba is promoting the code review culture from top to bottom, requiring every developer to be responsible for their code and be a code reviewer to help other colleagues control the quality of published code. If developers want to do a good job in a review, in addition to useful tools, they also need to pay attention to the following points:

  • Do a good job committing code, which means committing the code correctly: Writing a small commit means decoupling the problem; do one thing and do it well. One or more files can be modified in a commit. Up to dozens of lines can be modified at a time. Each commit should be a complete function, which may be used to modify a bug or complete the development of a small requirement.
  • Describe the Issue Clearly: The requirement background for the change, scope, and impact should be provided for the code review description. A clear review description can enable reviewers to understand the requirement background fully, start the review quickly, and reduce communication costs.
  • Take Full Use of Digital Metrics: Obtain the quality information of a team through data insights and strategically improve the team's technical capabilities.
0 0 0
Share on

Alibaba Cloud Community

629 posts | 113 followers

You may also like