Gerrit Code Review

Tips and Tricks for Developers

But What is Gerrit?!

Gerrit is a web based code review system, facilitating online code reviews for projects using the Git version control system.

Gerrit makes reviews easier by showing changes in a side-by-side display, and allowing inline comments to be added by any reviewer.

Gerrit simplifies Git based project maintainership by permitting any authorized user to submit changes to the master Git repository, rather than requiring all approved changes to be merged in by hand by the project maintainer. This functionality enables a more centralized usage of Git.

- http://code.google.com/p/gerrit/

Who uses it?

For one, Gerrit itself, but that is a bit meta :P

Who uses it in Catalyst?

As the wiki sees it

So... Why should I use it?

  • Code review is good mmmmk.
  • Improves code quality
  • Encourages discussion and collaboration
  • Easy to merge upstream
  • Links to tools such as issue tracker, ..., etc
  • View history of a single patch
  • Allow for patch dependencies

How does it all work?

  • Code monkey do work
  • git commit # we have a special hook that inserts a Change-Id tag in header
  • git push gerrit HEAD:refs/for/master
    # Note, not refs/heads/master
  • Reviewer comes along, checks gerrit website.
        "ohnoes!! there is problem, I make comment and -1, BAD MONKEY!!"
  • Code monkey sad :(, Code monkey makes changes
  • git commit --amend
    # I know, I know, rewriting history = bad, but gerrit keeps history ;-)
  • git push gerrit HEAD:refs/for/master
  • Review comes along, checks the same change.
        "GOOD MONKEY, I PUSH CHANGE, KTHXBYE"
  • Code monkey smile :-)

Can you do security patches with it?

Yes.

Push to ref space refs/drafts/master instead, then assign security reviewers group

Some additional setup needs to be done with access control so that Joe Bloggs can't see that on the git level

You won't be able to do +1,-1 etc, but can do comments, and can provide multiple patch sets for that draft change

When releasing, just publish that change, and push it

What is this about access control?

You can define different groups of users

Basically every control you can do with gerrit can be limited to a select few

Documentation, HAHAHA, contribute and make code monkey happy, or troll through lots of Java

Most of the time, you can use a standard setup, ie allow most to only +1, a few to +2, a few to manage releases etc

Note, there is actually quite a bit of documentation, it just doesn't have some stuff

But how does it link to existing technologies?

You can reduce push rights to an existing git repo to only allow gerrit to push to it, and gerrit can be set up to do that for you on a merge

You can write hooks to do all sorts of things, like link to and update bug trackers, run through a CI tool, notify users when something happens

You name it, someone has probably written a plugin for it, if not, contribute and make code monkey happy

Questions? Live Demo?

THE END

BY Hugh Davenport <hugh@catalyst.net.nz>