Enabling developer collaboration with pull requests in OCI DevOps code repositories

November 15, 2024 | 5 minute read
Saurabh Shah
Principal Product Manager
Text Size 100%:

We’re thrilled to announce the release of the new pull request features with the Oracle Cloud Infrastructure (OCI) DevOps Code Repository! This significant update introduces several critical developer collaboration features, including pull requests, repository forks, and repository insights. Whether you’re developing new application code, enhancing an existing application, or managing infrastructure-as-code (IaC) repositories, having a workflow that allows teams to review new code changes and enforce code quality controls through mandatory approvals is critical for all enterprise customers.

Code Repository updated features

With this set of feature-rich enhancements, customers can now centrally manage their repository configurations, perform efficient code reviews from the Console workflow, enforce compliance best practices through merge checks and code approval criteria, and automate continuous integration (CI) pipelines to trigger builds on new pull requests to help ensure a successful pipeline run before allowing a code merge. These capabilities are mission-critical for Oracle, with thousands of our developers using them to enable a better code development and collaboration experience. We’re excited to extend these benefits to all OCI customers, enabling a more integrated DevOps platform experience to store, develop, build, and deploy software applications using OCI-native developer tooling.

We’ve designed the pull request feature as an integral part of the DevOps service’s Code Repository, incorporating all major features expected in a modern developer collaboration platform. Recognizing that developers often face email overload, we’ve introduced personalized notifications, allowing each developer to customize their notification preferences. Unlike some other systems, DevOps admins can configure fine-grained access control measures that determine which user groups have access to specific DevOps resources and the actions these users can perform on them. For example, admins can configure granular policies that determine which user sub-group is allowed to merge pull requests in a project or repository. Admins can also protect critical code branches using the Branch Protection configuration that helps maintain code integrity and enforces compliance measures that require a pull request review before merging new code changes, promoting code quality and collaborative software development. Repository owners and managers can also gain detailed insights on pull request metrics to better analyze and plan their development activities.

This update enables customers with the following key use cases:

  • Seamless developer collaboration: Seamlessly collaborate on new code changes by raising a pull request and adding reviewers to provide feedback and approval. This process promotes teamwork and helps ensure code quality.
  • Mandatory code approvals: Promote better code quality by requiring mandatory code approvals from someone other than the pull request author. You can set a minimum number of approvals from designated reviewer groups before a pull request is allowed to merge, adding an extra layer of scrutiny to help ensure high-quality code and achieve corporate compliance best practices.
  • Automated build triggers: Set up automated triggers in DevOps to start a build pipeline whenever a pull request is created, updated, or merged. These triggers help ensure that every code change is tested immediately, improving reliability and reducing the toll of manually running or triggering the build process.
  • Enforcing successful builds: Enforce rules that allow a pull request to be merged only if the associated build pipelines have passed. This rule helps ensure that only stable, tested code gets integrated into the main code base, reducing the risk of introducing breakages with new code changes.
  • Build pipeline visibility: Easily view the status of pipeline runs related to your pull requests or commits in one place. This convenience saves time and reduces the hassle of switching between different tools to track progress.
  • Configuring permissible merge strategies: Enable one or more merge strategies, such as fast-forward only, squash, rebase, and merge, for your repository. Repository admins configure permissible merge strategies under the repository settings to help ensure consistency in merging code changes to a target branch.
  • Protecting important branches: Enforce branch protection measures on crucial code branches in your repository. This feature allows administrators to maintain the integrity of read-only branches and provide the stability of the code base by mandating developers to require a pull request review before merging new code changes.
  • Personalized email notifications: Configure your individual preferences at the project, repository, or pull request level to receive personalized updates relevant to your specific needs. You can choose to receive no updates, updates when you are mentioned, or all event updates that occur in the watched resource.
  • Repository forks: Create copies of a DevOps repository to work on new features or bug fixes without affecting the main code base. Later, you can submit pull requests from your forked repository to the original one, contributing your changes back to the project and facilitating collaborative development.
  • Repository insights: Visually analyze data in the form of insights by aggregating it at the repository or project level to help development teams analyze repository activity, track code contributions, and identify bottlenecks in the development process.

Let’s take a deeper look at some use cases.

Mandatory code approvals

You can configure Approval rules to help ensure that pull requests are reviewed by designated users defined by the repository admins. This process enables better code quality by having peers review and approve new code changes, thereby catching potential issues early in the development cycle. You can configure approval rules at the project or repository level. These rules are additive, and the system will help ensure that approvals rules defined at both the project and repository levels are enforced. For each level, you can configure one or more approval groups and define a minimum approval count for each group. Once these groups are defined, the system helps ensure that no new pull requests can be merged until the required number of approvals is received, as specified by the approval rules.

Merge check enforcement for minimum code approvals in Oracle Cloud Console.

 

Branch protection for important code branches

You can define branch protection rules to enforce restrictions on your critical code branches. By combining branch protection rules and DevOps Identity and Access Management (IAM) policies, you can protect code repositories from several risks, such as unwanted branch deletion, accidental commits to read-only branches, and direct push-commits to branches requiring pull request review and approval. This feature enables teams to collaborate on software development more securely, helping ensure that the code base’s quality and integrity are preserved throughout the development lifecycle.

Adding branch protection in the Oracle Cloud Console.

 

Pull request insights 

You can gain valuable insights into your code development activities using the repository insights feature in DevOps. This feature enables you to visualize your repository activity, code commit frequencies, pull request throughput and review times, and summaries of team member contributions. By capturing and evaluating this data, you can effectively analyze your code activity, identify process bottlenecks, and measure developer contributions across repositories within a project.

Repository insights for example pull requests.

Conclusion

These enhancements elevate your software development experience, helping ensure robust collaboration, stringent code quality, and streamlined workflows within the OCI DevOps platform.

For more information on these enhancements, see the following resources:

Saurabh Shah

Principal Product Manager


Previous Post

How OCI and VMware set new storage performance standards

Subha Shankar | 3 min read

Next Post


Exploring how SaaS Cloud Security performs penetration testing

David B. Cross | 9 min read
Oracle Chatbot
Disconnected