4 Problems you might have doing open source in your company and how to solve them

North Bridge and Black Duck published last January their 2016 Future of Open Source Survey Results with a lot of interesting conclusions. Maybe the biggest one it’s that Open Source continue gaining force inside the IT business, but its management is chaotic because the lack of  process.

Most common problems related on the survey were:

  • Nearly 50% of companies have not formal policy and process for selecting and approving open source code.
  • One of the major problems of that is security. 47% don’t have a formal process in place to track the code and only 19% of vulnerabilities are detected and fixed automatically.
  • Nearly 1/3 has no process for identifying tracking or solving known open source vulnerabilities.
  • Over 1/2 companies has no responsible to identify and tracking remediation.

Software development as processes you can track

Software development is a process that you can track to have entire visibility of what is being done in a project or the contribution of each team player.

When measuring software development in your company, there are three main purposes to use metrics: check on going work, lead process improvement and motivational aspects.

  • Check on going work: this helps to understand where the development is right now. To be aware of the status helps to understand how fast things are changing when a new process is in the pipeline.
  • Lead process improvement: From a hierarchical way to a flatter way of working, software development needs indicators to help to determine if that process improvement is properly working. And if this is not working, then using another approach or apply other policies.
  • Motivational aspects: metrics can help you to improve meritocracy and transparency in your organization. Metrics will let developers know where they are and how their process is working, but also to have some fun within the work and competitions through challenges, hackathons and other measurable activities that lead to a more community-oriented organizations.

How do we track inner source software projects?

We’ve been developing metrics dashboards and consultancy for 5 years for open source projects. We’ve worked for companies such Red Hat or the Linux Foundation and our work with them is always focus on target and measure their goals.

We use Goal-Question-Metric Approach to establish with our clients which metrics are relevant to track the goals they have set up over the process, the code and the motivational aspects.

When analyzing software development projects, there are several areas that can be analyzed. Traditional analysis are focused on code metrics (code quality analysis), while the activity, community and processes are also key components to take into account. We use tools such Grimoire Lab to track different sources of activity around a project.

We are able to track:

  • Activity: this component focuses on the basics. Any developer when interacting with the infrastructure of the organization leaves traces of activity. From commits to emails, from tickets activity to code review actions. Measuring activity means quantifying the basic traces left by the developers. And when this information is aggregated and calculated over time, it is possible to obtain trends about this type of information.
  • Community: people are key when talking about open source and contribution so we need to measure how people interact with other contributors. Although this is again measured through the traces left by the developers, the analysis proposed are pretty focused on the people and how they build their own social networks. As each developer has her own interests, it is necessary to understand how developers are attracted and retained in a project. What policies are more successful than others when attracting those and who are leaders in the software development process.
  • Process: Process can be defined as the bureaucracy followed by the developers to write a piece of code. When you´re inner sourcing, that is, doing open source styled development at your company, process is quite similar to open source communities where code style, documentation, code review process, continuous integration, design meetings are part of this process. The main difference here is how developers directly interact with other developers, even being from different business units, even been far away geographically. That interaction is the one we need to polish and improve if we want to increase the quality and velocity of the development process.
  • Code: this aspect of the analysis is probably a well known one and there are several tools to do it. Grimoire Lab is focus on the 3 previous aspects. There are usual metrics that determine the complexity of the code, modularity, test coverage, documentation coverage, and others. What we have when measuring this type of metrics is that we can control where our inner source method is leading those metrics. Increases in the code complexity or less test coverage may indicate unexpected behaviors that should be fixed and controlled.

Online dashboards for monitoring

We offer our clients online dashboards with the metrics we’ve established on a consultancy previous process.

With those, we will be able to have almost real time metrics of the code contributions by channel, time lapse to fix an issue, main contributors on code and on mail lists with the time dimension you chose.

Here you have an example from OPNFV project from Linux Foundation. Please, visit it and grab the metrics you want by yourself.

Open Source Software dashboard for tracking

Open source software dashboard for tracking

 

Our book to learn and to start managing inner source projects

We are writing an open book about how to manage inner source at your company.

We can help you with our metric and dashboards. But, In the meanwhile, please, take a sit and enjoy the lecture and if you are going to OSCON, don’t miss our talk there: Are you succeeding when InnerSourcing? Defining a metrics strategy!!!

Key aspects when inner-sourcing your infrastructure

Not everything in inner source is about community building [but a big portion!] and the infrastructure is basic to foster collaboration, transparency and community building.

This post is about aspects to have in mind when deploying the tooling needed to provide support to developers within the organization and across business units.

There is a more extended version of this infrastructure topic in the work-in-progress book about inner source: Managing Inner Source Projects that we, in Bitergia, are writing. Specifically in the infrastructure chapter. This is available under a CC-BY-SA 4.0 license and anyone is more than welcome to propose new sections, improve the current ones and collaborate in any way. Please feel free to redistribute!

Continue reading

Is your company ready for Inner Source?

In past posts, we talked about Inner Source and the benefits for your organization. Some large organizations, such Paypal or Zalando started their own process to approach Inner Source; we can say without a doubt that each of them has taken their own path, because Inner Source is more related to a philosophy or enterprise culture than to a process or static methodology defining it.The cathedral and the bazar

During last LibreCon we have been sharing some insights about it during our
Inner Sourcing and Software Development Analytics
talk, and next months we are going to collaborate with some companies in their inner source approach. So it seems the right momentum to start a set of posts about “Inner Source”, doesn’t it?

Continue reading

InnerSourcing: the development model of the future?

Inner Source (or Inner Sourcing) is a term coined by Tim O’Reilly in 2001 that referenced to the, “use of open source techniques within the corporation”.

Although more that 25% of the deployee code in the most influential IT companies was Open Source in 2015, IT departments didn’t show much interest in collaboration or innovation process. (Gartner, 2015).

But recently there are so many mainstream IT firms that are allocating resources to Open Source contributions, not only for the benefits of the code, but the benefits of the methodology brought to the organization such as collaborations, innovation and quality control.

inner_source_graphic

Inner Source takes the lessons learned from developing Open Source software and applies them to the processes that companies follow to develop software internally.

Innersourcing’s benefits for the company

Continue reading