LogoLogo
HomeAbout usSign up
  • Introduction
  • AttentionSet
    • AttentionSet Best Practices
    • How to View AttentionSet for Others
    • How to Manually Change Attention
    • AttentionSet Chrome extension
    • Attention reasons
    • AttentionSet Slack Home Page
  • Releases
    • Getting Started with Releases
    • Concepts for Releases
      • Terminology for Releases
      • Two-step delivery
      • Rollbacks
      • Cherry-picks
      • Dogfood, Canary and Rollout
      • Release notes
    • How-to Guides for Releases
      • How to Create a Release Project
      • How to Configure Environments
      • How to Create a Scheduled Release
      • Create Custom Workflow Parameters
      • How to Manage Cherry-Picks
      • How to Resolve a Cherry-Pick Failure
      • Working with your CI / CD
        • GitHub Actions workflow
        • Buildkite workflow
    • API Reference for Releases
  • FlexReview
    • Getting Started with FlexReview
    • How to Onboard a Large Org
    • Concepts for FlexReview
      • Read-Only Mode in FlexReview
      • Recursive Ownership in FlexReview
      • Reviewer suggestion and assignment
      • FlexReview Teams and SLO Management
      • Validation in FlexReview
    • How-to Guides for FlexReview
      • How to Get a Reviewer Suggestion
      • How to Exclude Reviewers
      • How to Set Up Team Rules
      • Whitelist Teams for Review Assignment
      • Troubleshoot Reviewer Assignment
      • PagerDuty Integration for Reviewers
      • How to Set Up FlexReview Validation
      • Recommended Slack Notification Settings
      • How to Exclude OOO Reviewers
    • FlexReview Reference
      • Configuration
      • Slash commands
      • Expert scoring algorithms
      • Slack Notifications
      • Out of Office User Exclusion
    • FlexReview Roadmap
  • MergeQueue
    • Getting Started with MergeQueue
    • Merge Rules
    • How-to Guides for MergeQueue
      • How to Configure Base Branches
      • How to Customize Required Checks
      • How to Set Up Fast-Forwarding
      • How to Set Up Pre-Queue Conditions
      • How to Queue / Dequeue via API
      • Pause / Unpause Queues via API
      • Slash Commands Using GitHub Comments
      • How to Customize Sticky Comments
      • Require an Aviator Status Check
      • Backport a PR
      • How to Configure ChangeSets
      • Custom Integrations
        • GitHub Integration
      • How to Create Personal Access Tokens
      • How to Set Up SAML Configuration
        • Microsoft Active Directory
      • How to Merge Stacked PRs
      • How to Block Pull Request Mergeing with Slash Commands
    • Concepts for MergeQueue
      • Queue Modes
      • Pull Request Lifecycle
      • Analytics
      • Parallel Mode
      • CI Status Requirements
      • MQ Created Branches
      • Batching
      • Managing flaky tests
      • Fast-forwarding
      • Pre-Queue Conditions
      • Sticky Comments
      • Backporting
      • Paused Queues
      • Affected Targets
        • Directory-Based Affected Targets
        • nx based affected targets
        • GitHub Actions based Affected Targets
      • ChangeSets
        • Global CI Validation
        • ChangeSets FAQs
      • Priority Merges
        • Instant Merges
      • Merge Rules Audit Trail
      • Timeline
      • Ready Hook
      • Reduce Queue Failures From Staleness
    • MergeQueue References
      • Configuration Schema
      • Configuration Reference MergeQueue
      • GitHub Slash Commands
      • Status Codes
  • Stacked PRs CLI
    • Quickstart for Stacked PRs CLI
    • CLI Installation
    • How-to Guides for Stacked PRs CLI
      • How to Create Stacked PRs in CLI
      • How to Navigate & Modify Stacked PRs
      • Add Commits in the Stack
      • How Split a Commit in CLI
      • How to Split and Fold Pull Requests
      • How to Rename a Branch in CLI
      • How to Adopt a Branch in CLI
      • Orphan a Branch with Aviator CLI
      • How to Do Git Subcommand Aliasing
      • How to Create an Access Token
      • How to Set Up Auto Completion in CLI
      • How to Use Editor Plugins in CLI
    • Concepts for StackedPRs CLI
    • How to Rebase and Sync with GitHub
    • Configuration for StackedPRs CLI
    • Stacked PRs FAQs and Troubleshooting
      • Working with Aviator CLI
      • Default Branch Update Master to Main
    • Manpages for Stacked PRs CLI
      • av(1)
      • av-adopt Command Guide
      • av-auth-status(1) in CLI
      • av-stack-branch(1) in CLI
      • av-commit-create(1) in CL
      • av-stack-diff(1) in CLI
      • av-fetch(1) in CLI
      • av-git-interaction Command Guide
      • av-init(1) in CLI
      • av-stack-next(1) in CLI
      • av-orphan Command Guide
      • av-pr-status(1) in CLI
      • av-pr-create(1) in CLI
      • av-stack-prev(1) in CLI
      • av-stack-reorder(1) in CLI
      • av-reparent Command Guide
      • av-restack Command Guide
      • av-commit-split(1) in CLI
      • av-switch Command Guide
      • av-stack-sync(1) in CLI
      • av-stack-tidy(1) in CLI
      • av-stack-tree(1) in CLI
    • Aviator CLI Major Releases
      • Aviator CLI v0.1.0 Release Notes
  • Aviator's Chrome Extension
  • Pilot Automated Actions
    • Scheduled Events
    • JavaScript Execution
    • Pilot Automated Actions Reference
      • GitHub Reference
      • MergeQueue Reference
      • Slack Reference
  • API and Integrations
    • Slack Integration Guide
    • GraphQL API Quickstart
    • Prometheus Metrics Setup for GCP
    • Reference
      • JSON API
      • GraphQL
      • Webhooks
      • Monitoring Metrics
  • Manage
    • Access Management
    • GitHub App Permissions
    • Security
      • Aviator Agents Data Usage & Retention Policy
    • On-Premise Installation
      • GitHub App for On-Prem
      • GitHub OAuth for On-Prem
      • Use Helm Instructions
      • Use Docker Compose Instructions
      • Prometheus endpoint
      • Slack Integration for On-Premise
      • Google SSO Login for On-Prem
    • FAQs
      • Troubleshooting GitHub app connection
      • MergeQueue FAQs
      • Billing FAQs
Powered by GitBook
On this page
  • Why migrate
  • Using Owners File
  • Starting with one team
  • Compliance
  • Validation
  • See also

Was this helpful?

  1. FlexReview

How to Onboard a Large Org

Get instructions on onboarding a large org. Migrating from the strict controls of the Codeowners concept can enhance maintenance and bring other benefits.

Moving away from the strict Codeowners concept is a big cultural change. This requires carefully planning and testing the FlexReview approach. If you do not use CODEOWNERS requirements in your GitHub repository, you can skip this doc.

Why migrate

Migrating away from the strict controls of the Codeowners concept can bring several benefits to your team. By adopting FlexReview, you can automate the assignment of reviewers based on their expertise, rather than defining very fine-grained access control. That means:

  • No need to maintain a fine-grained file with hundreds of lines declaring ownership

  • Ensure that the most qualified individuals provide feedback on each pull request

  • Drastically reduce the number of reviewers required per code change

  • Improve code review response times significantly

Using Owners File

Aviator FlexReview introduces a an OWNERS file that helps with making code review assignments smarter without dropping the ownership for specific teams. The OWNERS file can be defined at.aviator/OWNERS. This file uses the similar format as the GitHub equivalent, but with the following limit:

  • You can put only one team per line.

  • You cannot have a negation rule.

The file is interpreted differently. Given a file path, owners are defined as follows:

  • Owners: All matching teams are considered as an owner of the file.

  • Direct Owners: The owner with the longest matching path is called a direct owner.

  • Indirect Owners: Non-direct owners are called indirect owners.

When onboarding a large team, we recommend copying your current CODEOWNERS file as is to OWNERS, and then slowly simplifying your CODEOWNERS file to reduce the amount of gates needed.

Starting with one team

To ease the transition and familiarize your team with FlexReview, we recommend starting with one specific team in your engineering org. By selecting a single team, you can test and evaluate the functionality of FlexReview in a controlled environment before expanding its usage to other teams. This approach allows you to gradually adapt to the new review process while minimizing any potential disruptions to your existing workflows.

Read-only mode

At this stage, you can use the slash command on any PR to get a suggestion from FlexReview:

/aviator flexreview suggest

Choosing the right team

When specified, all PRs that touch the file paths owned by these teams will get a suggested reviewers GitHub comment from FlexReview. Since these directories are managed by Codeowners, FlexReview will only suggest valid reviewers based on the Codeowners file.

This would be a good opportunity to start educating the team about how FlexReview works and how to use it.

Expanding code ownership by one-level

To get the real benefit of FlexReview, you should edit the CODEOWNERS file and expand the ownership of the sub-directory to the wider engineering org. You can start by expanding it by one-level.

Let’s say a sub-directory has a team ownership of ios-auth-eng that manages the authentication framework for iOS, and there is a GitHub team ios-eng and a wider eng team. Here, you can replace that ownership of this sub-directory in the codeowners file to: ios-eng so that anyone on the ios engineering team can approve this change (from a CODEOWNERS perspective).

ios/authentication/ @ios-eng

At this stage, FlexReview will start handling approval requirement, and introducing additional experts in the mix depending on code change complexity. Additionally, FlexReview will automatically start validating the complex reviews with the expert reviewers.

Expanding code ownership beyond

Once you have tested this with a few PRs, you can expand this further, and edit the CODEOWNERS file to all of eng for this sub-directory and continue testing it, while maintaining the .aviator/OWNERSfile to define fine grain ownership.

If you have chosen a good team / project to start with, it’s likely that the developers are now familiar with how FlexReview works and are comfortable with the idea of flexible reviews and expert reviewers. You can continue expanding the same way for additional sub-directories or onboarding everyone together.

Compliance

Not all code paths are the same. As you are relaxing the requirements for code review, you can still require some security sensitive code paths to have strict ownership. As a rule of thumb, this should not represent more than 10% of your code base. As a cultural shift, you can internally define a process for teams to submit a request with clear reasoning that certain code paths should be gated. Based on that information, you can make a judgement call on where strict ownership is still needed.

Validation

Setting up validation is simple. After following the above steps, go to your repository's FlexReview configuration page and enable validation:

Then, in GitHub, add Aviator FlexReview as a required check in your branch ruleset:

See also

PreviousGetting Started with FlexReviewNextConcepts for FlexReview

Last updated 1 month ago

Was this helpful?

To learn more about best practices for specifying ownership, also read .

When you install the Aviator app for FlexReview, it starts in , that is, it won’t take any actions or post any comments on the PRs automatically.

This will and post a message with a list of suggested reviewers. This will display the list of files and corresponding need for experts based along with suggested reviewers. It will suggest reviewers that also satisfy the Codeowners requirement.

You can that you would like FlexReview to find reviewers for. You would ideally want to choose a team that gets a lot of review requests from outside of that team. That’s because these might be the reviews that hits the most bottlenecks and would benefit the most.

is a feature that allows you to leverage your configured Aviator OWNERS data into meaningful review approval validation. Reviewers will be responsible for approving on behalf of the files they own, and the pull request will not be mergable until all files have been approved by the appropriate owners. Reviewers will also be selectively dismissed when new code changes are pushed based on what files were changed.

To enable selective reviewer dismissal, make sure the setting “dismiss all approvals on push” is disabled in GitHub's branch protection rules. More information can be found in .

direct and indirect ownership
read-only mode
suggest reviewers
specify one or more teams
FlexReview Validation
How to Set Up FlexReview Validation
Whitelist teams for reviewer assignment
Troubleshooting reviewer assignment
Get a reviewer suggestion
Excluding reviewers
FlexReview Validation
Expanding ownership in engineering teams
Configuring FlexReview.
Validation is enabled at the bottom of the configuration page.
The "require status checks to pass" option on GitHub's branch rulesets page.
An aviator/flexreview status check in GitHub.