Skip to main content
    DevOps
    Way of Working
    1. Home
    3. Roadmap
    5. Foundation
    7. Code Foundations

    Code Quality & Review Standards

    Foundation Milestone
    Phase: code
    LT
    CFR

    Overview

    What

    Trunk-based development with protected main branches, mandatory PR reviews, code quality standards, and version control best practices.

    Business Value

    Prevents 95% of direct-to-main commits and catches code quality issues 3-5 days earlier through automated PR reviews and branch protection

    DORA Impact

    • Lead Time
    • Change Failure Rate

    Key Features

    • Git Workflow Standard
    • PR Review Checklist
    • PR Review Turnaround SLA
    • Conventional Commit Messages
    • Pair/Mob Programming
    • Code Readability Standards

    Who

    engineer
    teams
    platform

    When

    Foundation (0-90 days)

    Capabilities in This Epic

    1.

    Git Workflow Standard

    >= 95% of code changes follow trunk-based development or GitHub flow (feature branches < 2 days old).

    Target: >= 95% branches merged within 2 days
    2.

    PR Review Checklist

    >= 90% of PRs have checklist completed before merge (tests, docs, security, performance).

    Target: >= 90% PRs have completed checklist
    3.

    PR Review Turnaround SLA

    >= 80% of PRs receive first review within 4 business hours.

    Target: >= 80% PRs reviewed within 4 hours
    4.

    Conventional Commit Messages

    >= 85% of commits follow conventional commit format (type(scope): description).

    Target: >= 85% commits follow conventional format
    5.

    Pair/Mob Programming

    >= 40% of complex features (>= 5 story points) developed using pair or mob programming.

    Target: >= 40% complex features use pairing
    6.

    Code Readability Standards

    >= 70% of modules have README with setup, usage, and architecture notes. Code review checks readability.

    Target: >= 70% modules have comprehensive README

    Implementation Journey

    Prerequisites

    Complete these before starting:

    • Git repository established with protected main branch
    • At least one service/application in active development
    • Team has basic Git workflow knowledge

    Typical Timeline

    2.5 weeks

    Effort Estimate

    100 hours
    ≈ 13 days

    Breakdown by role:

    Engineering:60 hours
    Platform:40 hours

    Team Composition

    Cross-functional team including: engineer, teams, platform

    Applicable Environments

    regulated
    non-regulated

    Success Metrics

    Entry Criteria

    Prerequisites to start implementing this epic:

    Git repository established with protected main branch
    At least one service/application in active development
    Team has basic Git workflow knowledge

    Exit Criteria

    Criteria defined at the Foundation milestone level:

    deployment Frequency: >= weekly (staging)
    lead Time: <= 7 days (commit to staging)
    change Failure Rate: <= 20%
    mttr: <= 4h (staging)
    observability Coverage: >= 80% services instrumented
    ci Success: >= 90%
    flaky Tests: < 5%
    sbom Coverage: >= 90% services
    secrets Policy: Approved secrets manager only
    pr Cycle Time: p50 <= 24h
    build Success: main >= 95%, PR >= 90%
    ownership Coverage: >= 90% services

    DORA Metrics Impact

    LT
    30 days to 7 days
    77%
    CFR
    30% to 20%
    33%

    Resources

    Implementation Kit

    Step-by-step guide, templates, and tools for this epic

    View Code Quality & Review Standards Implementation Kit

    Templates

    Ready-to-use templates for implementing capabilities

    Browse All Templates

    Learn More

    Tutorials & Learning PathsCase Studies & Examples

    Common Pitfalls

    Protected main branch bypassed using admin privileges
    Mitigation: Enable "Include administrators" in branch protection. Use audit logs to track bypass events.
    PR reviews rubber-stamped without actual code inspection
    Mitigation: Set minimum review time (e.g., 30 min). Require specific checklist items checked. Track review quality metrics.
    Coding standards documented but inconsistently applied
    Mitigation: Automate with linters (ESLint, Prettier). Block PRs that fail lint checks. Update standards based on lint violations.

    Next Steps

    After Completing This Epic

    Once you've met all exit criteria, consider these next steps:

    • Review metrics to validate DORA improvements
    • Document lessons learned and update team playbooks
    • Share success stories with other teams

    Continue To

    The natural next epic in the roadmap sequence:

    CI/CD & Build Automation

    Alternative Paths

    Other epics that can be tackled in parallel:

    Backlog Quality & Planning EnablementCI/CD & Build AutomationTesting Strategy & Quality GatesRelease Management Foundations
    DevOps
    Way of Working

    DevOps practices for the entire delivery lifecycle

    © 2019-2026 devopswow.com. Created by Burhan Öcüt

    PartnersAboutPrivacyTermsCookies