If you’ve read Chapter 1 and Chapter 2, you’ve hopefully come away with some concrete motivations for using open source and starting an open source project. And if you’ve made it to this chapter, you are probably thinking, “there is some great code at my company we should open source!” That’s the right attitude!
However, there’s a lot more than meets the eye when it comes to an employer seeing the value of contributing to an open source project, let alone starting one. As an individual deciding to contribute to open source or start an open source project, the justification is usually quite simple: you have something interesting to you that you want others to benefit from, or are using a project and you see something that you want to fix or improve – what is often referred to as the scratch-your-own-itch pattern. You may also find the work that a project is doing helpful and just want to help out – maybe writing some documentation or providing feedback on a pull request – more itch-scratching.
For companies, scratching your own itch is noble but not enough – they need to see how this benefits them as a business overall, which is often termed “enlightened self-interest.” Software developers are considered less than business-savvy in many organizations, and due to that perception, the conversation on open source stops there. This speaks to the need to connect the value of open source to business value, which in the past few decades, we’ve seen come together. It has been a bumpy road at times to align business models with open source, which is no different from how the disruptive technologies of the past took time to find a suitable business model.
In this chapter, I’ll lay the groundwork to help you get your company into open source, either contributing to or launching a new project. This is merely the tip of the iceberg, and we will look at further resources toward the end that can help you establish open source as part of your company’s strategy.
Getting support for open sourcing code within an organization requires first understanding what the motivations are for even doing so. It requires you to think with a business mindset, which at the end of the day comes back to costs and revenue. Sometimes, this can be framed in more long-term thinking, but being persuasive when championing this kind of initiative also requires citing some short-term benefits. Let’s look at what tend to be the primary motivators.
The bottom line is something every company thinks about, and this tends to be a major motivation in looking at open source. In software development, there are costs both in terms of initial development and maintenance, which includes new functionality, as well as fixing bugs and resolving security issues. Staying on top of this can be quite an endeavor.
One aspect of the development costs that companies don’t often think about is the specialization involved in software development. If you go back to the early 2000s and before, the most common software developer was what is known as the full-stack developer, meaning someone who had broad knowledge and expertise in different technologies and languages. For example, a full-stack developer would be able to write the frontend code for a website in HTML, JavaScript, and CSS, the business logic in something such as PHP, Python, or Ruby, and manage the database backend using MySQL or PostgreSQL. If you are a software developer, you know there are technological differences not only between each of those but also in how you would approach scaling, performance, security, and maintainability with each of them. For the software developer today, those layers have become more complex, moving from simple JavaScript calls to complex frameworks such as Bootstrap, from monolithic applications to micro-services, and often not just one database backend but multiple ones that may involve different approaches and methodologies.
For an organization today, even a modest software development company, hiring software developers with expertise in each area is an endeavor. In some cases, there may only be a handful of individuals that have expertise in a particular tool. For example, if you need to build a largely static website that has some template logic to keep multiple areas of a website in sync, you could define a template language and build some scripting to automate it – or you could use something such as Jekyll or Hugo, which has all this ready to go. That way, you don’t need a developer to maintain this script, which will undoubtedly break at some point, or the template language will need to be extended for different data types, but instead use the build functionality and templating language that either Jekyll or Hugo provides. This not only saves the company time and effort but also means they don’t need staff with deep expertise, just somebody who understands how to use the tool itself. This simplifies hiring by looking at the skills around a project and lets them be more flexible with their developer resources.
Let’s say your company is building out a task management tool, and a customer comes in with this request: It would be great if all of a user’s tasks were listed on their calendar to help them plan ahead and coordinate with the other meetings on their calendar. One route would be exploring how to build integration into a single calendar tool, such as Microsoft Outlook or Google Mail; another would be writing a custom iCal server that implements the iCalendar standard. Or, you could look for a library that is able to deal with the entire iCal standard. Which one would you choose?
This is exactly the kind of sweet spot where open source comes in, the ability to provide a piece of functionality to solve a particular problem that exists across a wide variety of use cases. You could argue it comes from the Unix and free software heritage, where each tool solves a particular problem (and does it well) and is designed to work in conjunction with other tools. As with the previous point on lower development costs, a company doesn’t need staff to understand all the ins and outs of these libraries or tools; they just need to be able to use them.
Another piece of this equation is being able to improve libraries and tools to make the integration or customer experience better. For example, if we look at the iCal example, maybe the company’s development team identifies a compatibility issue with a particular calendar client that uses the iCal endpoint (if you haven’t worked with iCal before, note that clients can be incredibly picky on things such as whitespace and line endings). Not only could they report the issue but they could also provide a test case, and even fix it. If this wasn’t open source, they would have to rely on the vendor’s timeline and support team, which could take weeks, months, or even years; in open source, it’s a question of submitting a patch and getting it merged into the main code base. As a bonus, the company then doesn’t need to maintain a version of the tool with the fix – this is called working upstream (which was discussed in Chapter 2, What Makes a Good Open Source Project?) and makes it easier to introduce new features and functionality to your company’s product without any work on your end at all!
The previous two points on why a company would open source code focused on the developer alignment angle in using open source as a way to optimize a company’s developer investments. Another part of that optimization is velocity – or better put, how a company can build software faster.
If we look at the classic Facebook, Apple, Amazon, Netflix, and Google (FAANG) companies (Facebook now being Meta), the differentiating factor for all of them was building their solutions on top of open source. Facebook heavily used PHP in its rise to popularity, Apple built Mac OS X using many parts of FreeBSD and the Mach kernel projects, and we’ve seen Amazon, Netflix, and Google use open source, as well as build a lot of open source for the larger open source community to use and contribute to. The same pattern has been used numerous times with other technology companies, with numerous start-ups forming from open source communities or starting open source communities of their own to drive innovation.
What is often a big question to those outside of open source is, “Why put technology like that out there for anyone to use? Couldn’t open sourcing this code jumpstart a competitor in the space to overtake you?” It’s a fair observation, but companies look at it as a trade-off; is there more value in owning all the code and IP, or is there more value in getting a solution to market faster? And furthermore, what layers of the stack have value?
Apple, when they made the move from Classic Mac OS to Mac OS X, realized that the value was at the user experience level, so building their own operating system kernel didn’t make a ton of sense (it also didn’t help they were coming off the heels of the Copland project, which is considered one of the biggest failures in software development history [1]). A big driver was the need to move quickly to achieve a more modern operating system, as the Classic Mac OS was aging and didn’t include several key features, such as pre-emptive multitasking, protected memory, access controls, and multi-user management, so building on top of a kernel and operating system that had all of those things got them to market faster.
As we looked at in previous chapters with the value of open source being ecosystem building, there is a secondary benefit – not just getting to market faster but also establishing the market faster as well. Cloud Foundry comes from an open source project launched at Pivotal Software back in 2011, with the idea that starting this project would make it a standard for anyone building multi-cloud Platform-as-a-Service (PaaS) applications. This idea did come to fruition, with several vendors and cloud providers bringing support for Cloud Foundry, thus not only helping solutions come to market faster but at the same time establishing Cloud Foundry as the standard faster – and by proxy, Pivotal Software as a market leader.
I will often chat with companies when they are looking at open sourcing some code that they have written and when the discussion moves to the value of open sourcing the code that they have, I draw the analogy to other services they might have for their business.
For example, you don’t often see the CEO emptying the trash cans around the office; most commonly, we see that as a contracted service. Emptying trash cans is a commodity, meaning it’s something a broad scope of people could do. Often, the cost itself of a commodity service is low because economies of scale kick in; for example, if a company shares a building space with four other businesses, one person could empty all the trash cans instead of four different people each cleaning different offices.
The same idea applies here as well – as I mentioned before, you don’t have to have specialists for each layer of your application, just ones for the specific parts that are critically important to your business. It’s similar to how cloud computing has reduced the need for each company to have a data center administrator; if you build your application on top of a framework such as Cloud Foundry, you just need experts in Cloud Foundry and not each of the underlying components. This makes it easier to focus a company’s investments, attract talent, and generally execute better as a business.
With this background on why a company would participate in the open source ecosystem, let’s now talk about how to build that support internally to open source code.
Now that you know why a company would open source code, let’s walk through what we must consider as we go through the process of proposing to open source code. Note that every company works a bit differently, so many of the points I’ll cover are at a higher level; however, the general concepts are key ones that any company will need solid answers to.
Open source projects are consistently under-resourced. Even if there are enough developers, those developers might not have the bandwidth to write tests, build documentation, triage incoming issues, respond to questions, and deal with security issues. Working together helps make projects more efficient, have a larger impact, and address more features and use cases than working alone.
Before you start a new open source project, research other ones out there that might solve the same problem. As you review them, consider these questions:
If you answered yes to all those questions, contributing to that project is likely a better choice than starting a new one.
Even if there are some no answers, that doesn’t necessarily rule out contributing to versus starting a new project. For example, if you are looking to distribute a product and use the open source project as a part of that product, and that project is under a GPL license, that might be considered a showstopper. Before you do that, reach out to the maintainers and see whether they would be open to changing to a more permissive license; often, maintainers aren’t overly savvy in open source licensing or might not realize the challenges a license might have regarding adoption. I’ve reached out to the maintainer of a project using a GPLv3 license before, for example, and said “Any chance you could change to Apache 2?” and the maintainer has come back and said “Sure!” if it’s been fairly trivial for them to do so. I will note that this tends to be more realistic if the project has only one or just a few contributors, but larger projects likely won’t be as receptive.
Taking the general motivators from the previous section, you first need to work on building out a business case for why to open source a particular bit of code. There could be a multitude of reasons for it, including the following:
Starting to build a business case around open source is fairly similar to building business cases in general, usually covering a few specific points:
Let’s take a look now at how to build a business case more practically.
Let’s look at an example business case here. A project I worked on in the past was the COBOL Programming Course, which was launched by Open Mainframe Project in April 2020, and while this wasn’t their exact business case, this is how I would imagine it:
The preceding outline is rather high-level both to keep this chapter from getting too long and also as a guide for thinking about the idea more succinctly. One thing to note in the early stages here is you want to leave some gaps open to have areas where others can fill in and provide support; in an open source project, the value of people outweighs that of funding, as people make the real difference in its success (or failure).
Here’s another example more suited toward contribution to an open source project, where a company that will remain nameless was debating whether or not to continue to develop its own database interface layer, or leverage and contribute to another one:
What’s good in this example is the disclosure that the investment upfront will be higher in terms of resources, but it will reduce to less than the present investment over time. Setting expectations appropriately is a real key at this stage, especially giving yourself space, as you will hit bumps along the way.
Now, it’s time to start shopping around the business case within the organization. This is where each organization is a bit different, as there will be not only different personalities but also other key people who can help influence the decision. You know your organization best, so use this as a guide for the types of allies you will need:
A well-crafted business case will go a long way and the budget ally will also be able to add perspective on things you might not see. For example, maybe they know that there are team members close to retirement, and there are concerns about re-staffing. Maybe there are some discussions around adjusting focus and goals, and the open sourcing discussion is timely. Perhaps this person shares some hunches you have, maybe even with past experience in open sourcing code, and can give you support and advice along the way. Organizations are largely driven by cost, so while the budget ally isn’t the only key stakeholder, they need to be on board for you to have any success.
Either way, you need their support, as they will be doing the technical work at the end of the day. In addition, you will want to set the expectation of how to work in an open source community, meaning design and feature discussions should happen out in the open, releases should be planned within the community, and simple things such as the bug tracker should be open resources. Often, I see companies open source code and keep all the development meetings and scrums within the company itself; helping set a good pattern at the onset not only ensures success for the project but also sets the proper habits for the internal development teams. We will dig more into this in Chapter 5, Governance and Hosting Models.
One other opportunity here is that this executive could be in the position over time to establish a more formal center of gravity around open source in the company. These groups are typically called Open Source Program Offices (OSPOs) and generally are cross-functional groups supporting open source efforts across a company. Getting an executive involved early on in the first open source effort for a company helps give them visibility of the work done, and allows them to become a great ally in providing advice and guidance in evolving the effort into a program.
Once you have this alignment, you are often set to go. However, to be successful, I’d recommend one more step, and that’s setting expectations.
With any effort, whether open sourcing code or any other business initiative, stakeholders such as those listed previously will have high hopes – and in some cases, they might be unrealistic. Maybe they think they will have 100 contributors in a month. Perhaps they think they will be the talk of Hacker News, or even that they will be able to scale back engineering efforts overnight. While sometimes you may get lucky with one of those, realistically, that’s not always the case.
When setting expectations, consider these dimensions:
Make sure your company and stakeholders don’t measure open source quarter by quarter, or else you will never see success. Do think of milestones along the way, but be careful of being too time-bound, as open source projects ebb and flow over time, and the company itself needs time to establish an internal culture. In future chapters, we will dig into project growth, scaling, and culture, and establish the base layer on which to build everything.
Hopefully, you now have the internal support for and alignment with open sourcing code for your company. Let’s take a look at a checklist of items for getting the code into open source.
If you are at this point, you have your company’s support for contributing to open source. Pat yourself on the back – what you have just done isn’t easy, and many before you never got to this point.
To actually make this happen, there are several key things you need to cover – let’s take a look.
As the code that will be open sourced is effectively your company’s intellectual property, you need your legal team to review it before contributing to a project or launching a new open source project within one. There are also additional considerations for that code base that will come to mind for legal teams, such as the following:
With legal review, especially the first time a company is looking to contribute to open source or start a project, there is often a fair amount of education that needs to take place. Fortunately, there are some great minds in open source legal matters that will be helpful, which we shared in the previous chapter. Really, the main thing a company needs to decide from a legal perspective is how much risk is palatable given the opportunity. In other words, in open sourcing the code that a company owns, the company is in a sense giving its intellectual property to the world, but the question for a company is how valuable it is to them. Is it something that would bootstrap a competitor? Is it a big differentiator from other solutions? Is it a piece of code that isn’t super-unique to the company, and having it out there can create more value than holding onto it internally? This last question is one we see more and more in open source, as companies are realizing that while the piece of code could very well enable a competitor to bring a product to market faster, it lets the company itself seed the market with that technology and gives them a head-start before competitors can catch up.
One of the projects I worked with in the past, Zowe, wrestled with this. The companies who came together, Broadcom (then CA Technologies), IBM, and Rocket Software, all knew they had some really interesting code that they had built for revolutionizing the way we interacted with z/OS applications and data. They also all realized the pieces each of them had could be products of their own – and thus had good intellectual property value – but they came together and realized there was more value in the combined solution being open source so that they could focus on investments further up the stack in integrations with DevOps tooling, application monitoring, and deployment. That is the type of trade-off that comes from legal review, but more broadly from aligning the legal strategy with the overall company strategy.
Finally, before you put any code out there, you need your technical teams to review it. There are a couple of parts to this:
One trap technical teams can fall into at this stage is “perfect is the enemy of the good.” I often talk with companies looking to open source code, and they tell me, “We need to build all our documentation, fix all the bugs, get 100% unit test coverage, and address any feature needs before we release it as open source.” I applaud that nobility, but at the same time, it can give a community the impression that the project is more of a product than a project, meaning comes off as finished work that doesn’t need any help or code contributions. Having a few loose ends in there – not any that would make the code non-functional but instead give space for someone to add to the code base or build it out – is a great opportunity to cultivate a contributor base. We will dig more into this topic in Chapter 6 and Chapter 9.
At this point, you should have a project out there or have donated code to a project, but how can you determine whether this has been valuable to your company? Let’s look more into measuring success for an organization.
Success in open source is really hard to define. It’s not as straightforward as when building a product – in building a product, the success comes from the number of users or customers and the revenue from that, while in open source, usage is one part but so are the other potential impacts on the organization. Since open source projects tend not to be tied directly to revenue (after all, you are giving away code for free!), it becomes hard to succinctly define the Return on Investment (ROI).
But, there are some other ways to measure success. Let’s look at a few.
We touched on this earlier, but the open source project being launched or the work of the team contributing to an open source project should have certain goals. We talked about open source being a long-term versus short-term play, so goal planning has to have that in mind. But knowing how to show incremental progress is key to continuing to get the company to invest in the project, as well as for your benefit to know whether your project is on track.
Specific, Measurable, Achievable, Relevant, and Time-Bound (SMART) goals are a good framework for goal setting. This both helps you be clear on the expectations of the company and keeps you focused.
Here’s an example that could be used for the COBOL Programming Course example from earlier in the chapter:
Two observations about these goals. First, they are focused on two metrics of success – contributions and usage. There isn’t a desire to get into GitHub clones or stars, issues opened, or the number of comments on a Hacker News post. This is a good thing, as the organization was sold on the concept of industry impact (more people learning COBOL when using more modern tools) and industry cooperation and alignment (having people contribute to one curriculum versus a bunch of other ones).
Second, they are goals that aren’t too much of a stretch; with enough awareness of the project, it won’t be too hard to hit these goals. It gives the project some breathing room to work through the kinks of launching an open source project, such as how to handle contributions, getting people used to the workflow, and keeping internal teams aligned with the community work. Not per se something trivial, and this helps set up the project for a better chance of success.
A big challenge that companies run into is how to recognize the impact, as, again, it’s not something that is tied to a tangible result such as revenue or customer counts as with commercial products and offerings. However, that doesn’t mean it’s impossible to get a sense of impact; in reality, an organization can use the motivations for open sourcing as a way to both measure progress and identify the wins and impact made.
Some things to consider for an organization here include the following:
The main point to consider with all this is aligning recognition to the goals the project aims to achieve. Recognizing the most issues closed might be a fun metric, but does that help achieve the goals of obtaining more users and greater industry adoption? As mentioned, when you have measurable goals, it makes it much easier to set rewards.
This chapter focused on many of the basics of a company going down the open source road the first time. Every major company that has been involved in open source has gone through this, and there is a fair amount of learning an organization has to go through to be successful with open source. Fortunately, there are great groups out there, such as the TODO Group, which is a group of leaders from OSPOs along many different verticals and horizontals, who can be resources for seeing how to be successful.
Getting an open source project off the ground is one thing, and indeed a feat to be proud of. But running one...that’s another fun challenge. In the next chapter, we will build from the launch of an open source project and learn about how to best govern it based on the community and industry you are working in.
[1] Lessons Learned: IT’s Biggest Project Failures: https://www.pcworld.com/article/537052/it_project_failures.html
35.170.81.33