A common problem in software development is accidentally or unintentionally merging code with bugs, defects, or security vulnerabilities into your main branch. Finding and mitigating these faulty lines of code deployed to the production environment can cause severe outages in running applications and can cost unnecessary time and effort to fix. Show
Amazon CodeGuru Reviewer tackles this issue using automated code reviews, which allows developers to fix the issue based on automated CodeGuru recommendations before the code moves to production. This post demonstrates how to use CodeGuru for automated code reviews and uses an AWS CodeCommit approval process to set up a code approval governance model. Solution overviewIn this post, you create an end-to-end code approval workflow and add required approvers to your repository pull requests. This can help you identify and mitigate issues before they’re merged into your main branches. Let’s discuss the core services highlighted in our solution. CodeGuru Reviewer is a machine learning-based service for automated code reviews and application performance recommendations. CodeCommit is a fully managed and secure source control repository service. It eliminates the need to scale infrastructure to support highly available and critical code repository systems. CodeCommit allows you to configure approval rules on pull requests. Approval rules act as a gatekeeper on your source code changes. Pull requests that fail to satisfy the required approvals can’t be merged into your main branch for production deployment. The following diagram illustrates the architecture of this solution. The solution has three personas:
The solution workflow contains the following steps:
In the following sections, we walk you through configuring the CodeCommit repository and creating a pull request and approval rule. We then run the workflow to test the code, review recommendations and make appropriate changes, and run the workflow again to confirm that the code is ready to be merged. PrerequisitesBefore we get started, we create an AWS Cloud9 development environment, which we use to check in the Python code for this solution. The sample Python code for the exercise is available at the link. Download the .py files to a local folder. Complete the following steps to set up the prerequisite resources:
Configuring IAM roles and users
This template creates three IAM users for Repository admin, Code Approver, Developer that are required at different steps while following this blog. Configure the CodeCommit repositoryLet’s start with CodeCommit repository. The repository works as the source control for the Java and Python code.
The repository is created.
You can see our CodeCommit repository is associated with CodeGuru.
This action clones the repository and creates the
Create a pull requestNow we create our pull request.
Create an approval ruleWe now create an approval rule as the repository admin.
Review recommendationsWe can now view any recommendations regarding our pull request code review.
You can now review the recommendation details, as shown in the following screenshot.
The developer can see this comment as feedback from the approver to fix the issue.
Make changes, rerun the code review, and merge the environmentsLet’s say the developer makes the required changes in the code to address the issue and uploads the new code in the AWS Cloud9 environment. If CodeGuru doesn’t find additional issues, we can merge the environments.
CodeGuru hasn’t found any issue in the updated code, so there are no recommendations.
Now the developer can see on the CodeCommit console that the pull request is approved.
You can see a success message.
The Clean up the resourcesTo avoid incurring future charges, remove the resources created by this solution by
ConclusionThis post highlighted the benefits of CodeGuru automated code reviews. You created an end-to-end code approval workflow and added required approvers to your repository pull requests. This solution can help you identify and mitigate issues before they’re merged into your main branches. You can get started from the CodeGuru console by integrating CodeGuru Reviewer with your supported CI/CD pipeline. For more information about automating code reviews and check out the documentation. About the AuthorsWhich AWS service provides intelligent recommendations to improve code quality?Amazon CodeGuru Reviewer seamlessly integrates with existing code review workflows on widely-used source control systems including GitHub, GitHub Enterprise, Bitbucket, and AWS CodeCommit, and provides actionable recommendations for improving code quality.
What is Amazon profiler?What is Amazon CodeGuru Profiler? PDFRSS. Amazon CodeGuru Profiler collects runtime performance data from your live applications, and provides recommendations that can help you fine-tune your application performance.
What is Amazon code whisperer?Q: What is Amazon CodeWhisperer? CodeWhisperer is a machine learning (ML)–powered service that helps improve developer productivity by generating code recommendations based on developers' prior code and comments.
Does AWS have issue tracking?Each AWS CodeStar project comes with a project management dashboard, including an integrated issue tracking capability powered by Atlassian JIRA Software.
|