How to Scale End-to-End Observability in AWS Environments

Code Quality and Security Ensured With CI/CD Experience for Github Actions

With the CI/CD integration with GitHub actions, the new norm is advanced code scrutiny and airtight security experience with the Java detectors.

July 15, 2021, 1:53 p.m.

TL;DR

On June 24, 2021, Amazon announced the CI/CD integration of its ML-based code scanning Amazon CodeGuru Reviewer with GitHub actions.

CodeGuru Reviewer comes in at the beginning of software production, while the latter comes in during operation

Key Facts

1
Instead of being a wholesome process, code security and quality analysis have been reduced to a step in CI Workflow.
2
Amazon introduced over 20 CodeGuru Reviewer detectors that support Java code.
3
Amazon allows a mega review discount - 100,000 lines of code freely, for 90 days.

Details

Amazon Web Services have introduced a new CI/CD Experience for Amazon CodeGuru Reviewer with GitHub actions. This improvement and the introduction of 20 new detectors to review Java code come a little over a year since Amazon CodeGuru Reviewer (ACR) released into general availability. It is one of many tools with their automation mechanism built on the understanding and implementation of AI and ML, just like the most recent IBM masterpiece.

ACR has been compared to a similar machine learning-based tool, DevOps Guru, developed by the same company, Amazon. CodeGuru Reviewer comes in at the beginning of software production, while the latter comes in during operation. However, while CodeGuru Reviewer delves into code structure, DevOps Guru is designed to detect and fix errors and provide suggestions for an application's entire operational structure. It also wields automatic mechanisms in detection, debugging and fixing complications, saving valuable time. Developers could eliminate ordinary slight negligence causing unprecedented application collapse with DevOps Guru.

Its fundamental function is quite simple. This tool is automated with the knowledge of machine learning to scan and spot hidden, microscopic flaws inside lines of code and provide improvement suggestions. Now the cloud company is implementing new functions - CI/CD experience that eliminates the concept of running quality and security analysis as a process, reducing it to just a quick and easy step in configuring CI workflows and security support for Java code, introducing over 20 new security exposure detectors to run through CodeGuru Reviewer. Machine learning and autonomous reasoning technology are used to create these detectors. For training, they employ over 100,000 Amazon and open source code libraries and the experience of the AWS application security team to ensure that they are both accurate and adaptable in a continuously evolving landscape.

Running analysis on the CodeGuru console remains commonplace; developers can also leverage CodeGuru Reviewer recommendations from GitHub UI to fix problems around code security.

Developers can continue to use the CodeGuru console as your analysis hub and view CodeGuru Reviewer recommendations from within the GitHub UI to get guidance on how to find and fix code issues and security vulnerabilities. A scan of altered lines of code is triggered in submitting pull requests or pushing a change to the master branch, while a full scan of the repository is triggered when a pipeline run is scheduled.