Download as PDF, PPTX
Revolutionize DevOps with ML capabilities. Introduction to Amazon CodeGuru and DevOps Guru at OOP 2022
- 1. Revolutionize DevOps withML capabilities Introduction to DevOps Guru and CodeGuru Vadym Kazulkin, ip.labs, 3 Februar 2022
- 2. Contact Vadym Kazulkin ip.labs GmbHBonn, Germany Co-Organizer of the Java User Group Bonn and Serverless Bonn Meetup v.kazulkin@gmail.com @VKazulkin https://www.linkedin.com/in/vadymkazulkin https://www.iplabs.de/
- 3.
- 4.
- 5. What is AWSDevOps Guru Amazon DevOps Guru is a service powered by machine learning (ML) that is designed to make it easy to improve an application’s operational performance and availability DevOps Guru helps detect behaviors that deviate from normal operating patterns so you can identify operational issues long before they impact your customers • increased latency • error rates (timeouts, throttles) • resource constraints https://aws.amazon.com/devops-guru
- 6. Benefits of DevOpsGuru https://aws.amazon.com/devops-guru
- 7. How DevOps Guruwork https://aws.amazon.com/devops-guru
- 8. DevOps Guru integrationin 3rd party incident management tools https://aws.amazon.com/devops-guru • PagerDuty • Atlassian Opsgenie
- 9. DevOps Guru ExampleApplication
- 10.
- 11. DevOps Guru Integrationwith PagerDuty https://www.pagerduty.com/docs/guides/amazon-devops-guru-integration-guide/
- 12. DevOps Guru Integrationwith PagerDuty
- 13.
- 14.
- 15.
- 16. DevOps Guru PagerDutyIncidents
- 17. DevOps Guru Examples:DynamoDB Throttling
- 18. DevOps Guru Examples:DynamoDB Throttling stress test and empty burst credits
- 19. DevOps Guru Examples:DynamoDB Throttling
- 20. DevOps Guru Examples:API Gateway Throttling
- 21. DevOps Guru Examples:API Gateway Throttling
- 22. DevOps Guru Examples:Lambda Throttling
- 23. DevOps Guru Examples:Lambda Throttling
- 24. DevOps Guru Examples:Lambda Throttling PagerDuty Alert
- 25. DevOps Guru Examples:Lambda Timeout Error
- 26. DevOps Guru Examples:Lambda Timeout Error
- 27. DevOps Guru Examples:Lambda Memory Error
- 28. DevOps Guru Examples:Lambda Increased Latency
- 29. DevOps Guru Conclusions •All errors have been correctly recognized so far • It took several minutes to create an incident after anomaly appeared • Tested mainly in the context of AWS Serverless stack • AWS is responsible for monitoring those services • Not all PagerDuty alarms have been automatically closed after the incident resolution • Especially in case there have been several anomalies within one incident
- 30. DevOps Guru forRDS https://aws.amazon.com/devops-guru/features/devops-guru-for-rds/
- 31.
- 32. What is AWSCodeGuru Amazon CodeGuru is a developer tool that provides intelligent recommendations to improve code quality and identify an application’s most expensive lines of code • CodeGuru Reviewer uses machine learning and automated reasoning to identify critical issues, security vulnerabilities, and hard-to-find bugs during application development and provides recommendations to improve code quality • CodeGuru Profiler helps developers find an application’s most expensive lines of code by helping them understand the runtime behavior of their applications, identify and remove code inefficiencies and improve performance https://aws.amazon.com/codeguru
- 33. Benefits of CodeGuru •CodeGuru Reviewer benefits • Catch code problems before they hit production • Proactively improve code quality with continuous monitoring • CodeGuru Profiler benefits • Troubleshoot performance issues • Discover anomalies and common issues in your application performance • Catch your most expensive line of code https://aws.amazon.com/codeguru
- 34.
- 35. CodeGuru Programming LanguageSupport • Java • Python
- 36.
- 37.
- 38.
- 39. CodeGuru Reviewer Scans •Full repository analysis • Incremental code reviews (pull requests)
- 40. Java Code forCodeGuru Analysis
- 41. CodeGuru Reviewer Recommendation Therecommendations for Java fall into the following categories: • AWS best practices • Security • Resource leaks • Concurrency • Integration with Infer (https://fbinfer.com/) • detect null pointer dereferences, thread safety violations and improper use of synchronization locks • Other specialized categories such as sensitive information leaks, input validation, and code clones • General best practices on data structures, control flow, exception handling, and more https://aws.amazon.com/de/blogs/devops/improving-aws-java-applications-with-amazon-codeguru-reviewer/
- 42. CodeGuru Review FullRepository Analysis
- 43. CodeGuru Review AWSBest Practices with Java SDK V1
- 44. CodeGuru Review AWSBest Practices with Java SDK V1
- 45. CodeGuru Review AWSBest Practices with Java SDK V1
- 46. CodeGuru Review AWSBest Practices with Java SDK V2
- 47. CodeGuru Review otherAWS Best Practices
- 48.
- 49.
- 50.
- 51.
- 52.
- 53. CodeGuru Incremental Review Occursautomatically when creating a pull request with CodeGuru associated with CodeCommit repository
- 54. CodeGuru Review Expected,but No Findings https://aws.amazon.com/de/blogs/devops/tightening-application-security-with-amazon-codeguru/
- 55. CodeGuru Reviewer AWSCI/CD Integration
- 56. CodeGuru Reviewer CI/CDIntegration For CodeBuild add to buildspec.yaml pre_build: commands: - pip3 install awscli --upgrade --user - export TAG=${CODEBUILD_RESOLVED_SOURCE_VERSION} - aws codeguru-reviewer create-code-review --name your- codeguru-review-name$TAG --repository-association-arn arn:aws:codeguru- reviewer:eu-central-1:your-codeguru-arn --type RepositoryAnalysis={RepositoryHead={BranchName=main}}
- 57. CodeGuru Reviewer GitHubCI/CD Integration https://aws.amazon.com/about-aws/whats-new/2021/06/amazon-codeguru-reviewer-announces-ci-cd-integration-github-actions-new-security-detectors-for-java/?nc1=h_ls
- 58.
- 59. CodeGuru vs SonarQube •CodeGuru currently support only 2 languages vs SonarQube supporting 20+ • CodeGuru is much powerful in detecting AWS best practices (including AWS security best practices) • SonarQube is much more powerful detecting common Java issues
- 60. CodeGuru Conclusions • Verygood findings for AWS best practices when using Java SDK V1 • Many missing findings with Java SDK V2 compared to 1 • Many officially described security findings are not detected in my examples • Full repository scans are very expensive • Use incremental code reviews (pull requests) scan as much as possible • Use CodeGuru in conjunction with SonarQube
- 62. www.iplabs.de Accelerate Your PhotoBusiness Get in Touch