Automated Pull Request Code Reviews with AWS CodeCommit and AWS CodeBuild

Introduction

Efficiently managing code reviews is a crucial aspect of modern software development workflows. Code reviews help ensure code quality, enhance team collaboration, and reduce the likelihood of introducing bugs or vulnerabilities into a codebase. However, the traditional manual code review process can be time-consuming and resource-intensive, especially in rapidly evolving projects with numerous pull requests.

We will explore how AWS CodeCommit and AWS CodeBuild combine to automate and optimize the code review process for pull requests. AWS CodeCommit provides a secure and scalable version control service, while AWS CodeBuild is a fully managed continuous integration service. By combining these powerful AWS services, teams can expedite their code review workflows and elevate the overall development process.

Solution is built upon three core components

AWS CodeCommit – This AWS service acts as the secure and scalable repository for hosting private repositories
Amazon EventBridge – Leveraging this service, the solution receives events like pullRequestCreated and pullRequestSourceBranchUpdated, triggering an Amazon EventBridge rule.
AWS CodeBuild – As a fully managed continuous integration service, AWS CodeBuild performs the crucial code review task. It provides the capability to assess the code and subsequently send the review results back to the AWS CodeCommit repository as comments on the respective pull request.

Pioneers in Cloud Consulting & Migration Services

Reduced infrastructural costs
Accelerated application deployment

Get Started

Steps to Automate Code Review for Pull Requests using AWS CodeCommit and AWS CodeBuild

Create a source code repository in AWS CodeCommit

Select the repository in AWS CodeCommit and click on create repository.
Enter a name for the repository
Click on Create

step1

2. Adding files to the repository

Select a repository created in Step 1
Select Add file, and choose whether you want to create or upload a file from your system.
Select the branch where you want to add a file, and the default branch is the main.
Enter a file name in the code editor and enter the code for the file.
Enter the Author name and Email address to be displayed to the other users.
Enter a commit message.
Click on Commit changes.
Go back to the repository and click on the repository created to view the contents of the repository.

step2

3. Establish an approval rule template and then associate it with the appropriate association.

Select the Approval template on the left side of the AWS CodeCommit console.
Click on Create Template.
Enter the name for the Approval rule template.
Enter the number of approvals needed.
Select the Associated repositories and click Create.

4. Setting up an AWS CodeBuild project to execute code quality checks and post the results as pull request comments.

In AWS CodeBuild, click on create build project.
Enter project name
Under the source section – select AWS CodeCommit and choose the repository.
Choose the branch
In the Environment section – choose the environment type – Linux.
Select Custom Image
Service role – select New service role.
Enter the role name
In Buildspec – select insert build commands
Click on the switch to the editor.
Click on create build project.
Update the AWS IAM service role.
Click on the CodeBuild project and select the Build details tab.
In the Environment section, click on the service role
Select the customer managed policy and click on Edit
Add the below action to the AWS CodeCommit action, choose next, then save changes.

"codecommit:CreatePullRequestApprovalRule", "codecommit:GetPullRequest", "codecommit:PostCommentForPullRequest", "codecommit:UpdatePullRequestApprovalState"

1	"codecommit:CreatePullRequestApprovalRule", "codecommit:GetPullRequest", "codecommit:PostCommentForPullRequest", "codecommit:UpdatePullRequestApprovalState"

Here is the Build commands for Buildspec

version: 0.2
phases:
  install:
    runtime-versions:
      nodejs: <NODEJS_VERSION>
    commands:
      - npm install jshint --global
  build:
    commands:
      - echo \{\"esversion\":6,\"eqeqeq\":true,\"quotmark\":\"single\"\} > .jshintrc
      - CODE_QUALITY_RESULT="$(echo ```) $(jshint .)"; EXITCODE=$?
      - aws codecommit post-comment-for-pull-request --pull-request-id $PULL_REQUEST_ID --repository-name <REPOSITORY_NAME> --content "$CODE_QUALITY_RESULT" --before-commit-id $DESTINATION_COMMIT_ID --after-commit-id $SOURCE_COMMIT_ID --region $AWS_REGION	
      - |
        if [ $EXITCODE -ne 0 ]
        then
          PR_STATUS='REVOKE'
        else
          PR_STATUS='APPROVE'
        fi
      - REVISION_ID=$(aws codecommit get-pull-request --pull-request-id $PULL_REQUEST_ID | jq -r '.pullRequest.revisionId')
      - aws codecommit update-pull-request-approval-state --pull-request-id $PULL_REQUEST_ID --revision-id $REVISION_ID --approval-state $PR_STATUS --region $AWS_REGION

version: 0.2

phases:

install:

runtime-versions:

nodejs: <NODEJS_VERSION>

commands:

- npm install jshint --global

build:

commands:

- echo \{\"esversion\":6,\"eqeqeq\":true,\"quotmark\":\"single\"\} > .jshintrc

- CODE_QUALITY_RESULT="$(echo ```) $(jshint .)"; EXITCODE=$?

- aws codecommit post-comment-for-pull-request --pull-request-id $PULL_REQUEST_ID --repository-name <REPOSITORY_NAME> --content "$CODE_QUALITY_RESULT" --before-commit-id $DESTINATION_COMMIT_ID --after-commit-id $SOURCE_COMMIT_ID --region $AWS_REGION

- |

if [ $EXITCODE -ne 0 ]

then

PR_STATUS='REVOKE'

else

PR_STATUS='APPROVE'

- REVISION_ID=$(aws codecommit get-pull-request --pull-request-id $PULL_REQUEST_ID | jq -r '.pullRequest.revisionId')

- aws codecommit update-pull-request-approval-state --pull-request-id $PULL_REQUEST_ID --revision-id $REVISION_ID --approval-state $PR_STATUS --region $AWS_REGION

In the above buildspec file, replace the <NODEJS_VERSION> and <REPOSITORY_NAME> created in the first step. And spec file consists of the jshint package, which involves generating a JSHint configuration file with sample rules, executing it against the source code in the pull request commit, and subsequently posting the results as comments on the pull request page. The pull request is either automatically approved or rejected based on the evaluation.

JSHint is a community-driven tool that detects errors and potential problems in JavaScript code.

5. Create an Amazon EventBridge rule that reacts to AWS CodeCommit pullRequestCreated and pullRequestSourceBranchUpdated events for the repository created and set its target to the AWS CodeBuild project created.

Go to Amazon EventBridge in the AWS console.
Select Rule and click on create rule
Enter name for the rule and select the Event bus has default.
Select Rule type has rule with an event pattern and click on next.
In Event source select AWS events or EventBridge partner events
In creation method use pattern form
In event pattern choose AWS CodeCommit as AWS service
Under Event pattern click on Edit pattern and copy paste the below code and replace the <REGION>, <ACCOUNT_ID> and <REPOSITORY_NAME> and click on next.

{
    "detail-type": ["CodeCommit Pull Request State Change"],
    "resources": ["arn:aws:codecommit:<REGION>:<ACCOUNT_ID>:<REPOSITORY_NAME>"],
    "source": ["aws.codecommit"],
    "detail": {
      "isMerged": ["False"],
      "pullRequestStatus": ["Open"],
      "repositoryNames": ["<REPOSITORY_NAME>"],
      "destinationReference": ["refs/heads/main"],
      "event": ["pullRequestCreated", "pullRequestSourceBranchUpdated"]
    },
    "account": ["<ACCOUNT_ID>"]
  }

{

"detail-type": ["CodeCommit Pull Request State Change"],

"resources": ["arn:aws:codecommit:<REGION>:<ACCOUNT_ID>:<REPOSITORY_NAME>"],

"source": ["aws.codecommit"],

"detail": {

"isMerged": ["False"],

"pullRequestStatus": ["Open"],

"repositoryNames": ["<REPOSITORY_NAME>"],

"destinationReference": ["refs/heads/main"],

"event": ["pullRequestCreated", "pullRequestSourceBranchUpdated"]

"account": ["<ACCOUNT_ID>"]

}

In Targets, select AWS service has target types, and then select target has CodeBuild project
Copy and paste the project ARN from the AWS Codebuild project.
Select Create a new role for this specific resource for the execution role.
Click on the additional setting
Select the Input transformer to configure the input transformer.
Scroll down to the target input transformer and copy and paste the below input path.

{
    "detail-destinationCommit": "$.detail.destinationCommit",
    "detail-pullRequestId": "$.detail.pullRequestId",
    "detail-sourceCommit": "$.detail.sourceCommit"
}

{

"detail-destinationCommit": "$.detail.destinationCommit",

"detail-pullRequestId": "$.detail.pullRequestId",

"detail-sourceCommit": "$.detail.sourceCommit"

}

Under template, copy and paste the below template.

{
    "sourceVersion": <detail-sourceCommit>,
    "environmentVariablesOverride": [
        {
            "name": "DESTINATION_COMMIT_ID",
            "type": "PLAINTEXT",
            "value": <detail-destinationCommit>
        },
        {
            "name": "SOURCE_COMMIT_ID",
            "type": "PLAINTEXT",
            "value": <detail-sourceCommit>
        },
        {
            "name": "PULL_REQUEST_ID",
            "type": "PLAINTEXT",
            "value": <detail-pullRequestId>
        }
    ]
}

{

"sourceVersion": <detail-sourceCommit>,

"environmentVariablesOverride": [

{

"name": "DESTINATION_COMMIT_ID",

"type": "PLAINTEXT",

"value": <detail-destinationCommit>

{

"name": "SOURCE_COMMIT_ID",

"type": "PLAINTEXT",

"value": <detail-sourceCommit>

{

"name": "PULL_REQUEST_ID",

"type": "PLAINTEXT",

"value": <detail-pullRequestId>

}

]

}

Select None under the Dead-letter queue and select next
Click on the save rule.

step5

6. Raising a pull request by creating a feature branch and adding a new file.

In the AWS CodeCommit console, select the repository and click on branches.
Click on Create branch
Enter the branch name and select the main branch for branch from
Add a new file named “index.js” to the repository’s root, containing the provided content.

function greet(dayofweek) {
  if (dayofweek == "Saturday" || dayofweek == "Sunday") {
    console.log("Have a great weekend");
  } else {
    console.log("Have a great day at work");
  }
}

function greet(dayofweek) {

if (dayofweek == "Saturday" || dayofweek == "Sunday") {

console.log("Have a great weekend");

} else {

console.log("Have a great day at work");

}

Click on create pull request
Under Destination, select main branch and source, select feature branch, and compare
Finally, Click on pull request.

7. Verify the pull request

Once the pull request is initiated, the AWS CodeBuild project will automatically trigger and perform a code quality check.

step7

To verify the automated code review outcome, Go to the AWS Management Console, access the AWS CodeCommit repository pull request page, and check the Activity tab for the latest comment displaying the review results.

step7b

Conclusion

Automating pull request code reviews with AWS CodeCommit and AWS CodeBuild streamlines the code review process, enhancing collaboration and code quality.

By combining these powerful AWS services, teams can expedite workflows and ensure efficient code evaluation. Utilizing JSHint, potential JavaScript errors are detected, leading to higher code reliability.

Drop a query if you have any questions regarding AWS CodeCommit and AWS CodeBuild, and we will get back to you quickly.

Making IT Networks Enterprise-ready – Cloud Management Services

Accelerated cloud migration
End-to-end view of the cloud environment

Get Started

About CloudThat

CloudThat is an official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner and Microsoft Gold Partner, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best in industry cloud computing practices and expertise. We are on a mission to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within the cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere.

To get started, go through our Consultancy page and Managed Services Package that is CloudThat’s offerings.

FAQs

1. Does AWS CodeBuild support parallel builds to speed up the code review process?

ANS: – Yes, AWS CodeBuild supports parallel builds, enabling you to run multiple builds concurrently. This can significantly reduce the time required for code review, especially in projects with high build volumes.

2. What level of control do we have over the automated approval rule template in AWS CodeCommit?

ANS: – We have full control over the approval rule template in AWS CodeCommit. We can define the number of required approvals, associate repositories, and customize the template based on the review process.

WRITTEN BY Abhilasha D

Abhilasha D is a Research Associate-DevOps at CloudThat. She is focused on gaining knowledge of Cloud environment and DevOps tools. She has keen interest in learning and researching on emerging technologies.