Automate code reviews with Amazon CodeGuru Reviewer

{"value":"A common problem in software development is accidentally or unintentionally merging code with bugs, defects, or security vulnerabilities into your main branch. Finding and mitigating these faulty lines of code deployed to the production environment can cause severe outages in running applications and can cost unnecessary time and effort to fix.\n\n[Amazon CodeGuru Reviewer](https://aws.amazon.com/codeguru/) tackles this issue using automated code reviews, which allows developers to fix the issue based on automated CodeGuru recommendations before the code moves to production.\n\nThis post demonstrates how to use CodeGuru for automated code reviews and uses an AWS [CodeCommit](https://aws.amazon.com/codecommit/) approval process to set up a code approval governance model.\n\n### **Solution overview**\nIn this post, you create an end-to-end code approval workflow and add required approvers to your repository pull requests. This can help you identify and mitigate issues before they’re merged into your main branches.\n\nLet’s discuss the core services highlighted in our solution. CodeGuru Reviewer is a machine learning-based service for automated code reviews and application performance recommendations. CodeCommit is a fully managed and secure source control repository service. It eliminates the need to scale infrastructure to support highly available and critical code repository systems. CodeCommit allows you to configure approval rules on pull requests. Approval rules act as a gatekeeper on your source code changes. Pull requests that fail to satisfy the required approvals can’t be merged into your main branch for production deployment.\n\nThe following diagram illustrates the architecture of this solution.\n\n\n\nThe solution has three personas:\n\n- **Repository admin** – Sets up the code repository in CodeCommit\n- **Developer** – Develops the code and uses pull requests in the main branch to move the code to production\n- **Code approver** – Completes the code review based on the recommendations from CodeGuru and either approves the code or asks for fixes for the issue\n\nThe solution workflow contains the following steps:\n\n1. The repository admin sets up the workflow, including a code repository in CodeCommit for the development group, required access to check in their code to the dev branch, integration of the CodeCommit repository with CodeGuru, and approval details.\n2. Developers develop the code and check in their code in the dev branch. This creates a pull request to merge the code in the main branch.\n3. CodeGuru analyzes the code and reports any issues, along with recommendations based on the code quality.\n4. The code approver analyzes the CodeGuru recommendations and provides comments for how to fix the issue in the code.\n5. The developers fix the issue based on the feedback they received from the code approver.\n6. The code approver analyzes the CodeGuru recommendations of the updated code. They approve the code to merge if everything is okay.\n7. The code gets merged in the main branch upon approval from all approvers.\n8. An [AWS CodePipeline](http://aws.amazon.com/codepipeline) pipeline is triggered to move the code to the preproduction or production environment based on its configuration.\n\nIn the following sections, we walk you through configuring the CodeCommit repository and creating a pull request and approval rule. We then run the workflow to test the code, review recommendations and make appropriate changes, and run the workflow again to confirm that the code is ready to be merged.\n\n### **Prerequisites**\nBefore we get started, we create an [AWS Cloud9](http://aws.amazon.com/cloud9) development environment, which we use to check in the Python code for this solution. The sample Python code for the exercise is available at the [link](https://github.com/aws-samples/integrate-aws-codecommit-with-amazon-codeguru). Download the .py files to a local folder.\n\nComplete the following steps to set up the prerequisite resources:\n\n1. Set up your [AWS Cloud9](https://aws.amazon.com/cn/cloud9/?trk=cndc-detail) environment and access the bash terminal, preferably in the ```us-east-1``` Region.\n2. Create three [AWS Identity and Access Management](https://aws.amazon.com/iam/) (IAM) users and its roles for the repository admin, developer, and approver by running the [AWS CloudFormation](https://aws.amazon.com/cloudformation/) template.\n\n### **Configuring IAM roles and users**\n1. Sign in to the [AWS Management Console](http://aws.amazon.com/console).\n2. Download ‘Persona_Users.yaml’ from [github](https://github.com/aws-samples/integrate-aws-codecommit-with-amazon-codeguru)\n3. Navigate to [AWS CloudFormation](https://aws.amazon.com/cloudformation/) and click on **Create Stack drop** down to choose **With new resouces (Standard)**.\n4. click on **Upload a template file** to upload file form local.\n5. Enter a **Stack Name** such as ‘Automate-code-reviews-codeguru-blog’.\n6. Enter IAM user’s temp password.\n7. Click **Next** to all the other default options.\n8. Check mark **I acknowledge that [AWS CloudFormation](https://aws.amazon.com/cn/cloudformation/?trk=cndc-detail) might create IAM resources with custom names**. Click **Create Stack**.\n\nThis template creates three IAM users for **Repository admin, Code Approver, Developer** that are required at different steps while following this blog.\n\n### **Configure the CodeCommit repository**\nLet’s start with CodeCommit repository. The repository works as the source control for the Java and Python code.\n\n9. Sign in to the [AWS Management Console](http://aws.amazon.com/console) as the repository admin.\n10. On the CodeCommit console, choose **Getting started** in the navigation pane.\n11. Choose **Create repository**.\n\n\n\n12. For **Repository name,** enter ```transaction_alert_repo ```.\n13. Select **Enable [Amazon CodeGuru](https://aws.amazon.com/cn/codeguru/?trk=cndc-detail) Reviewer for Java and Python – optional.**\n14. Choose **Create.**\n\n\n\nThe repository is created.\n\n15. On the repository details page, choose **Clone HTTPS** on the **Clone URL** menu.\n\n\n\n\n16. Copy the URL to use in the next step to clone the repository in the development environment.\n\n\n\n17. On the CodeGuru console, choose **Repositories** in the navigation pane under **Reviewer.**\n\nYou can see our CodeCommit repository is associated with CodeGuru.\n\n\n\n18. Sign in to the console as the developer.\n19. On the [AWS Cloud9](https://aws.amazon.com/cn/cloud9/?trk=cndc-detail) console, clone the repository, using the URL that you copied in the previous step.\n\nThis action clones the repository and creates the ``` transaction_alert_repo ```folder in the environment.\n\n```\\ngit clone https://git-codecommit.us-east-.amazonaws.com/v1/repos/transaction_alert_repo\\ncd transaction_alert_repo\\necho \\"This is a test file\\" > README.md\\ngit add -A\\ngit commit -m \\"initial setup\\"\\ngit push\\n```\n\n\n\n20. Check the file in CodeCommit to confirm that the ``` README.md ```file is copied and available in the CodeCommit repository.\n\n\n\n21. In the [AWS Cloud9](https://aws.amazon.com/cn/cloud9/?trk=cndc-detail) environment, choose the ``` transaction_alert_repo ```folder.\n22. On the File menu, choose **Upload Local Files** to upload the Python files from your local folder (which you downloaded earlier).\n\n\n\n23. Choose **Select files** and upload ``` read_file.py ```and ``` read_rule.py ```.\n\n\n\n24. You can see that both files are copied in the [AWS Cloud9](https://aws.amazon.com/cn/cloud9/?trk=cndc-detail) environment under the ``` transaction_alert_repo ```folder:\n\n```\\ngit checkout -b dev\\ngit add -A\\ngit commit -m \\"initial import of files\\"\\ngit push --set-upstream origin dev\\n```\n\n\n\n25. Check the CodeCommit console to confirm that the ``` read_file.py ```and ``` read_rule.py ```files are copied in the repository.\n\n\n\n### **Create a pull request**\nNow we create our pull request.\n\n1. On the CodeCommit console, navigate to your repository and choose **Pull requests** in the navigation pane.\n2. Choose **Create pull request.**\n\n\n\n3. For **Destination, **choose **master.**\n4. For **Source,** choose **dev.**\n5. Choose **Compare** to see any conflict details in merging the request.\n\n\n\n6. If the environments are mergeable, enter a title and description.\n7. Choose **Create pull request.**\n\n\n\n### **Create an approval rule**\nWe now create an approval rule as the repository admin.\n\n1. Sign in to the console as the repository admin.\n2. On the CodeCommit console, navigate to the pull request you created.\n3. On the **Approvals** tab, choose **Create approval rule.**\n\n\n\n4. For **Rule name, **enter ``` Require an approval before merge ```.\n5. For **Number of approvals needed,** enter 1.\n6. Under **Approval pool members,** provide an IAM ARN value for the code approver.\n7. Choose **Create.**\n\n\n\n### **Review recommendations**\nWe can now view any recommendations regarding our pull request code review.\n\n1. As the repository admin, on the CodeGuru console, choose **Code reviews** in the navigation pane.\n2. On the **Pull request** tab, confirm that the code review is completed, as it might take some time to process.\n3. To review recommendations, choose the completed code review.\n\n\n\nYou can now review the recommendation details, as shown in the following screenshot.\n\n\n\n4. Sign in to the console as the code approver.\n5. Navigate to the pull request to view its details.\n\n\n\n6. On the **Changes** tab, confirm that the CodeGuru recommendation files are available.\n\n\n\n7. Check the details of each recommendation and provide any comments in the **New comment** section.\n\nThe developer can see this comment as feedback from the approver to fix the issue.\n\n8. Choose **Save.**\n\n\n\n9. Enter any overall comments regarding the changes and choose **Save.**\n\n\n\n10. Sign in to the console as the developer.\n11. On the CodeCommit console, navigate to the pull request -> select the request -> click on Changes to review the approver feedback.\n\n\n\n### **Make changes, rerun the code review, and merge the environments**\nLet’s say the developer makes the required changes in the code to address the issue and uploads the new code in the [AWS Cloud9](https://aws.amazon.com/cn/cloud9/?trk=cndc-detail) environment. If CodeGuru doesn’t find additional issues, we can merge the environments.\n\n1. Run the following command to push the updated code to CodeCommit:\n\n```\\ngit add -A\\ngit commit -m \\"code-fixed\\"\\ngit push --set-upstream origin dev\\n```\n\n\n\n2. Sign in to the console as the approver.\n3. Navigate to the code review.\n\nCodeGuru hasn’t found any issue in the updated code, so there are no recommendations.\n1. \n\n\n4. On the CodeCommit console, you can verify the code and provide your approval comment.\n5. Choose **Save.**\n\n\n\n6. On the pull request details page, choose **Approve.**\n\n\n\nNow the developer can see on the CodeCommit console that the pull request is approved.\n\n\n\n7. Sign in to the console as the developer. On the pull request details page, choose **Merge.**\n\n\n\n8. Select your merge strategy. For this post, we select **Fast forward merge.**\n9. Choose **Merge pull request.**\n\n\n\nYou can see a success message.\n\n\n\n10. On the CodeCommit console, choose **Code** in the navigation pane for your repository.\n11. Choose **master** from the branch list.\n\nThe ``` read_file.py ```and ``` read_rule.py ```files are available under the main branch.\n\n\n\n### **Clean up the resources**\nTo avoid incurring future charges, remove the resources created by this solution by\n\n- [Deleting the stack from the AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-console-delete-stack.html)\n- [Deleting AWS Cloud9 environment](https://docs.aws.amazon.com/cloud9/latest/user-guide/delete-environment.html)\n- [Deleting AWS CodeCommit repository](https://docs.aws.amazon.com/codecommit/latest/userguide/how-to-delete-repository.html)\n\n### **Conclusion**\nThis post highlighted the benefits of CodeGuru automated code reviews. You created an end-to-end code approval workflow and added required approvers to your repository pull requests. This solution can help you identify and mitigate issues before they’re merged into your main branches.\n\nYou can get started from the [CodeGuru console](https://console.aws.amazon.com/codeguru/home) by integrating CodeGuru Reviewer with your supported CI/CD pipeline.\n\nFor more information about automating code reviews and check out the [documentation](https://docs.aws.amazon.com/codeguru/latest/reviewer-ug/welcome.html).\n\n#### **About the Authors**\n\n\n\n#### **Dhiraj Thakur**\n\nDhiraj Thakur is a Solutions Architect with Amazon Web Services. He works with AWS customers and partners to provide guidance on enterprise cloud adoption, migration, and strategy. He is passionate about technology and enjoys building and experimenting in the analytics and AI/ML space.\n\n\n\n#### **Akshay Goel**\n\nAkshay is a Cloud Support Associate with Amazon Web Services working closing with all AWS deployment services. He loves to play, test, create, modify and simplify the solution which makes the task easy and interesting.\n\n\n\n#### **Sameer Goel**\n\nSameer is a Sr. Solutions Architect in Netherlands, who drives customer success by building prototypes on cutting-edge initiatives. Prior to joining AWS, Sameer graduated with a master’s degree from NEU Boston, with a concentration in data science. He enjoys building and experimenting with AI/ML projects on Raspberry Pi.","render":"<p>A common problem in software development is accidentally or unintentionally merging code with bugs, defects, or security vulnerabilities into your main branch. Finding and mitigating these faulty lines of code deployed to the production environment can cause severe outages in running applications and can cost unnecessary time and effort to fix.</p>\n<p><a href=\\"https://aws.amazon.com/codeguru/\\" target=\\"_blank\\">Amazon CodeGuru Reviewer</a> tackles this issue using automated code reviews, which allows developers to fix the issue based on automated CodeGuru recommendations before the code moves to production.</p>\\n<p>This post demonstrates how to use CodeGuru for automated code reviews and uses an AWS <a href=\\"https://aws.amazon.com/codecommit/\\" target=\\"_blank\\">CodeCommit</a> approval process to set up a code approval governance model.</p>\\n<h3><a id=\\"Solution_overview_6\\"></a><strong>Solution overview</strong></h3>\\n<p>In this post, you create an end-to-end code approval workflow and add required approvers to your repository pull requests. This can help you identify and mitigate issues before they’re merged into your main branches.</p>\n<p>Let’s discuss the core services highlighted in our solution. CodeGuru Reviewer is a machine learning-based service for automated code reviews and application performance recommendations. CodeCommit is a fully managed and secure source control repository service. It eliminates the need to scale infrastructure to support highly available and critical code repository systems. CodeCommit allows you to configure approval rules on pull requests. Approval rules act as a gatekeeper on your source code changes. Pull requests that fail to satisfy the required approvals can’t be merged into your main branch for production deployment.</p>\n<p>The following diagram illustrates the architecture of this solution.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/d2ca1cf3ad3240629ef89a535831711a_image.png\\" alt=\\"image.png\\" /></p>\n<p>The solution has three personas:</p>\n<ul>\\n<li><strong>Repository admin</strong> – Sets up the code repository in CodeCommit</li>\\n<li><strong>Developer</strong> – Develops the code and uses pull requests in the main branch to move the code to production</li>\\n<li><strong>Code approver</strong> – Completes the code review based on the recommendations from CodeGuru and either approves the code or asks for fixes for the issue</li>\\n</ul>\n<p>The solution workflow contains the following steps:</p>\n<ol>\\n<li>The repository admin sets up the workflow, including a code repository in CodeCommit for the development group, required access to check in their code to the dev branch, integration of the CodeCommit repository with CodeGuru, and approval details.</li>\n<li>Developers develop the code and check in their code in the dev branch. This creates a pull request to merge the code in the main branch.</li>\n<li>CodeGuru analyzes the code and reports any issues, along with recommendations based on the code quality.</li>\n<li>The code approver analyzes the CodeGuru recommendations and provides comments for how to fix the issue in the code.</li>\n<li>The developers fix the issue based on the feedback they received from the code approver.</li>\n<li>The code approver analyzes the CodeGuru recommendations of the updated code. They approve the code to merge if everything is okay.</li>\n<li>The code gets merged in the main branch upon approval from all approvers.</li>\n<li>An <a href=\\"http://aws.amazon.com/codepipeline\\" target=\\"_blank\\">AWS CodePipeline</a> pipeline is triggered to move the code to the preproduction or production environment based on its configuration.</li>\\n</ol>\n<p>In the following sections, we walk you through configuring the CodeCommit repository and creating a pull request and approval rule. We then run the workflow to test the code, review recommendations and make appropriate changes, and run the workflow again to confirm that the code is ready to be merged.</p>\n<h3><a id=\\"Prerequisites_34\\"></a><strong>Prerequisites</strong></h3>\\n<p>Before we get started, we create an <a href=\\"http://aws.amazon.com/cloud9\\" target=\\"_blank\\">AWS Cloud9</a> development environment, which we use to check in the Python code for this solution. The sample Python code for the exercise is available at the <a href=\\"https://github.com/aws-samples/integrate-aws-codecommit-with-amazon-codeguru\\" target=\\"_blank\\">link</a>. Download the .py files to a local folder.</p>\\n<p>Complete the following steps to set up the prerequisite resources:</p>\n<ol>\\n<li>Set up your AWS Cloud9 environment and access the bash terminal, preferably in the <code>us-east-1</code> Region.</li>\\n<li>Create three <a href=\\"https://aws.amazon.com/iam/\\" target=\\"_blank\\">AWS Identity and Access Management</a> (IAM) users and its roles for the repository admin, developer, and approver by running the <a href=\\"https://aws.amazon.com/cloudformation/\\" target=\\"_blank\\">AWS CloudFormation</a> template.</li>\\n</ol>\n<h3><a id=\\"Configuring_IAM_roles_and_users_42\\"></a><strong>Configuring IAM roles and users</strong></h3>\\n<ol>\\n<li>Sign in to the <a href=\\"http://aws.amazon.com/console\\" target=\\"_blank\\">AWS Management Console</a>.</li>\\n<li>Download ‘Persona_Users.yaml’ from <a href=\\"https://github.com/aws-samples/integrate-aws-codecommit-with-amazon-codeguru\\" target=\\"_blank\\">github</a></li>\\n<li>Navigate to <a href=\\"https://aws.amazon.com/cloudformation/\\" target=\\"_blank\\">AWS CloudFormation</a> and click on <strong>Create Stack drop</strong> down to choose <strong>With new resouces (Standard)</strong>.</li>\\n<li>click on <strong>Upload a template file</strong> to upload file form local.</li>\\n<li>Enter a <strong>Stack Name</strong> such as ‘Automate-code-reviews-codeguru-blog’.</li>\\n<li>Enter IAM user’s temp password.</li>\n<li>Click <strong>Next</strong> to all the other default options.</li>\\n<li>Check mark <strong>I acknowledge that AWS CloudFormation might create IAM resources with custom names</strong>. Click <strong>Create Stack</strong>.</li>\\n</ol>\n<p>This template creates three IAM users for <strong>Repository admin, Code Approver, Developer</strong> that are required at different steps while following this blog.</p>\\n<h3><a id=\\"Configure_the_CodeCommit_repository_54\\"></a><strong>Configure the CodeCommit repository</strong></h3>\\n<p>Let’s start with CodeCommit repository. The repository works as the source control for the Java and Python code.</p>\n<ol start=\\"9\\">\\n<li>Sign in to the <a href=\\"http://aws.amazon.com/console\\" target=\\"_blank\\">AWS Management Console</a> as the repository admin.</li>\\n<li>On the CodeCommit console, choose <strong>Getting started</strong> in the navigation pane.</li>\\n<li>Choose <strong>Create repository</strong>.</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/84f7f8f44dbf46a1b30cb951a6419f11_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"12\\">\\n<li>For <strong>Repository name,</strong> enter <code>transaction_alert_repo </code>.</li>\\n<li>Select <strong>Enable Amazon CodeGuru Reviewer for Java and Python – optional.</strong></li>\\n<li>Choose <strong>Create.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/f0512adfe1484e04b7e320f37f48b2d2_image.png\\" alt=\\"image.png\\" /></p>\n<p>The repository is created.</p>\n<ol start=\\"15\\">\\n<li>On the repository details page, choose <strong>Clone HTTPS</strong> on the <strong>Clone URL</strong> menu.</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/c1de64ce42ba4c33b9602ae1119ede82_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"16\\">\\n<li>Copy the URL to use in the next step to clone the repository in the development environment.</li>\n</ol>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/319e4228973f43bc8d1a4924c0d76385_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"17\\">\\n<li>On the CodeGuru console, choose <strong>Repositories</strong> in the navigation pane under <strong>Reviewer.</strong></li>\\n</ol>\n<p>You can see our CodeCommit repository is associated with CodeGuru.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/c0176e398adb4d9895f4ad3c031d59d9_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"18\\">\\n<li>Sign in to the console as the developer.</li>\n<li>On the AWS Cloud9 console, clone the repository, using the URL that you copied in the previous step.</li>\n</ol>\\n<p>This action clones the repository and creates the <code>transaction_alert_repo</code>folder in the environment.</p>\\n<pre><code class=\\"lang-\\">git clone https://git-codecommit.us-east-.amazonaws.com/v1/repos/transaction_alert_repo\\ncd transaction_alert_repo\\necho &quot;This is a test file&quot; &gt; README.md\\ngit add -A\\ngit commit -m &quot;initial setup&quot;\\ngit push\\n</code></pre>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/cd48de3618084ecb987d036d4f16ebe0_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"20\\">\\n<li>Check the file in CodeCommit to confirm that the <code>README.md</code>file is copied and available in the CodeCommit repository.</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/a9873994fbc344b6a219823b040a8cee_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"21\\">\\n<li>In the AWS Cloud9 environment, choose the <code>transaction_alert_repo</code>folder.</li>\\n<li>On the File menu, choose <strong>Upload Local Files</strong> to upload the Python files from your local folder (which you downloaded earlier).</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/1210f6b8d53646b1869bb6187bcb412a_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"23\\">\\n<li>Choose <strong>Select files</strong> and upload <code>read_file.py</code>and <code>read_rule.py</code>.</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/6f5d4f9a9584428d80cce1bcfb1fd5d6_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"24\\">\\n<li>You can see that both files are copied in the AWS Cloud9 environment under the <code>transaction_alert_repo</code>folder:</li>\\n</ol>\n<pre><code class=\\"lang-\\">git checkout -b dev\\ngit add -A\\ngit commit -m &quot;initial import of files&quot;\\ngit push --set-upstream origin dev\\n</code></pre>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/ebf3ad9e06174d1596595a838315b25b_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"25\\">\\n<li>Check the CodeCommit console to confirm that the <code>read_file.py</code>and <code>read_rule.py</code>files are copied in the repository.</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/a18ae588ce934979afcdbb79d3ebb8cb_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Create_a_pull_request_130\\"></a><strong>Create a pull request</strong></h3>\\n<p>Now we create our pull request.</p>\n<ol>\\n<li>On the CodeCommit console, navigate to your repository and choose <strong>Pull requests</strong> in the navigation pane.</li>\\n<li>Choose <strong>Create pull request.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/c67f3ea865ba4e6c92b53ac71e2939ff_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"3\\">\\n<li>For **Destination, **choose <strong>master.</strong></li>\\n<li>For <strong>Source,</strong> choose <strong>dev.</strong></li>\\n<li>Choose <strong>Compare</strong> to see any conflict details in merging the request.</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/21f09e244add49b1b2e958963b2431c5_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"6\\">\\n<li>If the environments are mergeable, enter a title and description.</li>\n<li>Choose <strong>Create pull request.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/75c800a0a31f44e0968fe3d9f8adb105_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Create_an_approval_rule_149\\"></a><strong>Create an approval rule</strong></h3>\\n<p>We now create an approval rule as the repository admin.</p>\n<ol>\\n<li>Sign in to the console as the repository admin.</li>\n<li>On the CodeCommit console, navigate to the pull request you created.</li>\n<li>On the <strong>Approvals</strong> tab, choose <strong>Create approval rule.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/7ac8f9811e414873af1df6332409a19b_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"4\\">\\n<li>For **Rule name, **enter <code>Require an approval before merge</code>.</li>\\n<li>For <strong>Number of approvals needed,</strong> enter 1.</li>\\n<li>Under <strong>Approval pool members,</strong> provide an IAM ARN value for the code approver.</li>\\n<li>Choose <strong>Create.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/cb068e1fa05144229e8fa33a02d09dfb_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Review_recommendations_165\\"></a><strong>Review recommendations</strong></h3>\\n<p>We can now view any recommendations regarding our pull request code review.</p>\n<ol>\\n<li>As the repository admin, on the CodeGuru console, choose <strong>Code reviews</strong> in the navigation pane.</li>\\n<li>On the <strong>Pull request</strong> tab, confirm that the code review is completed, as it might take some time to process.</li>\\n<li>To review recommendations, choose the completed code review.</li>\n</ol>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/0ea7a9f21740490a98e7dce63bfbc6a3_image.png\\" alt=\\"image.png\\" /></p>\n<p>You can now review the recommendation details, as shown in the following screenshot.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/5a27ada57ce94213a7b439467254c359_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"4\\">\\n<li>Sign in to the console as the code approver.</li>\n<li>Navigate to the pull request to view its details.</li>\n</ol>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/9ee0b9c25afc4f7ea62e1086c0fb3cd9_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"6\\">\\n<li>On the <strong>Changes</strong> tab, confirm that the CodeGuru recommendation files are available.</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/7c7ed697e6c449ffa5c849f84d7414f6_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"7\\">\\n<li>Check the details of each recommendation and provide any comments in the <strong>New comment</strong> section.</li>\\n</ol>\n<p>The developer can see this comment as feedback from the approver to fix the issue.</p>\n<ol start=\\"8\\">\\n<li>Choose <strong>Save.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/08db0294675348288765d041a67fd2ad_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"9\\">\\n<li>Enter any overall comments regarding the changes and choose <strong>Save.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/2e707823249d4fc4b8d3e4897b7f0ef4_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"10\\">\\n<li>Sign in to the console as the developer.</li>\n<li>On the CodeCommit console, navigate to the pull request -&gt; select the request -&gt; click on Changes to review the approver feedback.</li>\n</ol>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/04fedd47df504f5f9c85b31d0d0b2b06_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Make_changes_rerun_the_code_review_and_merge_the_environments_204\\"></a><strong>Make changes, rerun the code review, and merge the environments</strong></h3>\\n<p>Let’s say the developer makes the required changes in the code to address the issue and uploads the new code in the AWS Cloud9 environment. If CodeGuru doesn’t find additional issues, we can merge the environments.</p>\n<ol>\\n<li>Run the following command to push the updated code to CodeCommit:</li>\n</ol>\\n<pre><code class=\\"lang-\\">git add -A\\ngit commit -m &quot;code-fixed&quot;\\ngit push --set-upstream origin dev\\n</code></pre>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/ee2d0b69da434b19b916c542ae823a04_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"2\\">\\n<li>Sign in to the console as the approver.</li>\n<li>Navigate to the code review.</li>\n</ol>\\n<p>CodeGuru hasn’t found any issue in the updated code, so there are no recommendations.<br />\\n1.<br />\\n<img src=\\"https://dev-media.amazoncloud.cn/7c43bdb6864b45178d5c3454803837ce_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"4\\">\\n<li>On the CodeCommit console, you can verify the code and provide your approval comment.</li>\n<li>Choose <strong>Save.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/fb0422e22dc34ac2b7e2e64b26104fe2_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"6\\">\\n<li>On the pull request details page, choose <strong>Approve.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/77cce3137ccb4ff19ffb173b97d2e1f6_image.png\\" alt=\\"image.png\\" /></p>\n<p>Now the developer can see on the CodeCommit console that the pull request is approved.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/5e2f93365fcf48cea5e11b845702a635_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"7\\">\\n<li>Sign in to the console as the developer. On the pull request details page, choose <strong>Merge.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/9c571a7f8c164bbb8b63a9b1434520d9_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"8\\">\\n<li>Select your merge strategy. For this post, we select <strong>Fast forward merge.</strong></li>\\n<li>Choose <strong>Merge pull request.</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/b25b64e5a86049ce9cb4b24188086eda_image.png\\" alt=\\"image.png\\" /></p>\n<p>You can see a success message.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/e24ee164573244298095498b2067e223_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"10\\">\\n<li>On the CodeCommit console, choose <strong>Code</strong> in the navigation pane for your repository.</li>\\n<li>Choose <strong>master</strong> from the branch list.</li>\\n</ol>\n<p>The <code>read_file.py</code>and <code>read_rule.py</code>files are available under the main branch.</p>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/c221512e336548f2bc0029972132336b_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Clean_up_the_resources_257\\"></a><strong>Clean up the resources</strong></h3>\\n<p>To avoid incurring future charges, remove the resources created by this solution by</p>\n<ul>\\n<li><a href=\\"https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-console-delete-stack.html\\" target=\\"_blank\\">Deleting the stack from the AWS CloudFormation</a></li>\\n<li><a href=\\"https://docs.aws.amazon.com/cloud9/latest/user-guide/delete-environment.html\\" target=\\"_blank\\">Deleting AWS Cloud9 environment</a></li>\\n<li><a href=\\"https://docs.aws.amazon.com/codecommit/latest/userguide/how-to-delete-repository.html\\" target=\\"_blank\\">Deleting AWS CodeCommit repository</a></li>\\n</ul>\n<h3><a id=\\"Conclusion_264\\"></a><strong>Conclusion</strong></h3>\\n<p>This post highlighted the benefits of CodeGuru automated code reviews. You created an end-to-end code approval workflow and added required approvers to your repository pull requests. This solution can help you identify and mitigate issues before they’re merged into your main branches.</p>\n<p>You can get started from the <a href=\\"https://console.aws.amazon.com/codeguru/home\\" target=\\"_blank\\">CodeGuru console</a> by integrating CodeGuru Reviewer with your supported CI/CD pipeline.</p>\\n<p>For more information about automating code reviews and check out the <a href=\\"https://docs.aws.amazon.com/codeguru/latest/reviewer-ug/welcome.html\\" target=\\"_blank\\">documentation</a>.</p>\\n<h4><a id=\\"About_the_Authors_271\\"></a><strong>About the Authors</strong></h4>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/521b901d8c014669a11637f7b80080b7_image.png\\" alt=\\"image.png\\" /></p>\n<h4><a id=\\"Dhiraj_Thakur_275\\"></a><strong>Dhiraj Thakur</strong></h4>\\n<p>Dhiraj Thakur is a Solutions Architect with Amazon Web Services. He works with AWS customers and partners to provide guidance on enterprise cloud adoption, migration, and strategy. He is passionate about technology and enjoys building and experimenting in the analytics and AI/ML space.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/9e60f00c0dde4534907835c155cd54b0_image.png\\" alt=\\"image.png\\" /></p>\n<h4><a id=\\"Akshay_Goel_281\\"></a><strong>Akshay Goel</strong></h4>\\n<p>Akshay is a Cloud Support Associate with Amazon Web Services working closing with all AWS deployment services. He loves to play, test, create, modify and simplify the solution which makes the task easy and interesting.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/9a01deed7612439f95b0aa33737677d0_image.png\\" alt=\\"image.png\\" /></p>\n<h4><a id=\\"Sameer_Goel_287\\"></a><strong>Sameer Goel</strong></h4>\\n<p>Sameer is a Sr. Solutions Architect in Netherlands, who drives customer success by building prototypes on cutting-edge initiatives. Prior to joining AWS, Sameer graduated with a master’s degree from NEU Boston, with a concentration in data science. He enjoys building and experimenting with AI/ML projects on Raspberry Pi.</p>\n"}