Today, Amazon Web Services Inc. (AWS), an Amazon.com company announced the general availability of Amazon CodeGuru, a developer tool powered by machine learning that provides intelligent recommendations for improving code quality and identifying an application’s most expensive lines of code. Amazon CodeGuru Reviewer helps improve code quality by scanning for critical issues, identifying bugs, and recommending how to remediate them.
Amazon CodeGuru Profiler helps developers find an application’s most expensive lines of code along with specific visualizations and recommendations on how to improve code to save money. Amazon CodeGuru can be enabled with a few clicks in the AWS console, customers only pay for their actual use of Amazon CodeGuru, and it’s easy and affordable enough to run on every code review and application in an organization. To get started with Amazon CodeGuru, visit http://aws.amazon.com/codeguru
Just like Amazon.com, AWS customers write a lot of code. Software development is a well understood process. Developers write code, review it, compile the code and deploy the application, measure the performance of the application, and use that data to improve the code. Then, they rinse and repeat. Yet, all of this process doesn’t matter if the code is incorrect to begin with, which is why teams perform code reviews to check the logic, syntax, and style before new code is added to an existing application code base.
Even for a large organization like Amazon, it’s challenging to have enough experienced developers with enough free time to do code reviews, given the amount of code that gets written every day. And even the most experienced reviewers miss problems before they impact customer-facing applications, resulting in bugs and performance issues. Even after an application is up and running, developers still need to monitor performance to make sure it is running efficiently.
Typically, developers monitor application performance through logging, which allows them to observe how much time an application takes to complete a task. However, logging is cumbersome to implement (requiring developers to instrument every function in the application), negatively impacts application performance, and doesn’t measure other metrics like CPU utilization that contribute to compute costs, leaving developers without a tool to effectively identify cost-saving opportunities for applications in production. Organizations often incur unnecessarily higher costs (sometimes upwards of tens of millions of dollars) for running applications that are in need of further optimizations because these applications consume more CPU and infrastructure than they should.
Amazon CodeGuru is a new developer service that uses machine learning to automate both code reviews during application development and profiling of applications in production. Amazon CodeGuru has two components:
- Code Reviewer: Developers can use machine learning-powered Amazon CodeGuru Reviewer to automatically flag common issues that deviate from best practices (potentially leading to production issues), while also providing specific recommendations on how to fix them, including example code and links to relevant documentation. For code reviews, developers commit their code as usual to the repository of their choice (e.g. GitHub, GitHub Enterprise, Bitbucket Cloud, AWS CodeCommit) and add Amazon CodeGuru Reviewer as one of the code reviewers, with no other changes to the normal development process. Amazon CodeGuru Reviewer analyzes existing code bases in the repository, identifies hard to find bugs and critical issues with high accuracy, provides intelligent suggestions on how to remediate them, and creates a baseline for successive code reviews. To do so, Amazon CodeGuru Reviewer opens a pull request and automatically starts evaluating the code using machine learning models that have been trained on several decades of code reviews at Amazon.com and over ten thousand open-source projects on GitHub. If Amazon CodeGuru Reviewer discovers an issue (e.g. thread safety issues, use of un-sanitized inputs, inappropriate handling of sensitive data such as credentials, resource leaks, redundant copy and pasted code, deviation from best practices for using Java and AWS APIs, etc.), it will add a human-readable comment to the pull request that identifies the line of code, specific issue, and recommended remediation. Amazon CodeGuru Reviewer also provides a pull request dashboard that lists information for all code reviews (e.g. status of the code review, number of lines of code analyzed, and the number of recommendations). Users may also give feedback on CodeGuru Reviewer recommendations by clicking on a thumbs up or thumbs down icon, which helps improve recommendations over time using machine learning.
- Application Profiler: Developers can use machine learning-powered Amazon CodeGuru Profiler to identify the most expensive lines of code (in terms of potential estimated dollar savings) by helping them understand the runtime behavior of their applications (including serverless applications running via AWS Lambda or AWS Fargate), identify and remove code inefficiencies, improve performance, and significantly decrease compute costs. For example, Amazon’s internal teams have used Amazon CodeGuru Profiler on more than 30,000 production applications, resulting in tens of millions of dollars in savings on compute and infrastructure costs. Further, the Amazon.com Consumer Payments team used Amazon CodeGuru Profiler from 2017 to 2018 to gain efficiencies for the biggest shopping day of the year – Prime Day – and realized a 325% efficiency increase in CPU utilization across their applications and lowered costs by 39%. To get started with Amazon CodeGuru Profiler, customers install a small, low-profile agent in their application that can observe the application run time and profile the application to detect code quality issues (e.g. recreation of expensive objects, use of inefficient libraries, evaluating null or undefined values, etc.) along with details on latency and CPU usage. Amazon CodeGuru Profiler then uses machine learning to automatically identify code methods (reusable blocks of code also called functions) and anomalous behaviors that are most impacting latency and CPU usage. This information is brought together in a profile that clearly shows the areas of code that are most inefficient and provides visualizations that identify the code methods that are creating bottlenecks, along with a time-series graph of detected anomalies. The profile includes recommendations on how developers can fix issues to improve performance and also estimates the cost (in dollars) of continuing to run inefficient code so developers can prioritize remediation. Developers can now take advantage of the same technology deployed at Amazon to improve application performance and customer experiences, while also eliminating their most expensive lines of code.
“Our customers develop and run a lot of applications that include millions and millions of lines of code. Ensuring the quality and efficiency of that code is incredibly important, as bugs and inefficiencies in even a few lines of code can be very costly. Today, the methods for identifying code quality issues are time-consuming, manual, and error-prone, especially at scale,” said Swami Sivasubramanian, Vice President, Amazon Machine Learning, Amazon Web Services, Inc. “CodeGuru combines Amazon’s decades of experience developing and deploying applications at scale with considerable machine learning expertise to give customers a service that improves software quality, delights their customers with better application performance, and eliminates their most expensive lines of code.”
Amazon CodeGuru is available today in US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (London), EU (Frankfurt), EU (Stockholm), Asia Pacific (Singapore), Asia Pacific (Sydney), and Asia Pacific (Tokyo) with availability in additional regions in the coming months.
Teams at more than 170,000 companies rely on Atlassian products to make teamwork easier, and help them organize, discuss, and complete their work. “At Atlassian, many of our services have hundreds of check-ins per deployment. While code reviews from our development team do a great job of preventing bugs from reaching production, it’s not always possible to predict how systems will behave under stress or manage complex data shapes, especially as we have multiple deployments per day,” said Zak Islam, Head of Engineering, Tech Teams, Atlassian. “When we detect anomalies in production, we have been able to reduce the investigation time from days to hours and sometimes minutes thanks to Amazon CodeGuru’s continuous profiling feature. Our developers now focus more of their energy on delivering differentiated capabilities and less time investigating problems in our production environment.”
EagleDream Technologies is a trusted cloud-native transformation company and APN Premier Consulting Partner for businesses using AWS. “Part of application development is the creation of performant systems as well as the feedback and continuous improvement of existing systems. This starts with a strong architectural foundation but often ends in the details of the application code. When our team at EagleDream is digging into these details there are a variety of tools at our disposal, and using both static and dynamic analysis is helpful,” said Dustin Potter, Principal Could Solutions Architect at EagleDream Technologies. “We’ve found that the runtime analysis offered by the CodeGuru Profiler is one of the simplest and fastest to get running, and generates insights into the application code that are easy to remediate. Using this tool we’ve been able to quickly hone in on portions of an application that represent bottlenecks that would have otherwise been difficult to spot, then develop changes that can be implemented and tested with a very fast feedback loop. This allows us to continuously deliver and improve our own workloads and the workloads of our customers, making them more performant while saving on cost at the same time.”
DevFactory manages over 600 million lines of code across over a hundred enterprise software products. “A key component of our future roadmap is to turn all our products into cloud-native products that leverage the incredible array of managed services available at AWS. Rebuilding old school, on-prem architectures, and transforming them for the cloud brings a whole set of engineering challenges that range from keeping abreast with all the latest services to adjusting to the paradigm shift that is associated with these architectures,” said Rahul Subramaniam, CEO at DevFactory. “CodeGuru is an incredibly valuable tool that helps optimize our products’ performance while making sure that we are leveraging these services with all the best practices in place. Without tools like CodeGuru Reviewer, we wouldn’t have been able to rewrite entire products like FogBugz to be AWS cloud-native. We are now using CodeGuru Profiler to optimize a number of products including EngineYard’s container-based ‘No Ops’ platform and well as the next generation of the Jive collaboration platform.”
RENGA, Inc. is a company that operates one of Japan’s largest condominium reviews and evaluation sites used by more than 1 million people every month. “Poor quality code adds complexity to the system and can become technical debt at some point. On the other hand, as long as consistent code quality is maintained, scaling the system won’t prevent developers from extending features as the code itself is simple,” said Kazuma Ohara, CTO at RENGA. “At RENGA, the code review process is important, however, it should not increase workload for reviewers or become a bottleneck in development. Powered by machine learning, Amazon CodeGuru Reviewer helped us automate code reviews and reduced the workload required on reviewers. We could seamlessly integrate Amazon CodeGuru Reviewer into our existing development pipeline. Furthermore, learning the best practices of coding – which we were not aware of – has helped us develop with more confidence.”
YouCanBook.me is a small, independent, and fully remote team, that loves solving scheduling problems all over the world. “Our use of Amazon CodeGuru Profiler is very simple but extremely valuable,” said Sergio Delgado, Engineering Team Lead at YouCanBook.me. “We’ve optimized our worst performant service to reduce its latency by 15% for the 95th percentile in a typical work day.”