Improve code review and approval efficiency with generative AI using Amazon Bedrock

In the world of software development, code review and approval are important processes to ensure the quality, security, and functionality of the software being developed. However, managers charged with overseeing these critical processes often face numerous challenges, including:

• Lack of technical experience – Managers may not have deep technical knowledge of the programming language used or may not have been involved in software engineering for an extended period. This results in a knowledge gap that can make it difficult for them to accurately assess the impact and robustness of proposed code changes.
• Time limitations – Code review and approval can be a time-consuming process, especially on larger or complex projects. Managers must balance the thoroughness of the review and the pressure to meet project schedules.
• Change request volume – Dealing with a high volume of change requests is a common challenge for managers, especially if they oversee multiple teams and projects. Similar to the time constraint challenge, managers must be able to handle those requests efficiently so as not to slow down project progress.
• manual effort – Code review requires manual effort on the part of managers and the lack of automation can make it difficult to scale the process.
• Documentation – Proper documentation of the code review and approval process is important for transparency and accountability.

With the rise of generative artificial intelligence (ai), managers can now take advantage of this transformative technology and integrate it with the AWS suite of tools and implementation services to streamline the review and approval process in a way that was not possible before. In this post, we explore a solution that offers an integrated end-to-end deployment workflow that incorporates automated change analysis and summary along with approval workflow functionality. We use Amazon Bedrock, a fully managed service that makes base models (FMs) from leading ai startups and Amazon available via an API, so you can choose from a wide range of FMs to find the model that suits you. best suits your use case. With Amazon Bedrock's serverless experience, you can get started quickly, privately customize FMs with your own data, and integrate and deploy them into your applications using AWS tools without having to manage any infrastructure.

Solution Overview

The following diagram illustrates the architecture of the solution.

The workflow consists of the following steps:

1. A developer submits new code changes to their code repository (such as AWS CodeCommit), which automatically triggers the start of an AWS CodePipeline deployment.
2. The application code goes through a code creation process, performs vulnerability scanning, and performs unit testing using your preferred tools.
3. AWS CodeBuild retrieves the repository and performs a git show command to extract code differences between the current commit version and the previous commit version. This produces line-by-line output indicating the code changes made in this version.
4. CodeBuild saves the result to an Amazon DynamoDB table with additional reference information:
   1. CodePipeline Execution ID
   2. AWS Region
   3. CodePipeline Name
   4. CodeBuild build number
   5. Date and Time
   6. State
5. Amazon DynamoDB Streams captures data modifications made to the table.
6. The DynamoDB stream triggers an AWS Lambda function to process the captured log.
7. The function invokes the Anthropic Claude v2 model in Amazon Bedrock via Amazon Bedrock Model Invocation API call. The code differences, along with a message, are provided as input to the model for analysis and a summary of the code changes is returned as output.
8. The model output is saved again in the same DynamoDB table.
9. The administrator is notified through Amazon Simple Email Service (Amazon SES) that the code changes are summary and that their approval is required for the deployment.
10. The administrator reviews the email and provides their decision (approve or reject) along with review comments through the CodePipeline console.
11. Amazon EventBridge captures the approval decision and review comments, triggering a Lambda function to save them back to DynamoDB.
12. If approved, the pipeline deploys the application code using your preferred tools. If rejected, the workflow ends and the deployment does not continue.

In the following sections, you will deploy the solution and verify the end-to-end workflow.

Previous requirements

To follow the instructions in this solution, you need the following prerequisites:

Implement the solution

To deploy the solution, complete the following steps:

1. Choose launch stack to launch a CloudFormation stack on us-east-1:
   
2. For Email address, enter an email address that you have access to. The summary of the code changes will be sent to this email address.
3. For Model IDleave as the default anthropic.claude-v2, which is the Anthropic Claude v2 model.

Deploying the template will take about 4 minutes.

1. When you receive an email from Amazon SES to verify your email address, choose the link provided to authorize your email address.
2. You will receive an email titled “Summary of Changes” for the initial commit of the sample repository to CodeCommit.
3. In the AWS CloudFormation console, navigate to the Departures implemented stack tab.
4. Copy the value of RepoCloneURL. You need it to access the sample code repository.

Try the solution

You can test the end-to-end workflow by assuming the role of a developer and pushing some changes to the code. A set of sample codes has been prepared on CodeCommit. To access the CodeCommit repository, enter the following commands in your IDE:

git clone <replace_with_value_of_RepoCloneURL>
cd my-sample-project
ls

You'll find the following directory structure for an AWS Cloud Development Kit (AWS CDK) application that creates a Lambda function to perform bubble sort on a string of integers. The Lambda function can be accessed through a publicly available URL.

.
├── README.md
├── app.py
├── cdk.json
├── lambda
│ └── index.py
├── my_sample_project
│ ├── __init__.py
│ └── my_sample_project_stack.py
├── requirements-dev.txt
├── requirements.txt
└── source.bat

Make three changes to the application codes.

1. To enhance the function to support quick and bubble sort algorithm, take a parameter to allow selection of which algorithm to use and return both the algorithm used and the sorted array in the output, replace all contents of lambda/index.py with the following code:

# function to perform bubble sort on an array of integers
def bubble_sort(arr):
    for i in range(len(arr)):
        for j in range(len(arr)-1):
            if arr(j) > arr(j+1):
                arr(j), arr(j+1) = arr(j+1), arr(j)
    return arr

# function to perform quick sort on an array of integers
def quick_sort(arr):
    if len(arr) <= 1:
        return arr
    else:
        pivot = arr(0)
        less = (i for i in arr(1:) if i <= pivot)
        greater = (i for i in arr(1:) if i > pivot)
        return quick_sort(less) + (pivot) + quick_sort(greater)

# lambda handler
def lambda_handler(event, context):
    try:
        algorithm = event('queryStringParameters')('algorithm')
        numbers = event('queryStringParameters')('numbers')
        arr = (int(x) for x in numbers.split(','))
        if ( algorithm == 'bubble'):
            arr = bubble_sort(arr)
        elif ( algorithm == 'quick'):
            arr = quick_sort(arr)
        else:
            arr = bubble_sort(arr)

        return {
            'statusCode': 200,
            'body': {
                'algorithm': algorithm,
                'numbers': arr
            }
        }
    except:
        return {
            'statusCode': 200,
            'body': {
                'algorithm': 'bubble or quick',
                'numbers': 'integer separated by commas'
            }
        }

1. To reduce the function timeout setting from 10 minutes to 5 seconds (because we don't expect the function to run more than a few seconds), update line 47 in my_sample_project/my_sample_project_stack.py as follows:

timeout=Duration.seconds(5),

1. To restrict the invocation of the function using IAM for greater security, update line 56 in my_sample_project/my_sample_project_stack.py as follows:

auth_type=_lambda.FunctionUrlAuthType.AWS_IAM

1. Push the code changes by entering the following commands:

git commit -am 'added new changes for release v1.1'
git push

This starts the CodePipeline deployment workflow from steps 1 to 9, as described in the solution overview. When invoking the Amazon Bedrock model, we provide the following message:

Human: Review the following "git show" output enclosed within <gitshow> tags detailing code changes, and analyze their implications.
Assess the code changes made and provide a concise summary of the modifications as well as the potential consequences they might have on the code's functionality.
<gitshow>
{code_change}
</gitshow>

Assistant:

Based on the diff, the following main changes were made:

1. Two sorting algorithms were added - bubble sort and quick sort.
2. The lambda handler was updated to take an 'algorithm' query parameter to determine which sorting algorithm to use. By default it uses bubble sort if no algorithm is specified. 
3. The lambda handler now returns the sorting algorithm used along with the sorted numbers in the response body.
4. The lambda timeout was reduced from 10 mins to 5 seconds. 
5. The function URL authentication was changed from none to AWS IAM, so only authenticated users can invoke the URL.

Overall, this adds support for different sorting algorithms, returns more metadata in the response, reduces timeout duration, and tightens security around URL access. The main functional change is the addition of the sorting algorithms, which provides more flexibility in how the numbers are sorted. The other changes improve various non-functional attributes of the lambda function.