Static Code Analysis Within CI/CD Pipelines
Description
Static analysis tools can perform a variety of checks to improve the quality of your code without needing to execute the code. Examples of checks performed by static analysis tools include the following:
- Consistent code style
- Identifying resource leaks
- Incorrect usage of APIs
- Security vulnerabilities
You will see how integrating static code analysis within a three-stage AWS CodePipeline CI/CD pipeline can prevent vulnerabilities from making it into production. The Lab uses a sample application written in JavaScript and uses ESLint for static analysis. The process for integrating other static analysis tools into a CI/CD pipelines for projects written in other languages is similar.
Lab Objectives
Upon completion of this Lab, you will be able to:
- Understand the benefits of static code analysis
- Integrate static code analysis into an AWS CodePipeline continuous deployment pipeline
- Perform static analysis of JavaScript code using ESLint
Lab Prerequisites
You should be familiar with:
- Basic continuous integration concepts
- Working at the command line in Linux
- JavaScript programming experience is beneficial, but not strictly required
Lab Environment
Before completing the Lab instructions, the environment will look as follows:
After completing the Lab instructions, the environment should look similar to:
Updates
September 7th, 2023 - Resolved an issue that caused the pipeline deployment to fail
May 16th, 2023 - Resolved an issue that caused the lab to fail to setup on rare occasions
March 7th, 2023 - Updated lab to use the aws/codebuild/standard:6.0 image
November 23rd, 2022 - Updated the instructions and screenshots to reflect the latest UI and added checks
December 18th, 2019 - Updated the source code to reduce the number of errors detected by ESLint
May 13th, 2019 - Updated to Node.js 10 to resolve an issue causing failed application builds and updated screenshots and instructions to reflect the new experience
January 10th, 2019 - Added a validation Lab Step to check the work you perform in the Lab
January 2nd, 2019: Fixed an issue that caused the application deployment to occasionally fail during the Lab startup routine
October 1st, 2018: Further constrained the webpack Node.js package version to avoid a bug introduced in version 4.20 of webpack that prevented the Lab application from building correctly.