AWS wants more of your developer workflows and has taken its new “CodeCatalyst” service to general availability (GA) in a bid to capture them – via a unified home for planning projects, collaborating on code and building, testing, and deploying applications with continuous integration/continuous delivery (CI/CD) tools.
AWS first floated CodeCatalyst at re:Invent 2022 as a public preview. It aims to provide a one stop shop for DevOps teams and other project stakeholders who might be struggling with complex and slow delivery and collaboration processes, including across multiple application environments. Users can connect multiple AWS accounts to it to manage access across different environments such as dev, test, staging, and production.
(The Azure equivalent would be Azure DevOps “ADO” which has secured a warm reputation among end-users for a clean interface and extensive collaborative software development tools and which users can also choose to host on-premises; Amazon’s extensive if sometimes disjointed capabilities have not previously had the kind of unified home that CodeCatalyst aims to provide. CodeCatalyst also only runs out of US West which may be a deal breaker for some European customers, but can deploy workloads to any public AWS region worldwide.)
AWS CodeCatalyst: $4/month, DevSecOps tools, but limitations
As of April 20 CodeCatalyst is GA, with a shiny website (the first, to our knowledge, to get a .aws top level domain), a limited free tier or a standard tier with greater instance choice and capabilities for $4/user/month.
It can (but doesn’t have to be) linked to GitHub repositories in workflows, where events in the linked repo start workflows that might build, test, or deploy code, depending on the workflow configuration and it allows online-editing of source code within the dev environment and also provides “blueprints” for new projects.
See also: 100+ new AWS services and features in 30 words each
CodeCatalyst organises projects into “Spaces”. A space represents your company, department, or group; and contains projects, members, and the associated cloud resources you create in CodeCatalyst. It allows users to manage their work using a Trello-style Kanban style board across which users can drag and drop changes.
The platform also offers software composition analysis (SCA) plugins (i.e. to check custom-built software applications to detect embedded open-source software and analyse whether they are up-to-date, contain security flaws, or have licensing requirements. (One walkthrough by AWS proposes using the open-source OWASP Dependency-Check tool to scan for vulnerable dependencies in an application – which it does by determining if there is a Common Platform Enumeration identifier for a given dependency. If found, it will generate a report linking to the associated CVE entry and integrate a mend into the CI/CD workflow.)
BuilderIDs only?
CodeCatalyst looks like it has a lot of potential and a lot of work has clearly gone into both the project and the microsite. Users may have expected a little more enterprise-readiness before it went GA however, not least the ability to run it out of other regions than US West (Oregon). A potential deal-breaker may be the fact that, as one early observer, experienced DevOps engineer Simon Hanmer notes, “currently, access to CodeCatalyst is via Builder Ids [a personal profile you can set up if you build anything on AWS.] “Whilst I can see the reason for allowing this, the majority of enterprise customers that I work with will want integration into their existing SSO solutions (ok, AD) before they will consider using CodeCatalyst for anything other than evaluation.”
Johannes Koch, another senior DevOps engineer and AWS veteran added: “Practically speaking, it is easier to adapt the service for new projects than for existing projects , as there is no real “import” functionality. Yes, you can integrate existing Github projects, but that only integrates the source code. Unfortunately that does not make all of the “cool” things available right from the start of integrating the source: existing workflows (CI/CD pipelines) are lost and need to be re-build, issues/tickets are not imported into CodeCatalyst (though they can be made available through the JIRA integration). A big question for the CodeCatalyst team”, he asked pointedly however, is how many AWS teams are themselves using CodeCatalyst for production deployments today?
With AWS’s dizzying number of new features and services (3,300 in 2022) it is easy for new projects to get lost. CodeCatalyst has a lot of potential and deserves not to be but from an early look, there’s still work to do.