Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How we built an AI code reviewer with serverles...

Avatar for Yan Cui Yan Cui
February 12, 2025
Technology
0
99

How we built an AI code reviewer with serverless and Bedrock

Slides for my talk at the Serverless London meetup on 12-Feb-2025
Avatar for Yan Cui

Yan Cui

February 12, 2025
Tweet

More Decks by Yan Cui

See All by Yan Cui
Money-saving tips for the frugal serverless developer (AWS Community Summit)
Avatar for Yan Cui theburningmonk
1
180
Money-saving tips for the frugal serverless developer
Avatar for Yan Cui theburningmonk
1
760
Why the fuzz about serverless (with CompassDigital)
Avatar for Yan Cui theburningmonk
0
100
Money-saving tips for the frugal serverless developer
Avatar for Yan Cui theburningmonk
0
120
Efficient patterns for serverless development (AWS Summit London)
Avatar for Yan Cui theburningmonk
0
140
7 ways to solve Lambda cold starts
Avatar for Yan Cui theburningmonk
0
63
Saving Money on Serverless: Common Mistakes and How to Avoid Them
Avatar for Yan Cui theburningmonk
0
58
3 Ways to Improve Serverless Performance
Avatar for Yan Cui theburningmonk
0
45
Smart and efficient ways to test serverless architectures
Avatar for Yan Cui theburningmonk
1
280

Other Decks in Technology

See All in Technology
fukabori.fm 出張版: 売上高617億円と高稼働率を陰で支えた社内ツール開発のあれこれ話 / 20250704 Yoshimasa Iwase & Tomoo Morikawa
Avatar for SHIFT EVOLVE shift_evolve
PRO
2
8.1k
OSSのSNSツール「Misskey」をさわってみよう(右下ワイプで私のOSCの20年を振り返ります) / 20250705-osc2025-do
Avatar for Akira Ouchi akkiesoft
0
170
AWS CDKの仕組み / how-aws-cdk-works
Avatar for k.goto gotok365
8
370
[SRE NEXT] ARR150億円_エンジニア140名_27チーム_17プロダクトから始めるSLO.pdf
Avatar for sato-s satos
2
770
開発生産性を測る前にやるべきこと - 組織改善の実践 / Before Measuring Dev Productivity
Avatar for 株式会社カオナビ kaonavi
14
6.5k
TableauLangchainとは何か?
Avatar for yuta cielo1985
1
120
QuickSight SPICE の効果的な運用戦略~S3 + Athena 構成での実践ノウハウ~/quicksight-spice-s3-athena-best-practices
Avatar for emi emiki
0
140
アクセスピークを制するオートスケール再設計: 障害を乗り越えKEDAで実現したリソース管理の最適化
Avatar for M-Yamashita myamashii
1
160
United™️ Airlines®️ Customer®️ USA Contact Numbers: Complete 2025 Support Guide
Avatar for dobek566 flyunitedguide
0
430
CDKTFについてざっくり理解する!!~CloudFormationからCDKTFへ変換するツールも作ってみた~
Avatar for モブエンジニア masakiokuda
1
180
VS CodeとGitHub Copilotで爆速開発!アップデートの波に乗るおさらい会 / Rapid Development with VS Code and GitHub Copilot: Catch the Latest Wave
Avatar for Yusuke Yamada yamachu
2
190
How to Quickly Call American Airlines®️ U.S. Customer Care : Full Guide
Avatar for goldfinch3710 flyaahelpguide
0
150

Featured

See All Featured
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
48
50k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
Avatar for Dan Newman danielanewman
229
22k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
86
4.7k
Scaling GitHub
Avatar for Zach Holman holman
460
140k
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
273
40k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
173
14k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
35
2.4k
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
233
17k
Speed Design
Avatar for Sergey Chernyshev sergeychernyshev
32
1k
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1031
460k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
49
14k
How to train your dragon (web standard)
Avatar for Monica Dinculescu notwaldorf
96
6.1k

Transcript

  1. How we built an AI Code Reviewer with Serverless and

    Bedrock

  2. Yan Cui http://theburningmonk.com @theburningmonk AWS user since 2010

  3. Yan Cui http://theburningmonk.com @theburningmonk running serverless in production since 2016

  4. Developer Advocate @ Yan Cui http://theburningmonk.com @theburningmonk

  5. Yan Cui http://theburningmonk.com @theburningmonk independent consultant

  6. None

  7. evolua.io Demo

  8. Architecture

  9. API Gateway EventBridge Webhook

  10. API Gateway DynamoDB Bedrock EventBridge Webhook

  11. API Gateway DynamoDB Bedrock EventBridge Webhook

  12. API Gateway DynamoDB Bedrock EventBridge Webhook evolua.io

  13. None

  14. API Gateway DynamoDB Bedrock EventBridge Webhook AppSync evolua.io

  15. API Gateway DynamoDB Bedrock EventBridge Webhook AppSync evolua.io

  16. None

  17. API Gateway DynamoDB Bedrock EventBridge Webhook AppSync evolua.io Authoriser

  18. API Gateway DynamoDB Bedrock EventBridge Webhook AppSync evolua.io Authoriser

  19. API Gateway DynamoDB Bedrock EventBridge Webhook AppSync evolua.io Authoriser

  20. API Gateway DynamoDB Bedrock EventBridge Webhook AppSync evolua.io Authoriser

  21. API Gateway DynamoDB Bedrock EventBridge Webhook AppSync evolua.io Authoriser

  22. Challenges (for an AI code reviewer) Handling sensitive data for

    customers

  23. Challenges (for an AI code reviewer) Large fi les. Large

    PRs with many fi les. Handling sensitive data for customers

  24. Why Bedrock?

  25. Security

  26. Security Data is encrypted at rest.

  27. www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak

  28. aws.amazon.com/bedrock/faqs

  29. Security Data is encrypted at rest. Inputs & Outputs are

    not shared with model providers. Inputs & Outputs are not used to train other models.

  30. API Gateway DynamoDB Bedrock EventBridge Webhook AppSync evolua.io Authoriser Fallback

    Primary

  31. privacy.anthropic.com/en/articles/7996885-how-do-you-use-personal-data-in-model-training

  32. Serverless

  33. Serverless Usage-based AND provisioned throughput pricing

  34. None
  35. None

  36. 1M Input Tokens 1M Output Tokens $0.14 v3 r1 $0.28

    $0.55 $2.19 Sonnet $3.75 $15.0 Haiku $0.80 $4.00

  37. Very cost ef fi cient!

  38. Very cost ef fi cient! Data is stored in China.

  39. Very cost ef fi cient! Data is stored in China.

    Data might be used to train other models.

  40. www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak

  41. Very cost ef fi cient! Data is stored in China.

    Data might be used to train other models. Operationally immature.
  42. None

  43. No token-based pricing yet

  44. No token-based pricing yet “GPU-based instance type like ml.p5e.48xlarge is

    recommended”

  45. ml.p5e.48xlarge 💰💰💰💰💰💰💰💰💰💰 💰💰💰💰💰💰💰💰💰💰 💰💰💰💰💰💰💰💰💰💰 💰💰💰💰💰💰💰💰💰💰 💰💰💰💰💰💰💰💰

  46. Other capabilities Guardrails Knowledge base (managed RAG) Agents Cross-region inference

    Model evaluations
  47. None
  48. None
  49. None

  50. API Gateway DynamoDB Bedrock EventBridge Webhook AppSync evolua.io Authoriser Fallback

    Primary

  51. Lessons

  52. Webhook

  53. Webhook Analyse changes

  54. Webhook Analyse changes Feedback

  55. Condensed view…

  56. None

  57. Lambda timed out after 15 mins

  58. Succeeded on automatic retry

  59. Webhook Analyse changes Feedback LLM limits GitHub limits AWS limits

  60. Lesson: AI is 10% of the problem

  61. None

  62. Reasoning ability

  63. Context window Max response tokens API rate limit Reasoning ability

  64. Context window Max response tokens API rate limit Reasoning ability

    Cost Performance

  65. Context window Max response tokens API rate limit Reasoning ability

    Cost Performance Important selection criteria for LLMs

  66. Doing cool AI stuff! Working around AI limits

  67. Doing cool AI stuff! Working around AI limits Stop playing

    with my bowl…

  68. Context window Max response tokens API rate limit Reasoning ability

    Cost Performance

  69. Claude 3.5 Sonnet’s default throughput is 50 per minute

  70. Claude 3.5 Sonnet’s default throughput is 50 per minute Can

    be raised to 1,000 per minute

  71. Claude 3.5 Sonnet’s default throughput is 50 per minute Can

    be raised to 1,000 per minute Bedrock has cross- region inference

  72. Mitigate API rate limit Raise account limits. Use Bedrock cross-region

    inference.

  73. Mitigate API rate limit Raise account limits. Use Bedrock cross-region

    inference. Limit no. of parallel requests per PR.

  74. Mitigate API rate limit Raise account limits. Use Bedrock cross-region

    inference. Limit no. of parallel requests per PR. Fallback to Anthropic & less powerful models (Claude 3 Sonnet, Claude 3.5 Haiku)

  75. Future work: incorporate other models (Nova, DeepSeek, etc.)

  76. Future work: incorporate other models (Nova, DeepSeek, etc.) Also good

    for cost control!

  77. Lesson: LLMs are still quite expensive

  78. None

  79. Dif fi cult to build a sustainable and competitive business

  80. Cost control Only analyse changed lines.

  81. Cost control Only analyse changed lines. Good for cost control

    Good for UX

  82. Cost control Only analyse changed lines. Limit free users to

    few PRs per month.

  83. API Gateway DynamoDB Bedrock EventBridge Webhook

  84. API Gateway DynamoDB Bedrock EventBridge Webhook Built-in retries & DLQ

  85. Lambda timed out after 15 mins

  86. Lambda timed out after 15 mins Reprocess fi les on

    retry…

  87. Lambda timed out after 15 mins Reprocess fi les on

    retry… Duplicated side- effects (e.g. Github comments)

  88. Cost control Only analyse changed lines. Limit free users to

    few PRs per month. Use checkpoints to avoid re-processing fi les on retries

  89. const issues = await executeIdempotently( `${event-id}-${filename}-analyze`, () => analyzeFile(file) );

    ... await executeIdempotently( `${event-id}-${filename}-add-gh-comment`, () => addReviewComment(filename, comment) );

  90. Webhook Analyse changes Feedback Why not Step Functions?

  91. Webhook Analyse changes Feedback Why not Step Functions? Checkpoints is

    just easier 🤷

  92. Lesson: Latency is a challenge

  93. Models take 10s of seconds to analyse each fi le

  94. Wasted CPU cycles in Lambda

  95. Future work: try other models

  96. Future work: make use of these CPU cycles

  97. Lesson: Be ware of hallucinations

  98. “Give me JSON in this format”

  99. None

  100. “Give me JSON in this format” “Nope!”

  101. None

  102. Non-existent codes, invalid URLs

  103. Non-existent line numbers

  104. Future works

  105. Go to evolua.io to try it out. We’d love your

    feedback!

  106. Questions?