Code Review

What is It?

When Bridgecrew is connected to Version Control Systems and CI/CD platforms, every scan generates a fully contextualized Code Review scan result.

In GitHub, for example, opening the Details of these checks takes you to the Bridgecrew Code Review screen in a new tab.
See below for information on:

  • Understanding the Code Review Page
  • Taking Action from the Code Review Page

Understanding the Code Review Page

Pull Request and Check Metadata

The top of the Code Review screen displays:

  • Run number and Check Status
  • Check details - for example, Scanned changes in 13 resources, for compliance with 6 relevant infrastructure configuration policies. 13 errors were found.
  • Number of errors, out of total, that have been handled - i.e., Remediated, Suppressed, etc.
  • PR Source and Destination branches
  • PR ID
  • Commit ID, ID of Commit user who opened the PR
  • Time of run

List of Files and Error Details

The Code Review page has entries for each scanned file.

File Details and Options

Policy and Severity

The colored row at the bottom shows a description of the Policy and its Severity.

Further Details

Press the colored bar to see:

  • Description and Rationale
  • Benchmarks Affected

Code Details and Proposed Fix

The body of the file information shows the details of the code and the proposed fix.

Fixing Errors

An option to automatically Fix or Remediate appears for most errors.
See also Manual Fix below.

  1. Press FIX. COMPLETED will appear at the top right.
  2. Press SUBMIT . This triggers a new build.

Manual Fix

In some cases, no automated Fix is available, but you will see an option for Fix Manually.

Read Guidelines and Manual Procedure

To read the explanation and procedure for Manual Remediation of this error, press More and then Full Guidelines. A new tab opens.

Guidelines for Manual Remediation of this Error

Open GitHub/Bitbucket to Implement Manual Fix

To open GitHub/Bitbucket in order to implement the Manual Fix, press FIX MANUALLY.

Updated 17 days ago

Code Review

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.