Availity eyes GitLab Duo with Amazon Q for code refactoring
The healthcare network's release engineering team is testing the new AI agent pairing to help with code consolidation, modernization and risk mitigation.
A team at a health information network plans to deploy a newly available AI agent integration between its DevSecOps platform and cloud provider as it modernizes legacy applications.
Availity, based in Jacksonville, Fla., facilitates financial transactions between entities such as healthcare providers and insurance companies. The company, founded in 2001, is undergoing a series of changes, including a cloud migration to AWS, tool consolidation and updating legacy code to support a cleaner microservices architecture.
Managing all those changes at once in a heavily regulated environment adds up to a significant challenge for the six-person team tasked with testing code before it's released, said Elizabeth Dobelstein, manager of build and release engineering at Availity.
Elizabeth Dobelstein
"It's unbelievably daunting because there's so much interconnectivity [between] true microservices, some hybrid microservices, that are still resting on a monolith," Dobelstein said. "The monolith needs to be broken down without cutting off [services] accidentally, because now you're not delivering information that nobody realized from 20-year-old code that a process needs to happen."
Updating Java applications is among the most daunting of those tasks. But it is a specialty of the new Amazon Q integration with GitLab Duo, which became generally available this week under GitLab's $99 per user, per month Ultimate subscription.
"Anytime the JDK [Java Development Kit] has to update, everyone freaks out," Dobelstein said. "[Then we find out], 'This microservice can't do it.' What if we could know that earlier and then really home in on identifying all the weak spots, and save the human-hours from having to do that analysis?"
Availity 'trusts but verifies' with GitLab Duo
The many changes at Availity are taking place within a strictly regulated environment under FedRAMP and NIST SP 800-171 security controls that make it impossible to use most commercial AI services. Availity developers have already been using Amazon Q as a coding assistant and working with AWS to be sure that data doesn't leave their environment. GitLab Duo with Amazon Q will also run under Availity's control, although Dobelstein said it remains in a separate test environment.
"We haven't pulled that trigger yet, until we know more and feel more confident," she said. "But GitLab and Amazon have done a lot to understand our concerns and worries, given that it's new technology."
So far, early access tests for GitLab Duo with Amazon Q in Availity's staging environment with real data are appealing to Dobelstein because the new integration, codeveloped by the vendors, combines Amazon Q's knowledge of the application and cloud infrastructure environment with GitLab Duo's data about the DevSecOps environment. This opens the door to similar potential productivity gains for DevOps that developers have seen with coding assistants, she said.
"Just the volume of information that we have is too big for manual testers, and even with automated testing, you have to be able to think around problems," she said.
AI helps us be more confident in releasing fast and right, and understanding the implications of changes.
Elizabeth DobelsteinManager of build and release engineering, Availity
Availity's build and release engineering team oversees a complex multistage CI/CD environment with an assortment of testing tools, and developers' documentation doesn't always contain all the information they need.
"That's what I'm excited about," Dobelstein said. "AI helps us be more confident in releasing fast and right, and understanding the implications of changes."
For example, GitLab Duo Chat can automatically generate a threat model for a proposed code change, or evaluate code for security vulnerabilities and other risks. This could help the release team keep up with an environment in flux.
"It can connect Dev and Ops in a way we haven't seen," she said. "You can have people who look at your architectural diagrams and say, 'Yeah, looks like that's going to work,' but that's a bottleneck, finding that level of expertise, especially when trying to migrate terabytes of information."
Dobelstein envisions GitLab Duo with Amazon Q helping developers troubleshoot DevSecOps pipeline issues without requiring hands-on guidance from the release team, freeing release engineers to work on more strategic projects, such as chaos engineering.
She said AI agents could also facilitate better collaboration between developers and the business by creating a common understanding of requirements and app design in natural language.
"In my experience, developers [say], 'Here's the code. This is what it does. You want to know what it does? Read the code,'" she said. "But then we have product owners and project managers who talk to our clients -- they're not going to read the code. They need our synopsis. Often, there's a miscommunication there, and I think AI employed correctly helps bridge that gap."
Beth Pariseau, a senior news writer for Informa TechTarget, is an award-winning veteran of IT journalism covering DevOps. Have a tip? Email her or reach out @PariseauTT.
Elizabeth Dobelstein
