Improve Your Shift-Left Observability With the Datadog Service Catalog | Datadog

Improve your shift-left observability with the Datadog Service Catalog

Author Thomas Sobolik

Last updated: January 8, 2024

Your applications are only as powerful as they are iterable. To keep up with their rapidly changing production environments, your teams need reliable CI/CD systems that implement best practices—including build and test automation, flaky test management, and deployment management. By optimizing their CI/CD pipelines, your teams can build their apps more efficiently, deploy them more safely, and catch bugs and security vulnerabilities before they make it to production. And likewise, by monitoring quality and security issues in your code, your teams can avoid shipping regressions like security exposures or runtime errors.

To help you evaluate your applications’ CI/CD health and code quality alongside the rest of your observability data, Datadog Service Catalog now integrates with CI Visibility and Static Analysis. CI Visibility helps you monitor your CI/CD pipelines to ensure that your builds, tests, and deployments are running as smoothly as possible, while Static Analysis surfaces warnings to help you characterize the quality and security of your code and quickly find fixes.

In this post, we’ll show how you can use these features with the Service Catalog to correlate dispersed information about your services’ performance, availability, and security posture with telemetry from your code and CI pipelines—forming a clearer picture of your services’ health.

Investigate your services’ code

Datadog Service Catalog provides a consolidated view of your applications, collating ownership metadata, performance insights, security analysis, cost allocation, and much more. By eliminating the silos between all these sources, Datadog Service Catalog makes it easier to correlate issues and characterize your services’ overall health.

Service Catalog’s Delivery tab adds shift-left observability to this broader picture. You can filter services by facets such as environment, team, or cloud region in the Delivery tab to get quick insights into your services’ production code quality and pipeline efficiency. This way, if you’ve discovered issues with the health, performance, or security posture of your services in production, you can quickly dive into related code analysis results and CI telemetry to spot where regressions or errors may have been introduced.

By using the Delivery tab, you can filter to your source code and find services with unaddressed code issues, then pivot to Static Analysis to investigate further. For example, the following screenshot shows that a service in the dev environment called ad-server has nine moderately severe violations on its repository’s default branch. You can hover over its violations to see details about their type and severity.

Use the Delivery tab to quickly view code violations detected by Datadog Static Analysis.

You can click the “View All” link and pivot directly to the violations for this service in Static Analysis. Then, you can investigate each one by viewing the offending code snippet and a description of the issue, identifying the relevant Git commit in order to contact the code owner, and even reviewing a fix suggestion that could solve the problem. Static Analysis includes both a library of default suggested fixes created by Datadog, as well as AI-generated ones that can help tackle more complex issues.

You can use Static Analysis to identify issues that are already in your production code, or issues that are on feature branches that will put your production code at risk if they are not fixed before deploying to production. For example, the following screenshot shows a snippet of code that introduced a SQL injection vulnerability. By patching this issue before deploying your code to production, you can ensure that malicious actors won’t be able to access sensitive data or perform unauthorized actions with arbitrary SQL queries.

Use Static Analysis to quickly identify and remediate code-level security vulnerabilities and other issues.

Static Analysis provides you with a list view to search for issues on any commit in any branch so you can find issues in both pre-production and production. To help your engineers catch and fix issues as early as possible, Datadog also provides integrations for VS Code and JetBrains that allow engineers to identify issues in real time as they write code.

Track the health of your services’ CI pipelines

By surfacing key metrics for your services’ associated CI pipelines, the Service Catalog helps you spot when services’ builds are experiencing friction caused by issues like flaky tests or long-running jobs. The Delivery tab side panel provides the average build duration, success rate, and most recent execution status for each pipeline associated with a service. For example, the following screenshot shows that two of the pipelines associated with the ad-server service recently failed, and that the average build duration is relatively high across all pipelines.

Auto-populate a cloud infrastructure diagram with Cloudcraft's automatic scanning of your AWS and Azure resources.

In the same way as you can for Static Analysis, you can quickly pivot from the Service Catalog to CI Visibility to further investigate issues with your builds. By opening an errored pipeline in CI Visibility, you can examine traces for all of its executions and spot errors that may be causing them to fail.

For example, the following screenshot shows that the ad-server service’s test-and-deploy pipeline has a failed test that stopped the pipeline. The trace span’s included metadata and logs can point you to the engineer who triggered the build and provide more details about the root cause.

Trace your failed build pipelines to quickly identify errors.

Now that you’ve identified that a test failure caused your build to fail, you can dive into the Test Runs page to learn more about this pipeline’s tests and spot flaky ones. This way, you can optimize the testing for this pipeline and prevent future failures.

Shift your service-level observability to the left

The Service Catalog provides a central hub that connects real-time application telemetry and operational context for all your services. By using the Catalog to monitor code quality and CI performance, you can more effectively evaluate your teams’ shift-left practices, and spot critical issues that may be leading to problems in your runtime environment.

CI Visibility is now generally available in the Service Catalog, while Static Analysis is currently available in the Catalog in Preview. To instrument your CI/CD pipelines for CI Visibility, see the dedicated setup page in the Datadog app. And to learn more about these features, see our documentation. Or, if you’re brand new to Datadog, sign up for a .