Skip to main content

cicd ai

GitLab Duo in CI/CD - AI-Powered Pipeline Automation

Overview

GitLab Duo brings AI intelligence to CI/CD pipelines, automating failure detection, root cause analysis, and pipeline optimization. With AI-powered features, teams achieve 30% faster releases and reduced manual troubleshooting time.

Key Features

1. Root Cause Analysis

Available: GitLab 17.10+ (March 2025)

AI-powered analysis of pipeline failures to identify root causes and suggest fixes.

How It Works

When a pipeline job fails:

  1. GitLab Duo analyzes job logs
  2. Examines pipeline configuration
  3. Correlates with historical failures
  4. Identifies the root cause
  5. Suggests specific fixes

Supported Models

Self-Hosted Compatibility:

  • Mistral
  • Anthropic Claude
  • OpenAI GPT

Cloud (GitLab.com):

  • Default: Claude Sonnet 4
  • Automatic model selection

Using Root Cause Analysis

In GitLab UI:

  1. Navigate to failed pipeline
  2. Click on failed job
  3. Look for "Root Cause Analysis" section
  4. Review AI-generated analysis
  5. Apply suggested fixes

Example Output:

Root Cause: Missing dependency 'pytest>=7.0'

Analysis:
The test job failed because pytest 6.2 is installed,
but your test suite uses pytest 7.0+ features like
'pytest.approx(rel=)'.

Suggested Fix:
Update requirements.txt:
- pytest==6.2.0
+ pytest>=7.0.0

Related Changes:
- commit abc123: Added test using pytest 7 features
- No corresponding dependency update

2. Pipeline Fix Suggestions

Default Enabled: GitLab 18.5+

Automatic diagnosis and fix generation for failing pipelines.

Capabilities

Automatic MR Creation:

  • Analyzes failure
  • Generates fix
  • Creates merge request with solution
  • Links to original issue

Fix Types:

  • Configuration errors
  • Dependency conflicts
  • Script failures
  • Permission issues
  • Resource constraints

Example Workflow:

# Failed pipeline due to wrong Node version

# Duo analyzes and creates MR with:
build:
  image: node:16  # Changed from node:14
  script:
    - npm ci
    - npm run build

3. Intelligent Test Selection

AI-powered test optimization to run only affected tests.

Benefits

  • Faster Pipelines: Run only relevant tests
  • Cost Savings: Reduce compute usage
  • Earlier Feedback: Fail fast on affected areas

How It Works

  1. Analyzes code changes
  2. Maps changes to test coverage
  3. Identifies affected test suites
  4. Runs only necessary tests
  5. Full suite on merge to main

Configuration

test:
  script:
    - gitlab-duo-test-selector
  variables:
    INTELLIGENT_TEST_SELECTION: "true"

4. Flaky Test Detection

AI-Powered Analysis

Identifies and flags unreliable tests that fail intermittently.

Detection Methods

  • Historical failure patterns
  • Time-based analysis
  • Environment correlation
  • Resource usage patterns

Dashboard View

Flaky Tests Report:
- test_user_authentication (78% pass rate)
   Likely cause: Race condition in setup
   Suggested fix: Add wait for database ready

- test_api_timeout (85% pass rate)
   Likely cause: Network timing
   Suggested fix: Increase timeout or mock

5. Pipeline Optimization Suggestions

AI analyzes pipeline performance and suggests improvements.

Optimization Areas

Parallelization:

# Before: Sequential stages (20 min)
stages:
  - build
  - test
  - deploy

# Duo Suggestion: Parallel jobs (8 min)
stages:
  - build
  - test
  - deploy

test:unit:
  stage: test
  needs: [build]
  parallel: 4

test:integration:
  stage: test
  needs: [build]
  parallel: 2

Caching:

# Duo suggests adding cache:
build:
  cache:
    key: ${CI_COMMIT_REF_SLUG}
    paths:
      - node_modules/
      - .npm/
    policy: pull-push

test:
  cache:
    key: ${CI_COMMIT_REF_SLUG}
    paths:
      - node_modules/
    policy: pull

Resource Allocation:

# Duo identifies over-provisioned jobs
test:
  # Before: large runner (not needed)
  tags: [large]

  # Duo suggests:
  tags: [small]  # Sufficient for unit tests

6. AI-Powered Pipeline Generation

Automatic pipeline creation for new projects.

Auto DevOps with AI

  1. Analyzes project structure
  2. Detects languages and frameworks
  3. Generates optimized pipeline
  4. Includes best practices
  5. Sets up testing and deployment

Example: Node.js Project

# Auto-generated by GitLab Duo

stages:
  - install
  - lint
  - test
  - build
  - deploy

variables:
  NODE_VERSION: "20"
  NPM_CACHE: ".npm"

install:
  image: node:${NODE_VERSION}
  stage: install
  script:
    - npm ci
  cache:
    key: ${CI_COMMIT_REF_SLUG}
    paths:
      - node_modules/
      - ${NPM_CACHE}
  artifacts:
    paths:
      - node_modules/
    expire_in: 1 hour

lint:
  stage: lint
  script:
    - npm run lint
  needs: [install]

test:
  stage: test
  script:
    - npm run test
  coverage: '/All files[^|]*\|[^|]*\s+([\d\.]+)/'
  artifacts:
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage/cobertura-coverage.xml
  needs: [install]

build:
  stage: build
  script:
    - npm run build
  artifacts:
    paths:
      - dist/
    expire_in: 1 week
  needs: [install, lint, test]
  only:
    - main
    - tags

CI/CD Configuration Assistance

Convert CI File Flow

GitLab Duo Agent Platform Feature

Automatically converts CI/CD configurations from other platforms to GitLab CI format.

Supported Sources

  • Jenkins (Jenkinsfile)
  • GitHub Actions (.github/workflows)
  • CircleCI (.circleci/config.yml)
  • Travis CI (.travis.yml)
  • Azure Pipelines (azure-pipelines.yml)

Using Convert CI File Flow

Via GitLab UI:

  1. Navigate to CI/CD Pipelines
  2. Click "Convert CI File"
  3. Select source platform
  4. Upload or paste configuration
  5. Review generated GitLab CI
  6. Apply to repository

Example Conversion:

GitHub Actions Input:

name: CI
on: [push]
jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-node@v2
        with:
          node-version: '18'
      - run: npm ci
      - run: npm test

GitLab CI Output:

# Converted by GitLab Duo

stages:
  - test

test:
  image: node:18
  stage: test
  before_script:
    - npm ci
  script:
    - npm test

Pipeline Authoring Assistance

In Web IDE:

  • Real-time syntax validation
  • Auto-completion for CI/CD keywords
  • Inline documentation
  • Best practice suggestions

Chat Integration:

You: How do I set up caching for Maven?

Duo:
cache:
  key: ${CI_COMMIT_REF_SLUG}
  paths:
    - .m2/repository

variables:
  MAVEN_OPTS: "-Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository"

Deployment Automation

1. Environment-Specific Intelligence

AI suggests environment-specific configurations:

# Duo recognizes patterns and suggests:

deploy:staging:
  stage: deploy
  script:
    - deploy.sh staging
  environment:
    name: staging
    url: https://staging.example.com
  only:
    - main

deploy:production:
  stage: deploy
  script:
    - deploy.sh production
  environment:
    name: production
    url: https://example.com
  when: manual
  only:
    - main

2. Rollback Recommendations

When deployments fail, Duo suggests rollback strategies:

Deployment Failed: production (v2.1.0)
Error: Health check timeout

Recommended Actions:
1. Immediate rollback to v2.0.5 (last stable)
2. Check health endpoint logs
3. Verify database migrations completed
4. Review resource limits

Rollback Command:
$ gitlab-ci-rollback production v2.0.5

3. Canary and Blue-Green Deployments

AI-generated deployment strategies:

# Duo suggests canary deployment:

.deploy_template:
  script:
    - deploy.sh $ENVIRONMENT $WEIGHT

deploy:canary:
  extends: .deploy_template
  variables:
    WEIGHT: "10%"  # 10% traffic to new version
  environment:
    name: production/canary

deploy:production:
  extends: .deploy_template
  variables:
    WEIGHT: "100%"
  environment:
    name: production
  when: manual
  needs: [deploy:canary]

Security Scanning Integration

AI-Enhanced Security Scans

Duo integrates with security scanning to provide context.

SAST False Positive Detection

GitLab 18.7+

Automatically identifies false positives in SAST scans.

Process:

  1. Security scan runs
  2. Duo analyzes Critical/High findings
  3. Assesses likelihood of false positive
  4. Provides explanation
  5. Suggests actions

Example Output:

SAST Finding: SQL Injection (Critical)
File: users.py, Line 45

AI Assessment: Likely False Positive (85% confidence)

Explanation:
The SQL query uses parameterized statements via SQLAlchemy ORM,
which automatically escapes user input. The flagged line is within
a safe query builder context.

Code Context:
users = session.query(User).filter(User.email == user_email).all()

Recommendation: Mark as false positive

Vulnerability Remediation

Dependency Vulnerability: lodash@4.17.15 (High)
CVE-2020-8203

AI Suggested Fix:
Update package.json:
- "lodash": "4.17.15"
+ "lodash": "4.17.21"

Breaking Changes: None
Test Impact: Low
Migration Guide: No changes required

Performance Monitoring

Pipeline Performance Analytics

Duo Analytics Dashboard:

  • Average pipeline duration
  • Success/failure rates
  • Most common failure points
  • Cost per pipeline
  • Optimization opportunities

AI-Powered Insights

Pipeline Performance Report (Last 30 days)

Key Findings:
1. Test stage is slowest (avg 12min)
    Suggestion: Enable parallel testing
    Estimated savings: 7min per pipeline

2. Docker image pulls are frequent
    Suggestion: Use GitLab Container Registry
    Estimated savings: 2min per pipeline

3. npm install runs on every job
    Suggestion: Improve caching strategy
    Estimated savings: 3min per pipeline

Total Potential Savings: 12min per pipeline (40% reduction)

Agent-Based CI/CD Workflows

Software Development Flow

Beta Feature (GitLab Duo Agent Platform)

End-to-end automation from issue to deployment.

Workflow

  1. Planning: Planner Agent analyzes issue
  2. Implementation: Developer Agent generates code
  3. Testing: Test Generator Agent creates tests
  4. Review: Reviewer Agent performs code review
  5. Security: Security Agent scans for vulnerabilities
  6. Deployment: Deployment Agent handles rollout

Example Configuration

# .gitlab/duo_flows/software_development.yml

flow:
  name: software_development
  agents:
    - planner
    - developer
    - test_generator
    - security_analyst
    - reviewer

  steps:
    - agent: planner
      action: analyze_issue
      output: implementation_plan

    - agent: developer
      action: generate_code
      inputs:
        - implementation_plan
      output: code_changes

    - agent: test_generator
      action: generate_tests
      inputs:
        - code_changes
      output: test_suite

    - agent: security_analyst
      action: scan_changes
      inputs:
        - code_changes
      output: security_report

    - agent: reviewer
      action: review_code
      inputs:
        - code_changes
        - test_suite
        - security_report
      output: review_feedback

  trigger:
    type: issue_label
    value: "ai-workflow"

Issue-to-MR Flow

Automatically converts issues to merge requests with implementation.

Workflow:

  1. Issue created with "auto-implement" label
  2. Planner Agent analyzes requirements
  3. Developer Agent generates implementation
  4. Test Agent creates test coverage
  5. MR created automatically
  6. CI pipeline runs
  7. Notification sent for review

Best Practices

1. Incremental Adoption

Start with non-critical pipelines:

# Enable Duo for development branches first
.duo_features:
  variables:
    GITLAB_DUO_ENABLED: "true"
  only:
    - branches
  except:
    - main

2. Monitor AI Suggestions

Track suggestion acceptance:

test:
  script:
    - run_tests.sh
  after_script:
    - track_duo_suggestions.sh

3. Combine AI with Manual Review

.review_required:
  rules:
    - if: $CI_COMMIT_BRANCH == "main"
      when: manual  # Manual approval for main
    - when: on_success  # Auto-deploy branches

4. Use AI for Documentation

docs:pipeline:
  script:
    - gitlab-duo generate-docs .gitlab-ci.yml > PIPELINE.md
  artifacts:
    paths:
      - PIPELINE.md

5. Fail Fast with AI

.fail_fast:
  rules:
    - if: $GITLAB_DUO_PREDICTION == "likely_to_fail"
      when: never

Cost Optimization

AI-Driven Resource Allocation

Right-Sizing Runners: Duo analyzes job requirements and suggests appropriate runner sizes.

Usage Patterns:

Analysis: 'test:unit' job using 'large' runner
- Actual CPU usage: 15%
- Actual Memory usage: 1.2GB / 8GB available
- Duration: 4min

Recommendation: Use 'small' runner
- Estimated savings: $2.40 per pipeline
- Total monthly savings: $288 (120 pipelines/month)

Parallel Job Optimization

# Before: 4 parallel jobs (overkill)
test:
  parallel: 4

# Duo analysis:
# - Only 150 tests
# - Avg test duration: 0.5s
# - Parallel overhead not justified

# Duo suggestion: parallel: 2
test:
  parallel: 2  # Optimal for workload

Troubleshooting

Root Cause Analysis Not Available

Check:

  1. Feature enabled for your tier
  2. Pipeline has sufficient logs
  3. Model providers configured
  4. Self-hosted: Models deployed

Pipeline Suggestions Inaccurate

Improve:

  1. Add more context to pipeline
  2. Use descriptive job names
  3. Include comments explaining complex logic
  4. Provide feedback on suggestions

Performance Issues

Optimize:

  1. Use prompt caching
  2. Limit AI analysis to critical jobs
  3. Configure appropriate models
  4. Review network latency

Future Enhancements

Coming Soon

  • Predictive Pipeline Failures: Identify likely failures before running
  • Auto-Scaling Recommendations: Dynamic resource allocation
  • Cross-Project Learning: Share optimizations across projects
  • Natural Language Pipeline Creation: "Create a pipeline that..."

Resources

Next Steps