FRAME - THE REPO COPILOT

Frame is an always-on AI maintenance crew that handles the repetitive work so maintainers can focus on what matters.

Comment

Inspiration

Every maintainer knows the pain: issues pile up unlabeled, MRs sit unreviewed for days, and pipelines break at 2 AM with nobody around to fix them. AI tools have made writing code faster than ever, but the bottleneck has shifted - the real time sink is now maintaining the code. We call this the AI Paradox: more code gets written, but humans still manually review, triage, and debug everything. What if your repository could maintain itself?

Enter Frame - named after the structural framework that holds everything together. Just as a frame supports a building without being the building itself, Frame works as an CLI tool to support maintainers by handling the repetitive structural work so they can focus on what actually matters. Complete automated repository maintenance with just one command!

What it does

Frame revolutionizes repository maintenance by bringing fully autonomous AI-powered workflows directly into your GitLab project. Unlike traditional bots that wait for commands, Frame proactively maintains your repository on a schedule you control - or on demand through a clean CLI. At its heart, Frame uses four AI flows powered by Anthropic Claude to handle the entire maintenance lifecycle:

  • Intelligent MR Review analyzes code diffs, assesses security risks, and posts risk-scored verdicts (1-10) so maintainers can make fast merge decisions
  • Self-Healing Pipeline detects failures, reads the broken code, writes the fix, and opens a merge request - all without human intervention
  • Vulnerability Scanner catches security issues like SQL injection, hardcoded secrets, and missing input validation even when the pipeline passes
  • Issue Triage categorizes, prioritizes, and labels every open issue in seconds

Each capability can be triggered individually through the Frame CLI (frame review 8, frame triage, frame fix 12) or orchestrated together autonomously with a single command: frame activate. Most importantly, Frame respects boundaries. When an external contributor's pipeline fails, it posts helpful suggestions instead of auto-fixing code it doesn't own - because good tools know when not to act.

How I built it

The architecture of Frame is built on three layers working in harmony. The intelligence layer uses GitLab's Duo Agent Platform with four multi-component flows, each chaining specialized agents together - the Pipeline Failure Flow, for example, routes through a failure detector, an issue creator, and an auto-fixer in sequence, with each component passing context to the next.

The control layer is the Frame CLI, a Python tool that translates simple commands into GitLab API calls. When you type frame activate --schedule 6h, the CLI converts "6h" into a cron expression, calls a Google Cloud Function to update the Cloud Scheduler, and resumes the job - all in one seamless interaction.

The automation layer consists of two Google Cloud Functions: one that discovers unreviewed MRs and triggers the maintenance flow on each, and another that exposes the Cloud Scheduler API for real-time control from the CLI.

Together, they create a closed loop where the repository maintains itself on schedule, skips already-reviewed work, and reports everything back through GitLab's native interface.

Every feature was built iteratively - starting with standalone agents, evolving to multi-component flows, then layering on the CLI and cloud infrastructure piece by piece, testing each flow end-to-end before moving to the next.

Challenges and Breakthroughs

Building Frame meant solving problems that don't have Stack Overflow answers yet. The Duo Agent Platform is new, and making four flows work reliably required creative engineering:

  • The $GITLAB_PROJECT_PATH variable always returns the host project, not the target project - causing infinite loops when analyzing external pipelines. The breakthrough was teaching the flow to extract project context from its own analysis output instead of relying on environment variables.

  • The build_review_merge_request_context tool fails intermittently with internal errors. Rather than accepting broken reviews, I added get_merge_request and list_merge_request_diffs as intelligent fallbacks so the flow always completes.

  • Bulk issue triage would sometimes stop after labeling just one issue. Strengthening the prompt with explicit "process ALL issues" instructions and "do not stop after one" guardrails solved the consistency problem.

  • The auto-fixer kept looping on run_command calls. Removing the tool entirely from the component's toolset - not just the prompt - was the only way to break the cycle.

The most satisfying breakthrough was watching Frame read a file with a syntax error, write the corrected code, create an issue with full root cause analysis, and open a fix merge request - all triggered by a single CLI command.

Impact and Future

Frame saves maintainers an estimated five hours per week by automating MR reviews, issue triage, pipeline debugging, and vulnerability scanning. For open source projects with limited maintainer bandwidth, this means faster response times for contributors, fewer stale issues, and pipelines that fix themselves overnight.

But Frame is more than a time-saver - it's a proof of concept for what autonomous developer tooling can become. Looking ahead, the vision includes:

  • Predictive pipeline failure - warning about likely failures before CI even runs, based on which files were changed.

  • Learning from past failures - building a pattern database from previous fixes to improve auto-fix accuracy over time.

  • Automatic release notes - generating changelogs from merged MRs and closed issues when a milestone completes.

  • MR dependency detection - identifying conflicting merge requests and suggesting the correct merge order.

The goal is to make Frame the standard maintenance layer for every GitLab repository - so maintainers can focus on building, not babysitting.

Technical Innovation

Frame showcases the full potential of the GitLab Duo Agent Platform through a deeply integrated system that spans three platforms:

  • Multi-component flow orchestration - four flows with chained agents passing context through routers, not simple single-prompt bots. The Pipeline Failure Flow chains three components (detector, issue creator, auto-fixer) where each component's output becomes the next component's input.

  • GitLab-to-Cloud bridge - the Frame CLI acts as a unified interface that connects GitLab's Duo Agent Platform with Google Cloud's infrastructure. A single frame activate command calls a Google Cloud Function, which calls the Google Cloud Scheduler API to resume a cron job, which triggers another Cloud Function, which calls the GitLab API to post @bot mentions, which triggers the Duo Agent Platform flows. Five services, one command.

  • Real-time scheduler control via API - instead of requiring users to open Google Cloud Console, Frame exposes a dedicated Cloud Function (scheduler-control) that wraps the Cloud Scheduler API. The CLI sends HTTP requests with actions like {"action": "resume"} or {"action": "schedule", "cron": "0 */6 * * *"} to pause, resume, or update the schedule in real-time, all from the terminal.

  • Human-friendly schedule parser - converts inputs like 6h, 2d, 7d into valid cron expressions on the client side before sending them to the Cloud Function. Maintainers never write cron syntax. Autonomous loop with duplicate detection - the Cloud Function (repo-maintenance) fetches all open MRs, checks each MR's comments for existing bot reviews, and only triggers the flow on unreviewed MRs. This prevents duplicate reviews across multiple scheduler runs.

  • External contribution safety - real-time detection of fork vs. internal contributions by comparing source_project_id and target_project_id on every MR, with behavior that adapts accordingly. Internal failures get full auto-fix (issue + fix MR). External failures get helpful comments only.

  • Vulnerability scanning beyond CI - when the pipeline passes, Frame doesn't stop. It fetches the MR diff, reads every changed file, and scans for security issues like SQL injection, hardcoded secrets, missing input validation, and unsafe patterns that CI pipelines miss entirely.

  • Self-healing code generation - reads broken files, identifies the exact bug, writes the corrected code, commits it to a new branch, opens a merge request, creates a labeled issue, and links them together. End-to-end, no human in the loop.

By bringing together GitLab's Duo Agent Platform for AI orchestration, Google Cloud Functions for serverless automation, Google Cloud Scheduler for cron-based triggers, and the Cloud Scheduler API for programmatic control, Frame transforms GitLab from a platform you maintain into a platform that maintains itself.

Built With

  • anthropic-claude
  • claude
  • gitlab-api
  • gitlab-duo-agent-platform
  • google-cloud
  • google-cloud-functions
  • google-cloud-scheduler
  • google-cloud-scheduler-api
  • python
Share this project:

Updates