-
-
Dashboard
-
Use of gitlab auth
GitGuardian AI: The Autonomous Governance Layer for GitLab
The Elevator Pitch
GitGuardian AI is a production-grade security and governance platform that transforms GitLab CI/CD from a passive pipeline into an active, AI-driven gatekeeper. By combining real-time traffic telemetry with multi-model AI reasoning, we ensure that every deployment is safe, secure, and sustainable.
The Problem
In modern DevOps, engineering teams often "fly blind" when toggling feature flags or pushing code to production.
- Passive Pipelines: Traditional CI only checks for build success, not the logical or security risk of a change.
- Traffic Blindness: Teams toggle flags in production without knowing the real-time Blast Radius (number of users affected).
- Governance Gaps: Senior managers often lack a "Kill Switch" or a hard-block mechanism for high-risk changes.
The Solution: GitGuardian AI
We provide Autonomous Guardrails for your production environment.
- AI Council: We use a combination of Claude 3.5 Sonnet (Anthropic) for deep security logic and Gemini 1.5 Flash (Google) for speed and sustainability auditing.
- Jaipur Node Telemetry: Our custom edge nodes stream live traffic data from Redis, giving the AI the context it needs:
"Is this change safe right now during peak traffic?" - RBAC Enforced Blocks: High-risk changes are autonomously blocked in the GitLab pipeline. Only an authenticated Manager can override the block through our premium dashboard.
Implementation: Pre-flight Interlock
The following React snippet demonstrates the Safety Interlock logic used in the Jaipur Node dashboard to force an AI audit before a Production toggle is permitted.
const handleToggleInitiation = async (flagId: number, envId: number, envName: string) => {
setIsModalOpen(true);
if (envName.toLowerCase().includes('production')) {
setIsAssessing(true);
try {
const res = await axios.post('/api/ai/pre-flight', { flag_id: flagId });
setRiskReport(res.data.data.report);
} catch (err) {
console.error("Audit Engine Offline", err);
} finally {
setIsAssessing(false);
}
}
};
Infrastructure: GitLab Agent Handshake
The GitLab Agent for Kubernetes uses a secure tunnel to communicate with the Flask backend. Below is the configuration logic for the agent-driven risk audit.
# .gitlab-ci.yml
agent-risk-audit:
stage: test
script:
- curl -X POST https://api.gitguardian.ai/api/ai/analyze-risk \
-H "X-SafeConfig-Agent-Token: $GITLAB_AGENT_TOKEN" \
-d '{"feature_key": "auth_v2", "environment": "Production"}'
rules:
- if: $CI_PIPELINE_SOURCE == "push"
The Tech Stack
Frontend & Logic
- Next.js 16 (App Router)
- TypeScript
- Tailwind CSS
- Framer Motion
- TanStack Query
Backend & AI
- Python 3.12 (Flask)
- Claude 3.5 Sonnet
- Gemini 1.5 Flash
- SQLAlchemy
- PostgreSQL (Neon)
Infrastructure (GCP & GitLab)
- GKE (Autopilot)
- GitLab Agent for Kubernetes
- Redis
- Artifact Registry
- Workload Identity Federation (WIF)
Sample Risk Report
{
"feature_key": "premium_tier_v2",
"risk_score": 9,
"status": "BLOCKED",
"reasoning": "High-traffic feature (850k hits/24h) combined with a database schema migration. High potential for lock contention.",
"advice": "Deploy during maintenance window (02:00 - 04:00 UTC)."
}
Sustainability Logic
We calculate the carbon impact of every feature toggle using the following logic:
$$ \text{Carbon Savings} = \sum (\text{Service Power Wattage} \times \text{Time Flag is OFF}) $$
How to Run & Verify
- Auth: Visit the Main Dashboard and sign in via GitLab OAuth.
- Audit: Create a new Feature Flag; the AI will generate a Pre-flight Audit instantly.
- Pipeline: Push code to your repo; watch the
agent-risk-auditjob talk to your LIVE GKE backend.
GitGuardian AI: Security at the Speed of Code 🚀
Built With
- axios
- claude-3.5-sonnet
- flask
- flask-cors
- flask-dance
- flask-login
- gemini-1.5-flash
- gitlab-agent-for-kubernetes
- loguru
- lucide-react
- next.js-16
- postgresql
- proxyfix
- pydantic
- recharts
- redis
- sqlalchemy
- tailwind-css
- tanstack-query
Log in or sign up for Devpost to join the conversation.