Forge — Autonomous AI Development Agent

You open a GitLab issue. Forge delivers a production-ready merge request — code, tests, CI verification, and status report included.

Comment

Inspiration

Every GitLab issue follows the same manual loop: read requirements, explore the codebase, plan, branch, implement, write tests, open a merge request, review, verify CI. For routine tasks — adding an endpoint, writing a utility, fixing a bug — this loop burns hours of developer time on predictable work.

We asked: what if an AI agent could own this entire cycle autonomously, using GitLab's native tools?

What it does

Forge is an autonomous AI development agent built on the GitLab Duo Agent Platform. Mention it on any GitLab issue, and it executes a complete 11-step development cycle:

  1. Read Issue — parses requirements from the issue description
  2. Check TECH_SPEC — looks for an existing technical specification
  3. Plan — generates an implementation strategy
  4. Explore Codebase — reads repository structure and relevant files
  5. Implement & Commit — writes code and tests in a single commit via GitLab API
  6. Run Tests — executes the test suite
  7. Open Merge Request — creates an MR linked to the issue
  8. Code Review — requests Duo code review
  9. Verify CI Pipeline — checks for failing jobs
  10. SAST Security Scan — verifies security findings
  11. Status Report — posts a complete accountability table back on the issue

Forge also includes a PM Gateway (FastAPI backend) with a React frontend that provides:

  • Real-time flow tracking via Server-Sent Events — watch each step complete live
  • OAuth integration — connect your GitLab account, create issues, and trigger the agent from the dashboard
  • Multi-LLM Brain — routes to Claude, Gemini, or local Ollama for instruction generation
  • RAG engine — indexes your codebase so generated code matches existing patterns

How we built it

GitLab Duo Custom Flows v1 is the core. We defined a YAML flow (flows/flow.yml) with a carefully crafted system prompt and a full toolset declaration (get_issue, create_commit, run_tests, create_merge_request, post_duo_code_review, get_pipeline_failing_jobs, list_security_findings, create_issue_note). The agent is registered in the AI Catalog and triggered via @mention.

The PM Gateway is a FastAPI service that bridges GitLab with our frontend. It receives webhooks, enriches issue context via RAG, and generates task instructions using a multi-LLM provider chain. The frontend (React + TypeScript) provides the real-time visualization layer.

For real-time tracking, we built an SSE endpoint that polls GitLab's issue notes and merge request APIs, parses the agent's progress from its comments, and streams structured events to a FlowTracker component that animates each step.

Challenges

  • Flow compliance: The agent initially skipped steps 6-11 (tests, code review, CI, SAST). We solved this by reinforcing the flow prompt with a mandatory checklist and explicit "you are NOT done until step 11" instructions.
  • AI Catalog versioning: The agent was pinned to an old version via git tags. We had to understand the tag → release → catalog sync pipeline to update it.
  • OAuth token expiry: Expired tokens caused silent failures (0 results from public repos). We added automatic fallback to unauthenticated requests.
  • Tool availability: post_duo_code_review and list_security_findings require GitLab Ultimate. The agent now gracefully reports these as "unavailable" instead of failing silently.

What we learned

Building on GitLab Duo's Agent Platform taught us that the real challenge isn't generating code — it's orchestrating a reliable, accountable pipeline where the AI agent attempts every verification step and reports honestly when something fails. The difference between a toy demo and a production-ready agent is error handling and transparency.

Built With

Share this project:

Updates