ZeroTouch DevSecOps Factory

ZeroTouch: 7 AI agents instantly route & fix DevSecOps issues - from JWT failures to SOC2 compliance

Comment

Inspiration

Tired of DevOps chaos—JWT timeouts, SQL injections, SOC2 audit failures, and endless triage meetings. Wanted AI agents that instantly detect, route, and fix production crises across the full DevSecOps stack.

What it does

ZeroTouch DevSecOps Factory auto-detects ANY production issue and routes to 7 specialist AI agents:

JWT/login → @ZeroTouch-Planner Bugs/vulns → @ZeroTouch-Security Crisis/outage → @ZeroTouch-Monitor Deploy/release → @ZeroTouch-Deploy Compliance/SOC2 → @ZeroTouch-Compliance One issue created → 7 agents activated → Zero human touch.

How we built it

1.Coordinator Agent (YAML): Intelligent router with exact keyword matching 2.7 Specialist Agents: Each handles one DevSecOps domain 3.GitLab Duo Platform: Native agent hosting + pipeline integration 4.Realistic test issues: Staging rollout scenarios trigger all agents

Challenges we ran into

YAML precision: Missing system_prompt = total pipeline failure Agent security: Overly-dramatic tests flagged as injection attacks Issue board limits: No auto-routing (solved with direct agent chat) Context validation: Agents rejected keyword-spam, needed realistic scenarios

Accomplishments that we're proud of

✅ Production-grade security: Agents detect and reject injection attempts ✅ Multi-agent orchestration: 1 issue → 7 agents activated simultaneously ✅ Live demo proven: Realistic staging crisis → Full agent response in 90s ✅ Enterprise ready: Handles JWT, SQL injection, SOC2, PCI-DSS realistically

What we learned

Context > Keywords: Realistic scenarios beat artificial triggers Security first: Production agents must validate intent, not just match patterns GitLab Duo power: Perfect platform for agentic DevSecOps workflows Iterative testing: Direct chat > waiting for auto-scan

What's next for ZeroTouch DevSecOps Factory

Auto-create MRs with agent-generated fixes Real-time metric dashboards per agent Cross-agent coordination (Security → Deploy → Compliance) Production deployment with GitLab CI/CD integration Enterprise support for 100+ region deployments

Built With

  • gitlab-ci/cd
  • gitlab-duo-agent-platform
  • gitlab-issues
  • issue-boards
  • mcp-tools-(gitlab-search/edit-file)
  • native-ui
Share this project:

Updates