今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#gitlab

找到 3 篇相关文章

AI 资讯

GuardDuo — The AI Guardian That Keeps Vibe-Coding in Check

AI coding tools are incredible. But I noticed something — they ship code fast, skip the rules, and nobody catches it until it's already in production. That's exactly what GuardDuo is built to fix. The Problem We're in the age of vibe-coding. You describe what you want, the AI builds it, it works — and you ship it. But "works" and "correct" are two very different things. Imagine asking an AI to build a login form. It works perfectly. But under the hood it has hardcoded API keys, no input validation, missing aria-labels , and it's using fetch directly instead of your project's apiClient wrapper. Your Issue said none of that was allowed. Nobody caught it. That's the vibe-coding trap — and it's happening on every team using AI-assisted development right now. What is GuardDuo GuardDuo is a GitLab Duo Agent skill that acts as your AI guardian. Instead of just reviewing code in isolation, it cross-references your code changes against the actual intent of the linked GitLab Issue — using the Orbit Knowledge Graph , which is essentially the brain that knows your project's rules, requirements, and success criteria. In plain terms: GuardDuo reads what the Issue asked for , reads what the code actually does , and tells you exactly where they don't match. It audits across three dimensions: 🔐 Security — hardcoded secrets, SQL injection, missing input validation ♿ Accessibility — missing alt text, aria-labels , poor color contrast 📐 Standards — deviations from your project's established patterns and conventions And when it finds a problem, it doesn't just flag it — it fixes it. How It Works Just open GitLab Duo Chat or GitLab Agent Platform(on your choice of IDE) -> choose the agent as GuardDuo and type: Audit issue #[issue no.] — GuardDuo pulls the Issue context from Orbit, analyzes the code, and returns a structured report Fix issue #[issue no.] — GuardDuo generates a corrected implementation that satisfies all requirements Or paste any code snippet directly and ask it to audit o

2026-06-25 原文 →
AI 资讯

Cutting HIPAA deploy time 70% with GitLab parent/child pipelines and an Ansible control plane

Parent/child first. Evidence emission second. Ansible control plane third. Every release was a manual evidence collection exercise. The pipeline was the bottleneck. This is a redacted write-up of a real engagement: rebuilding a healthcare SaaS company's CI/CD pipeline across a fleet of Linux hosts on AWS. The context The engineering team had grown faster than the pipeline architecture had evolved. What started as a single-stage GitLab job for a small team had been extended, patched, and worked around as the team scaled past the patterns the original pipeline was built for. The result was familiar. Each deploy took 30 to 45 minutes of mostly-serial execution. Engineers had developed informal habits to work around the slowness, including pushing partial changes outside the pipeline when the timeline got tight. Audit windows were preceded by three-week sprints in which the team manually compiled deployment logs, screenshots of access reviews, and approval chains into PDFs describing what the pipeline was supposed to be doing. The work was technically passing HIPAA audits, but the audit was a snapshot of a system the auditor could not independently verify. The cost was paid twice: the velocity loss on every deploy, and the three-week scramble before each assessment. The team knew the architecture was wrong. They needed engineering hands to redesign it without slowing the product roadmap the audits were already eating into. The approach The redesign moved in three layers. First, decompose the monolithic pipeline into parent/child stages so work can parallelize and the audit boundary of each stage is provable. Second, build structured evidence emission into every stage as a property of how it runs, not an after-the-fact compilation task. Third, layer an Ansible control plane across the host fleet so HIPAA control state is continuously validated, not reviewed quarterly. ┌────────────────────────── Parent Pipeline (.gitlab-ci.yml) ──────────────────────────┐ │ │ │ ┌────────

2026-06-04 原文 →