Foundational flows
- Tier: Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
Foundational flows are built and maintained by GitLab and display a GitLab-maintained badge ( ).
Each flow is designed to solve a specific problem or help you with a development task.
The following foundational flows are available:
- Software Development: Create AI-generated solutions for work across the software development lifecycle.
- Developer: Create actionable merge requests from issues.
- Fix CI/CD Pipeline: Diagnose and repair failed jobs.
- Convert to GitLab CI/CD: Migrate Jenkins pipelines to CI/CD.
- Code Review: Automate code review with AI-native analysis and feedback.
- Agentic SAST Vulnerability Resolution: Automatically generate merge requests to resolve SAST vulnerabilities.
- SAST false positive detection: Automatically identify and filter false positives in SAST findings.
Configure flow execution CI/CD details
You can configure the environment where flows use CI/CD to execute.
For example, on GitLab Self-Managed, administrators can configure a custom container registry for foundational flow images.
For more information, see Configure flow execution.
Security for foundational flows
In the GitLab UI, foundational flows have access to the following GitLab APIs:
- Projects API
- Issues API
- Merge Requests API
- Repository Files API
- Branches API
- Commits API
- CI Pipelines API
- Labels API
- Epics API
- Notes API
- Search API
Service accounts
Foundational flows use a service account to complete tasks. For more information, see composite identity workflow.
When foundational flows create merge requests, the merge request is attributed to the service account. This means the user who triggered the flow can approve and merge AI-generated code. Organizations with SOC 2, SOX, ISO 27001, or FedRAMP requirements should review the compliance considerations and implement appropriate approval policies.
Turn foundational flows on or off
You can turn foundational flows on or off for a top-level group (namespace) or an instance. If you turn off foundational flows for a top-level group, users with that group as their default GitLab Duo namespace cannot access foundational flows in any namespace.
You can also turn flow execution on or off to control whether agents run in the GitLab UI. When this setting is turned on, agents execute in CI/CD pipelines and consume compute minutes.
Prerequisites:
- You must have the Owner role for the group.
- On the top bar, select Search or go to and find your group.
- Select Settings > GitLab Duo.
- Select Change configuration.
- Under Flow execution, select the Allow flow execution and Allow foundational flows checkboxes.
- Select the checkbox for each foundational flow you want to turn on.
- Select Save changes.
You must turn on individual foundational flows for the top-level group. It can take a few minutes for these settings to propagate across groups.
Prerequisites:
- You must be an administrator.
- In the upper-right corner, select Admin.
- On the left sidebar, select GitLab Duo.
- Select Change configuration.
- Under Flow execution, select the Allow flow execution and Allow foundational flows checkboxes.
- Select the checkbox for each foundational flow you want to turn on.
- Select Save changes.