GitLab CI Integration

Add DriftWise to your .gitlab-ci.yml pipeline.

Pipeline Example

.gitlab-ci.yml
plan:
  stage: plan
  script:
    - terraform plan -out=tfplan
    - terraform show -json tfplan > plan.json
    - |
      curl -sX POST "https://app.driftwise.ai/api/v2/orgs/$DRIFTWISE_ORG_ID/analyze" \
        -H "x-api-key: $DRIFTWISE_API_KEY" \
        -H "Content-Type: application/json" \
        -d "{
          \"plan_json\": $(cat plan.json | jq -Rs .),
          \"ci\": {
            \"repo_owner\": \"$CI_PROJECT_NAMESPACE\",
            \"repo_name\": \"$CI_PROJECT_NAME\",
            \"pr_number\": $CI_MERGE_REQUEST_IID,
            \"commit_sha\": \"$CI_COMMIT_SHA\",
            \"branch\": \"$CI_COMMIT_BRANCH\"
          }
        }"

CI/CD Variables

Add these in your project settings (Settings > CI/CD > Variables):

Variable	Type	Masked	Value
`DRIFTWISE_API_KEY`	Variable	Yes	Your API key (`dw2_...`)
`DRIFTWISE_ORG_ID`	Variable	No	Your organization ID

Notes

jq must be available in your CI runner image (most Terraform images include it)
The ci metadata block is optional but helps DriftWise link the analysis to the merge request
The response is synchronous with up to a 120-second timeout

Native Webhook (recommended)

In addition to the synchronous CI flow above, DriftWise can post analysis results back as MR comments and respond to /driftwise commands.

1. Configure in DriftWise

Open Settings → Integrations → GitLab and click Connect GitLab. Supply your project path (e.g. team/infra). DriftWise generates a webhook secret — copy it immediately; it's shown only once.

2. Configure in GitLab

In your GitLab project, open Settings → Webhooks. Add a new webhook:

URL: https://app.driftwise.ai/webhooks/gitlab/<your-org-id>
Secret token: paste the secret from step 1
Events: enable Merge request events and Comments
Save

3. API token (optional)

To enable auto-comments on merge requests, paste a Project or Group Access Token with the api scope during step 3 of the DriftWise wizard. DriftWise validates the token against GitLab and stores its expiration — you'll see a warning in the UI 30 days before it expires.

Skip this step to disable auto-comments. Without a token, DriftWise still receives MR events for dedupe purposes but can't write back.

Self-hosted GitLab

Self-hosted instances are supported as long as they're reachable from the public internet. Air-gapped / VPN-only instances are not supported in Phase 1 — DriftWise SaaS runs in Google Cloud and must be able to resolve and route to your GitLab over public DNS and HTTPS.

Commands

Once configured, comment on any merge request:

/driftwise narrative — reposts the most recent analysis narrative

More commands will be added over time.

Pipeline Example​

CI/CD Variables​

Notes​

Native Webhook (recommended)​

1. Configure in DriftWise​

2. Configure in GitLab​

3. API token (optional)​

Self-hosted GitLab​

Commands​