GitLab CI Standards Audit
Analyze a repository's .gitlab-ci.yml for compliance with GitLab CI standards.
Usage
- •
/gitlab-ci:standards-audit— Audit against all standards - •
/gitlab-ci:standards-audit job-ordering— Audit job ordering only - •
/gitlab-ci:standards-audit topic1 topic2— Audit multiple specific topics
Available Topics
- •
job-ordering— Pipeline job ordering withneedsvsdependencies
Argument Handling
Valid topics: job-ordering
- •If arguments are provided in
$ARGUMENTS, validate each one against the valid topics list above - •For any invalid topic, respond with:
Invalid topic:
[topic]. Valid topics:job-ordering. Run/gitlab-ci:standards-listto see all available topics. - •If all provided topics are valid, audit only those topics
- •If no arguments are provided, audit all topics
Related Commands
- •
/gitlab-ci:standards-list— List available standards topics - •
/gitlab-ci:standards-view— Display standards summary to the user - •
/gitlab-ci:standards-load— Load full standards into context
References
@${CLAUDE_PLUGIN_ROOT}/references/core-rules.md
Audit Process
- •Find the pipeline file: Search for
.gitlab-ci.ymlin the repository root - •Validate arguments: Check that requested topics are valid (see Argument Handling above)
- •Load relevant standards: Based on validated topics or all standards if none specified
- •Analyze the pipeline: Check each job against the standards
- •Report findings:
Report Format
code
## Standards Audit Report ### Summary - **Compliant**: X patterns - **Violations**: Y issues found - **Recommendations**: Z suggestions ### Violations #### [VIOLATION] Cross-stage `needs` detected - **File**: .gitlab-ci.yml - **Line**: 45 - **Job**: `push-docker-images-prod` - **Issue**: Job has `needs: [manual-approval-prod]` which is in a different stage (prod-gate) - **Impact**: Job will bypass stage gate and may run before all prod-gate jobs complete - **Fix**: Remove the `needs` entry and use `dependencies` if artifacts are required ### Compliant Patterns - `deploy-prod-job` correctly uses intra-stage `needs` for `push-docker-images-prod` - Entry-point jobs in `deploy-lower` have no cross-stage `needs` ### Recommendations - Consider adding `optional: true` to migration job dependencies
Job Ordering Audit Checks
When auditing job-ordering, check for:
- •Cross-stage
needs: Any job withneedspointing to a job in a different stage - •Entry-point jobs with
needs: First jobs in each stage should have noneeds - •Missing
optional: true: Jobs thatneedconditional jobs (like migrations) - •Incorrect artifact handling: Using
needswhendependencieswould suffice
For each violation, provide:
- •Exact line number
- •The problematic configuration
- •Why it violates the standard
- •Specific fix with corrected YAML