[{"data":1,"prerenderedAt":822},["ShallowReactive",2],{"/en-us/blog/from-code-to-production-a-guide-to-continuous-deployment-with-gitlab":3,"navigation-en-us":42,"banner-en-us":451,"footer-en-us":461,"blog-post-authors-en-us-Benjamin Skierlak|James Wormwell":702,"blog-related-posts-en-us-from-code-to-production-a-guide-to-continuous-deployment-with-gitlab":728,"blog-promotions-en-us":759,"next-steps-en-us":812},{"id":4,"title":5,"authorSlugs":6,"body":9,"categorySlug":10,"config":11,"content":15,"description":9,"extension":29,"isFeatured":13,"meta":30,"navigation":31,"path":32,"publishedDate":22,"seo":33,"stem":37,"tagSlugs":38,"__hash__":41},"blogPosts/en-us/blog/from-code-to-production-a-guide-to-continuous-deployment-with-gitlab.yml","From Code To Production A Guide To Continuous Deployment With Gitlab",[7,8],"benjamin-skierlak","james-wormwell",null,"product",{"slug":12,"featured":13,"template":14},"from-code-to-production-a-guide-to-continuous-deployment-with-gitlab",false,"BlogPost",{"title":16,"description":17,"authors":18,"heroImage":21,"date":22,"body":23,"category":10,"tags":24},"From code to production: A guide to continuous deployment with GitLab","Learn how to get started building a robust continuous deployment pipeline in GitLab. Follow these step-by-step instructions, practical examples, and best practices.",[19,20],"Benjamin Skierlak","James Wormwell","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659478/Blog/Hero%20Images/REFERENCE_-_Use_this_page_as_a_reference_for_thumbnail_sizes.png","2025-01-28","Continuous deployment is a game-changing practice that enables teams to deliver value faster, with higher confidence. However, diving into advanced deployment workflows — such as GitOps, container orchestration with Kubernetes, or dynamic environments — can be intimidating for teams just starting out.\n\nAt GitLab, we're committed to making delivery seamless and scalable. By enabling teams to focus on the fundamentals, we empower them to build a strong foundation that supports growth into more complex strategies over time. This guide provides essential steps to begin implementing continuous deployment with GitLab, laying the foundation for your long-term success.\n\n## Start with a workflow plan\n\nBefore diving into the technical implementation, take time to map out your deployment workflow. Success lies in careful planning and a methodical approach.\n\n### Artifact management strategy\n\nIn the context of continuous deployment, artifacts are the packaged outputs of your build process that need to be stored, versioned, and deployed. These could be:\n\n- container images for your applications\n- packages\n- compiled binaries or executables\n- libraries\n- configuration files\n- documentation packages\n- other artifacts\n\nEach type of artifact plays a specific role in your deployment process. For example, a typical web application might generate:\n\n- a container image for the backend service\n- a ZIP archive of compiled frontend assets\n- SQL files for database changes\n- environment-specific configuration files\n\nManaging these artifacts effectively is crucial for successful deployments. Here's how to approach artifact management.\n\n#### Artifacts and releases versioning strategies\n\nA best practice to get you started with a clean structure is to establish a clear versioning strategy for your artifacts. When creating releases:\n\n- Use semantic versioning (major.minor.patch) for release tags\n  - Example: `myapp:1.2.3` for a stable release\n  - Major version changes (2.0.0) for breaking changes\n  - Minor version changes (1.3.0) for new features\n  - Patch version changes (1.2.4) for bug fixes\n- Maintain a 'latest' tag for the most recent stable version\n  - Example: `myapp:latest` for automated deployments\n- Include commit SHA for precise version tracking\n  - Example: `myapp:1.2.3-abc123f` for debugging\n- Consider branch-based tags for development environments\n  - Example: `myapp:feature-user-auth` for feature testing\n\n#### Build artifacts retention\n\nImplement defined retention rules:\n\n- Set explicit expiration timeframes for temporary artifacts\n- Define which artifacts need permanent retention\n- Configure cleanup policies to manage storage\n\n#### Registry access and authentication\n\nSecure your artifacts with proper access controls:\n\n- Implement Personal Access Tokens for developer access\n- Configure CI/CD variables for pipeline authentication\n- Set up proper access scopes\n\n### Environment strategy\n\nConsider your environments early, as they shape your entire deployment pipeline:\n\n- Development, staging, and production environment configurations\n- Environment-specific variables and secrets\n- Access controls and protection rules\n- Deployment tracking and monitoring approach\n\n### Deployment targets\n\nBe intentional as to where and how you'll deploy, these decisions matter and the benefits and drawbacks of each should be consider:\n\n- Infrastructure requirements (VMs, containers, cloud services)\n- Network access and security configurations\n- Authentication mechanisms (SSH keys, access tokens)\n- Resource allocation and scaling considerations\n\nWith our strategy defined and foundational decisions made, we can now translate these plans into a working pipeline. We'll build a practical example that demonstrates these concepts, starting with a simple application and progressively adding deployment capabilities.\n\n## Implementing your CD pipeline\n\n### A step-by-step example\n\nLet's walk through implementing a basic continuous deployment pipeline for a web application. We'll use a simple HTML application as an example, but these principles apply to any type of application. We’re also going to deploy our application as a Docker image on a simple virtual machine. This will allow us to lean on a curated image with minimum dependencies, and to ensure no environment specific requirements are unintentionally brought in. By working on a virtual machine, we won’t be leveraging GitLab’s native integrations, allowing us to work on an easier but less scalable setup to begin with.\n\n#### Prerequisites\n\nIn this example, we’ll aim to containerize an application that we’ll run on a virtual machine hosted on a cloud provider. We’ll also test this application locally on our machine. This list of prerequisites is only needed for this scenario.\n\n##### Virtual machine setup\n\n- Provision a VM in your preferred cloud provider (e.g., GCP, AWS, Azure)\n- Configure network rules to allow access on ports 22, 80, and 443\n- Record the machine's public IP address for deployment\n\n##### Set up SSH authentication:\n\n- Generate a public/private key pair for the machine\n- In GitLab, go to **Settings > CI/CD > Variables**\n- Create a variable called `GITLAB_KEY`\n- Set Type to \"File\" (required for SSH authentication)\n- Paste the private key in the Value field\n- Define a USER variable, this is the user logging in and running the scripts on your VM\n\n##### Configure deployment variables\n\n- Create variables for your deployment targets:\n  - `STAGING_TARGET`: Your staging server IP/domain\n  - `PRODUCTION_TARGET`: Your production server IP/domain\n\n##### Local development setup\n\n- Install Docker on your local machine for testing deployments\n\n##### GitLab Container Registry access\n\n- Locate your registry path:\n  - Navigate to **Deploy > Container Registry**\n  - Copy the registry path (e.g., registry.gitlab.com/group/project)\n- Set up authentication:\n  - Go to **Settings > Access Tokens**\n  - Create a new token with registry access\n  - Token expiration: Maximum 1 year\n  - Save the token securely\n- Configure local registry access:\n\n```shell\ndocker login registry.gitlab.com\n# The username if you are using a PAT is gitlab-ci-token\n# Password: your-access-token\n```\n\n#### 1. Create your application\n\nStart with a basic web application. For our example, we're using a simple HTML page:\n\n```xml\n\u003C!-- index.html -->\n\u003Chtml>\n  \u003Chead>\n    \u003Cstyle>\n      body {\n        background-color: #171321; /* GitLab dark */\n      }\n    \u003C/style>\n  \u003C/head>\n  \u003Cbody>\n    \u003C!-- Your content here -->\n  \u003C/body>\n\u003C/html>\n```\n\n#### 2. Containerize your application\n\nCreate a Dockerfile to package your application:\n\n```text\nFROM nginx:1.26.2\nCOPY index.html /usr/share/nginx/html/index.html\n```\n\nThis Dockerfile:\n\n- Uses nginx as a base image for serving web content\n- Copies your HTML file to the correct location in the nginx directory structure\n\n#### 3. Set up your CI/CD pipeline\n\nCreate a `.gitlab-ci.yml` file to define your pipeline stages:\n\n```yaml\nvariables:\n  TAG_LATEST: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME:latest\n  TAG_COMMIT: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME:$CI_COMMIT_SHA\n\nstages:\n  - publish\n  - deploy\n\n```\n\nLet's break it down:\n\n`TAG_LATEST` is made up of three parts:\n\n- `$CI_REGISTRY_IMAGE` is the path to your project's container registry in GitLab\n\nFor example: `registry.gitlab.com/your-group/your-project`\n\n- `$CI_COMMIT_REF_NAME` is the name of your branch or tag\n\nFor example, if you're on main branch: `/main`, and if you're on a feature branch: `/feature-login`\n\n- `:latest` is a fixed suffix\n\nSo if you're on the main branch, `TAG_LATEST` becomes: `registry.gitlab.com/your-group/your-project/main:latest`.\n\n`TAG_COMMIT` is almost identical, but instead of `:latest`, it uses: `$CI_COMMIT_SHA` which is the commit identifier, for example: `:abc123def456`.\n\nSo for that same commit on main branch, `TAG_COMMIT` becomes:` registry.gitlab.com/your-group/your-project/main:abc123def456`.\n\nThe reason for having both is `TAG_LATEST` gives you an easy way to always get the newest version, and `TAG_COMMIT` gives you a specific version you can return to if needed.\n\n#### 4. Publish to the container registry\n\nAdd the publish job to your pipeline:\n\n```yaml\npublish:\n  stage: publish\n  image: docker:latest\n  services:\n    - docker:dind\n  script:\n    - docker build -t $TAG_LATEST -t $TAG_COMMIT .\n    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY\n    - docker push $TAG_LATEST\n    - docker push $TAG_COMMIT\n\n```\n\nThis job:\n\n- Uses Docker-in-Docker to build images\n- Creates two tagged versions of your image\n- Authenticates with the GitLab registry\n- Pushes both versions to the registry \n\nNow that our images are safely stored in the registry, we can focus on deploying them to our target environments. Let's start with local testing to validate our setup before moving to production deployments.\n\n#### 5. Deploy to your environment\n\nBefore deploying to production, you can test locally. We just published our image to the GitLab repository, which we’ll pull locally. If you’re unsure of the exact path, navigate to **Deploy > Container Registry**, and you should see an icon to copy the path of your image at the end of the line for the container image you want to test.\n\n```shell\ndocker login registry.gitlab.com \ndocker run -p 80:80 registry.gitlab.com/your-project-path/main:latest\n```\n\nBy doing so you should be able to access your application locally on your localhost address through your web browser.\n\nYou can now add a deployment job to your pipeline:\n\n```yaml\ndeploy:\n  stage: deploy\n  image: alpine:latest\n  script:\n    - chmod 400 $GITLAB_KEY\n    - apk add openssh-client\n    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY\n    - ssh -i $GITLAB_KEY -o StrictHostKeyChecking=no $USER@$TARGET_SERVER \n      docker pull $TAG_COMMIT &&\n      docker rm -f myapp || true &&\n      docker run -d -p 80:80 --name myapp $TAG_COMMIT\n\n```\n\nThis job:\n\n- Sets up SSH access to your deployment target\n- Pulls the latest image\n- Removes any existing container\n- Deploys the new version\n\n#### 6. Track deployments\n\nEnable deployment tracking by adding environment configuration:\n\n```yaml\ndeploy:\n  environment:\n    name: production\n    url: https://your-application-url.com \n\n```\n\nThis creates an environment object in GitLab's **Operate > Environments** section, providing:\n\n- Deployment history\n- Current deployment status\n- Quick access to your application\n\nWhile a single environment pipeline is a good starting point, most teams need to manage multiple environments for proper testing and staging. Let's expand our pipeline to handle this more realistic scenario.\n\n#### 7. Set up multiple environments\n\nFor a more robust pipeline, configure staging and production deployments:\n\n```yaml\nstages:\n  - publish\n  - staging\n  - release\n  - version\n  - production\n\nstaging:\n  stage: staging\n  rules:\n    - if: $CI_COMMIT_BRANCH == \"main\" && $CI_COMMIT_TAG == null\n  environment:\n    name: staging\n    url: https://staging.your-app.com\n  # deployment script here\n\nproduction:\n  stage: production\n  rules:\n    - if: $CI_COMMIT_TAG\n  environment:\n    name: production\n    url: https://your-app.com\n  # deployment script here\n\n```\n\nThis setup:\n\n- Deploys to staging from your main branch\n- Uses GitLab tags to trigger production deployments\n- Provides separate tracking for each environment\n\nHere and in our next step, we’re leveraging a very useful GitLab feature: tags. By manually creating a tag in the **Code > Tags** section, the `$CI_COMMIT_TAG` gets created, which allows us to trigger jobs accordingly.\n\n#### 8. Create automated release notes\n\nWe'll be using GitLab's release capabilities through our CI/CD pipeline. First, update your stages in `.gitlab-ci.yml`:\n\n```yaml\nstages:\n\n- publish\n- staging\n- release # New stage for releases\n- version\n- production\n```\n\nNext, add the release job:\n\n```yaml\nrelease_job:\n  stage: release\n  image: registry.gitlab.com/gitlab-org/release-cli:latest\n  rules:\n    - if: $CI_COMMIT_TAG                  # Only run when a tag is created\n  script:\n    - echo \"Creating release for $CI_COMMIT_TAG\"\n  release:                                # Release configuration\n    name: 'Release $CI_COMMIT_TAG'\n    description: 'Release created from $CI_COMMIT_TAG'\n    tag_name: '$CI_COMMIT_TAG'           # The tag to create\n    ref: '$CI_COMMIT_TAG'                # The tag to base release on\n\n```\n\nYou can enhance this by adding links to your container images:\n\n```yaml\nrelease:\n  name: 'Release $CI_COMMIT_TAG'\n  description: 'Release created from $CI_COMMIT_TAG'\n  tag_name: '$CI_COMMIT_TAG'\n  ref: '$CI_COMMIT_TAG'\n  assets:\n    links:\n      - name: 'Container Image'\n        url: '$CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG'\n        link_type: 'image'\n\n```\n\nFor meaningful automated release notes:\n\n- Use conventional commits (feat:, fix:, etc.)\n- Include issue numbers (#123)\n- Separate subject from body with blank line\n\nIf you want custom release notes with deployment info:\n\n```text\nrelease_job:\n  script:\n    - |\n      DEPLOY_TIME=$(date '+%Y-%m-%d %H:%M:%S')\n      CHANGES=$(git log $(git describe --tags --abbrev=0 @^)..@ --pretty=format:\"- %s\")\n      cat > release_notes.md \u003C\u003C EOF\n      ## Deployment Info\n      - Deployed on: $DEPLOY_TIME\n      - Environment: Production\n      - Version: $CI_COMMIT_TAG\n\n      ## Changes\n      $CHANGES\n\n      ## Artifacts\n      - Container Image: \\`$CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG\\`\n      EOF\n  release:\n    description: './release_notes.md'\n\n```\n\nOnce configured, releases will be created automatically when you create a Git tag. You can view them in GitLab under **Deploy > Releases**.\n\n#### 9. Put it all together\n\nThis is what our final YAML file looks like:\n\n```text\nvariables:\n  TAG_LATEST: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME:latest\n  TAG_COMMIT: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME:$CI_COMMIT_SHA\n  STAGING_TARGET: $STAGING_TARGET    # Set in CI/CD Variables\n  PRODUCTION_TARGET: $PRODUCTION_TARGET  # Set in CI/CD Variables\n\nstages:\n  - publish\n  - staging\n  - release\n  - version\n  - production\n\n# Build and publish to registry\npublish:\n  stage: publish\n  image: docker:latest\n  services:\n    - docker:dind\n  rules:\n    - if: $CI_COMMIT_BRANCH == \"main\" && $CI_COMMIT_TAG == null\n  script:\n    - docker build -t $TAG_LATEST -t $TAG_COMMIT .\n    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY\n    - docker push $TAG_LATEST\n    - docker push $TAG_COMMIT\n\n# Deploy to staging\nstaging:\n  stage: staging\n  image: alpine:latest\n  rules:\n    - if: $CI_COMMIT_BRANCH == \"main\" && $CI_COMMIT_TAG == null\n  script:\n    - chmod 400 $GITLAB_KEY\n    - apk add openssh-client\n    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY\n    - ssh -i $GITLAB_KEY -o StrictHostKeyChecking=no $USER@$STAGING_TARGET \"\n        docker pull $TAG_COMMIT &&\n        docker rm -f myapp || true &&\n        docker run -d -p 80:80 --name myapp $TAG_COMMIT\"\n  environment:\n    name: staging\n    url: http://$STAGING_TARGET\n\n# Create release\nrelease_job:\n  stage: release\n  image: registry.gitlab.com/gitlab-org/release-cli:latest\n  rules:\n    - if: $CI_COMMIT_TAG\n  script:\n    - |\n      DEPLOY_TIME=$(date '+%Y-%m-%d %H:%M:%S')\n      CHANGES=$(git log $(git describe --tags --abbrev=0 @^)..@ --pretty=format:\"- %s\")\n      cat > release_notes.md \u003C\u003C EOF\n      ## Deployment Info\n      - Deployed on: $DEPLOY_TIME\n      - Environment: Production\n      - Version: $CI_COMMIT_TAG\n\n      ## Changes\n      $CHANGES\n\n      ## Artifacts\n      - Container Image: \\`$CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG\\`\n      EOF\n  release:\n    name: 'Release $CI_COMMIT_TAG'\n    description: './release_notes.md'\n    tag_name: '$CI_COMMIT_TAG'\n    ref: '$CI_COMMIT_TAG'\n    assets:\n      links:\n        - name: 'Container Image'\n          url: '$CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG'\n          link_type: 'image'\n\n# Version the image with release tag\nversion_job:\n  stage: version\n  image: docker:latest\n  services:\n    - docker:dind\n  rules:\n    - if: $CI_COMMIT_TAG\n  script:\n    - docker pull $TAG_COMMIT\n    - docker tag $TAG_COMMIT $CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG\n    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY\n    - docker push $CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG\n\n# Deploy to production\nproduction:\n  stage: production\n  image: alpine:latest\n  rules:\n    - if: $CI_COMMIT_TAG\n  script:\n    - chmod 400 $GITLAB_KEY\n    - apk add openssh-client\n    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY\n    - ssh -i $GITLAB_KEY -o StrictHostKeyChecking=no $USER@$PRODUCTION_TARGET \"\n        docker pull $CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG &&\n        docker rm -f myapp || true &&\n        docker run -d -p 80:80 --name myapp $CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG\"\n  environment:\n    name: production\n    url: http://$PRODUCTION_TARGET\n\n```\n\nThis complete pipeline:\n\n- Publishes images to the registry (main branch)\n- Deploys to staging (main branch)\n- Creates releases (on tags)\n- Versions images with release tags\n- Deploys to production (on tags)\n\nKey benefits:\n\n- Clean reproducible, local development and testing environment\n- Clear path to production environments with structure to build confidence in what is deployed\n- Pattern to recover from unexpected failures, etc.\n- Ready to scale/adopt more complex deployment strategies\n\n### Best practices\n\nThroughout implementation, maintain these principles:\n\n- Document everything, from variable usage to deployment procedures\n- Use GitLab's built-in features (environments, releases, registry)\n- Implement proper access controls and security measures\n- Plan for failure with robust rollback procedures\n- Keep your pipeline configurations DRY (Don't Repeat Yourself)\n\n## Scale your deployment strategy\n\nWhat next? Here are some aspects to consider as your continuous deployment strategy matures.\n\n### Advanced security measures\n\nEnhance security through:\n\n- Protected environments with restricted access\n- Required approvals for production deployments\n- Integrated security scanning\n- Automated vulnerability assessments\n- Branch protection rules for deployment-related changes\n\n### Progressive delivery strategies\n\nImplement advanced deployment strategies:\n\n- Feature flags for controlled rollouts\n- Canary deployments for risk mitigation\n- Blue-green deployment strategies\n- A/B testing capabilities\n- Dynamic environment management\n\n### Monitoring and optimization\n\nEstablish robust monitoring practices:\n\n- Track deployment metrics\n- Set up performance monitoring\n- Configure deployment alerts\n- Establish deployment SLOs\n- Regular pipeline optimization\n\n## Why GitLab?\n\nGitLab's continuous deployment capabilities make it a standout choice for modern deployment workflows. The platform excels in streamlining the path from code to production, offering built-in container registry, environment management, and deployment tracking all within a single interface. GitLab's environment-specific variables, deployment approval gates, and rollback capabilities provide the security and control needed for production deployments, while features like review apps and feature flags enable progressive delivery approaches. As part of GitLab's complete DevSecOps platform, these CD capabilities seamlessly integrate with your entire software lifecycle.\n\n## Get started today\n\nThe journey to continuous deployment is an evolution, not a revolution. Start with the fundamentals, build a solid foundation, and gradually incorporate advanced features as your team's needs grow. GitLab provides the tools and flexibility to support you at every stage of this journey, from your first automated deployment to complex, multi-environment delivery pipelines.\n\n> Sign up for a [free trial of GitLab Ultimate](https://about.gitlab.com/free-trial/devsecops/) to get started with continous deployment today.\n",[25,26,27,10,28],"CD","CI/CD","features","tutorial","yml",{},true,"/en-us/blog/from-code-to-production-a-guide-to-continuous-deployment-with-gitlab",{"title":16,"description":17,"ogTitle":16,"ogDescription":17,"noIndex":13,"ogImage":21,"ogUrl":34,"ogSiteName":35,"ogType":36,"canonicalUrls":34},"https://about.gitlab.com/blog/from-code-to-production-a-guide-to-continuous-deployment-with-gitlab","https://about.gitlab.com","article","en-us/blog/from-code-to-production-a-guide-to-continuous-deployment-with-gitlab",[39,40,27,10,28],"cd","cicd","GHSgRJGXB8IsYbipHHLb5GtBT9NpdPCQkvX1P4ErfWo",{"data":43},{"logo":44,"freeTrial":49,"sales":54,"login":59,"items":64,"search":371,"minimal":402,"duo":421,"switchNav":430,"pricingDeployment":441},{"config":45},{"href":46,"dataGaName":47,"dataGaLocation":48},"/","gitlab logo","header",{"text":50,"config":51},"Get free trial",{"href":52,"dataGaName":53,"dataGaLocation":48},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":55,"config":56},"Talk to sales",{"href":57,"dataGaName":58,"dataGaLocation":48},"/sales/","sales",{"text":60,"config":61},"Sign in",{"href":62,"dataGaName":63,"dataGaLocation":48},"https://gitlab.com/users/sign_in/","sign in",[65,92,186,191,292,352],{"text":66,"config":67,"cards":69},"Platform",{"dataNavLevelOne":68},"platform",[70,76,84],{"title":66,"description":71,"link":72},"The intelligent orchestration platform for DevSecOps",{"text":73,"config":74},"Explore our Platform",{"href":75,"dataGaName":68,"dataGaLocation":48},"/platform/",{"title":77,"description":78,"link":79},"GitLab Duo Agent Platform","Agentic AI for the entire software lifecycle",{"text":80,"config":81},"Meet GitLab Duo",{"href":82,"dataGaName":83,"dataGaLocation":48},"/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":85,"description":86,"link":87},"Why GitLab","See the top reasons enterprises choose GitLab",{"text":88,"config":89},"Learn more",{"href":90,"dataGaName":91,"dataGaLocation":48},"/why-gitlab/","why gitlab",{"text":93,"left":31,"config":94,"link":96,"lists":100,"footer":168},"Product",{"dataNavLevelOne":95},"solutions",{"text":97,"config":98},"View all Solutions",{"href":99,"dataGaName":95,"dataGaLocation":48},"/solutions/",[101,124,147],{"title":102,"description":103,"link":104,"items":109},"Automation","CI/CD and automation to accelerate deployment",{"config":105},{"icon":106,"href":107,"dataGaName":108,"dataGaLocation":48},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[110,113,116,120],{"text":26,"config":111},{"href":112,"dataGaLocation":48,"dataGaName":26},"/solutions/continuous-integration/",{"text":77,"config":114},{"href":82,"dataGaLocation":48,"dataGaName":115},"gitlab duo agent platform - product menu",{"text":117,"config":118},"Source Code Management",{"href":119,"dataGaLocation":48,"dataGaName":117},"/solutions/source-code-management/",{"text":121,"config":122},"Automated Software Delivery",{"href":107,"dataGaLocation":48,"dataGaName":123},"Automated software delivery",{"title":125,"description":126,"link":127,"items":132},"Security","Deliver code faster without compromising security",{"config":128},{"href":129,"dataGaName":130,"dataGaLocation":48,"icon":131},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[133,137,142],{"text":134,"config":135},"Application Security Testing",{"href":129,"dataGaName":136,"dataGaLocation":48},"Application security testing",{"text":138,"config":139},"Software Supply Chain Security",{"href":140,"dataGaLocation":48,"dataGaName":141},"/solutions/supply-chain/","Software supply chain security",{"text":143,"config":144},"Software Compliance",{"href":145,"dataGaName":146,"dataGaLocation":48},"/solutions/software-compliance/","software compliance",{"title":148,"link":149,"items":154},"Measurement",{"config":150},{"icon":151,"href":152,"dataGaName":153,"dataGaLocation":48},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[155,159,163],{"text":156,"config":157},"Visibility & Measurement",{"href":152,"dataGaLocation":48,"dataGaName":158},"Visibility and Measurement",{"text":160,"config":161},"Value Stream Management",{"href":162,"dataGaLocation":48,"dataGaName":160},"/solutions/value-stream-management/",{"text":164,"config":165},"Analytics & Insights",{"href":166,"dataGaLocation":48,"dataGaName":167},"/solutions/analytics-and-insights/","Analytics and insights",{"title":169,"items":170},"GitLab for",[171,176,181],{"text":172,"config":173},"Enterprise",{"href":174,"dataGaLocation":48,"dataGaName":175},"/enterprise/","enterprise",{"text":177,"config":178},"Small Business",{"href":179,"dataGaLocation":48,"dataGaName":180},"/small-business/","small business",{"text":182,"config":183},"Public Sector",{"href":184,"dataGaLocation":48,"dataGaName":185},"/solutions/public-sector/","public sector",{"text":187,"config":188},"Pricing",{"href":189,"dataGaName":190,"dataGaLocation":48,"dataNavLevelOne":190},"/pricing/","pricing",{"text":192,"config":193,"link":195,"lists":199,"feature":279},"Resources",{"dataNavLevelOne":194},"resources",{"text":196,"config":197},"View all resources",{"href":198,"dataGaName":194,"dataGaLocation":48},"/resources/",[200,233,251],{"title":201,"items":202},"Getting started",[203,208,213,218,223,228],{"text":204,"config":205},"Install",{"href":206,"dataGaName":207,"dataGaLocation":48},"/install/","install",{"text":209,"config":210},"Quick start guides",{"href":211,"dataGaName":212,"dataGaLocation":48},"/get-started/","quick setup checklists",{"text":214,"config":215},"Learn",{"href":216,"dataGaLocation":48,"dataGaName":217},"https://university.gitlab.com/","learn",{"text":219,"config":220},"Product documentation",{"href":221,"dataGaName":222,"dataGaLocation":48},"https://docs.gitlab.com/","product documentation",{"text":224,"config":225},"Best practice videos",{"href":226,"dataGaName":227,"dataGaLocation":48},"/getting-started-videos/","best practice videos",{"text":229,"config":230},"Integrations",{"href":231,"dataGaName":232,"dataGaLocation":48},"/integrations/","integrations",{"title":234,"items":235},"Discover",[236,241,246],{"text":237,"config":238},"Customer success stories",{"href":239,"dataGaName":240,"dataGaLocation":48},"/customers/","customer success stories",{"text":242,"config":243},"Blog",{"href":244,"dataGaName":245,"dataGaLocation":48},"/blog/","blog",{"text":247,"config":248},"Remote",{"href":249,"dataGaName":250,"dataGaLocation":48},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":252,"items":253},"Connect",[254,259,264,269,274],{"text":255,"config":256},"GitLab Services",{"href":257,"dataGaName":258,"dataGaLocation":48},"/services/","services",{"text":260,"config":261},"Community",{"href":262,"dataGaName":263,"dataGaLocation":48},"/community/","community",{"text":265,"config":266},"Forum",{"href":267,"dataGaName":268,"dataGaLocation":48},"https://forum.gitlab.com/","forum",{"text":270,"config":271},"Events",{"href":272,"dataGaName":273,"dataGaLocation":48},"/events/","events",{"text":275,"config":276},"Partners",{"href":277,"dataGaName":278,"dataGaLocation":48},"/partners/","partners",{"backgroundColor":280,"textColor":281,"text":282,"image":283,"link":287},"#2f2a6b","#fff","Insights for the future of software development",{"altText":284,"config":285},"the source promo card",{"src":286},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":288,"config":289},"Read the latest",{"href":290,"dataGaName":291,"dataGaLocation":48},"/the-source/","the source",{"text":293,"config":294,"lists":296},"Company",{"dataNavLevelOne":295},"company",[297],{"items":298},[299,304,310,312,317,322,327,332,337,342,347],{"text":300,"config":301},"About",{"href":302,"dataGaName":303,"dataGaLocation":48},"/company/","about",{"text":305,"config":306,"footerGa":309},"Jobs",{"href":307,"dataGaName":308,"dataGaLocation":48},"/jobs/","jobs",{"dataGaName":308},{"text":270,"config":311},{"href":272,"dataGaName":273,"dataGaLocation":48},{"text":313,"config":314},"Leadership",{"href":315,"dataGaName":316,"dataGaLocation":48},"/company/team/e-group/","leadership",{"text":318,"config":319},"Team",{"href":320,"dataGaName":321,"dataGaLocation":48},"/company/team/","team",{"text":323,"config":324},"Handbook",{"href":325,"dataGaName":326,"dataGaLocation":48},"https://handbook.gitlab.com/","handbook",{"text":328,"config":329},"Investor relations",{"href":330,"dataGaName":331,"dataGaLocation":48},"https://ir.gitlab.com/","investor relations",{"text":333,"config":334},"Trust Center",{"href":335,"dataGaName":336,"dataGaLocation":48},"/security/","trust center",{"text":338,"config":339},"AI Transparency Center",{"href":340,"dataGaName":341,"dataGaLocation":48},"/ai-transparency-center/","ai transparency center",{"text":343,"config":344},"Newsletter",{"href":345,"dataGaName":346,"dataGaLocation":48},"/company/contact/#contact-forms","newsletter",{"text":348,"config":349},"Press",{"href":350,"dataGaName":351,"dataGaLocation":48},"/press/","press",{"text":353,"config":354,"lists":355},"Contact us",{"dataNavLevelOne":295},[356],{"items":357},[358,361,366],{"text":55,"config":359},{"href":57,"dataGaName":360,"dataGaLocation":48},"talk to sales",{"text":362,"config":363},"Support portal",{"href":364,"dataGaName":365,"dataGaLocation":48},"https://support.gitlab.com","support portal",{"text":367,"config":368},"Customer portal",{"href":369,"dataGaName":370,"dataGaLocation":48},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":372,"login":373,"suggestions":380},"Close",{"text":374,"link":375},"To search repositories and projects, login to",{"text":376,"config":377},"gitlab.com",{"href":62,"dataGaName":378,"dataGaLocation":379},"search login","search",{"text":381,"default":382},"Suggestions",[383,385,389,391,395,399],{"text":77,"config":384},{"href":82,"dataGaName":77,"dataGaLocation":379},{"text":386,"config":387},"Code Suggestions (AI)",{"href":388,"dataGaName":386,"dataGaLocation":379},"/solutions/code-suggestions/",{"text":26,"config":390},{"href":112,"dataGaName":26,"dataGaLocation":379},{"text":392,"config":393},"GitLab on AWS",{"href":394,"dataGaName":392,"dataGaLocation":379},"/partners/technology-partners/aws/",{"text":396,"config":397},"GitLab on Google Cloud",{"href":398,"dataGaName":396,"dataGaLocation":379},"/partners/technology-partners/google-cloud-platform/",{"text":400,"config":401},"Why GitLab?",{"href":90,"dataGaName":400,"dataGaLocation":379},{"freeTrial":403,"mobileIcon":408,"desktopIcon":413,"secondaryButton":416},{"text":404,"config":405},"Start free trial",{"href":406,"dataGaName":53,"dataGaLocation":407},"https://gitlab.com/-/trials/new/","nav",{"altText":409,"config":410},"Gitlab Icon",{"src":411,"dataGaName":412,"dataGaLocation":407},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":409,"config":414},{"src":415,"dataGaName":412,"dataGaLocation":407},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":417,"config":418},"Get Started",{"href":419,"dataGaName":420,"dataGaLocation":407},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/get-started/","get started",{"freeTrial":422,"mobileIcon":426,"desktopIcon":428},{"text":423,"config":424},"Learn more about GitLab Duo",{"href":82,"dataGaName":425,"dataGaLocation":407},"gitlab duo",{"altText":409,"config":427},{"src":411,"dataGaName":412,"dataGaLocation":407},{"altText":409,"config":429},{"src":415,"dataGaName":412,"dataGaLocation":407},{"button":431,"mobileIcon":436,"desktopIcon":438},{"text":432,"config":433},"/switch",{"href":434,"dataGaName":435,"dataGaLocation":407},"#contact","switch",{"altText":409,"config":437},{"src":411,"dataGaName":412,"dataGaLocation":407},{"altText":409,"config":439},{"src":440,"dataGaName":412,"dataGaLocation":407},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1773335277/ohhpiuoxoldryzrnhfrh.png",{"freeTrial":442,"mobileIcon":447,"desktopIcon":449},{"text":443,"config":444},"Back to pricing",{"href":189,"dataGaName":445,"dataGaLocation":407,"icon":446},"back to pricing","GoBack",{"altText":409,"config":448},{"src":411,"dataGaName":412,"dataGaLocation":407},{"altText":409,"config":450},{"src":415,"dataGaName":412,"dataGaLocation":407},{"title":452,"button":453,"config":458},"See how agentic AI transforms software delivery",{"text":454,"config":455},"Watch GitLab Transcend now",{"href":456,"dataGaName":457,"dataGaLocation":48},"/events/transcend/virtual/","transcend event",{"layout":459,"icon":460,"disabled":31},"release","AiStar",{"data":462},{"text":463,"source":464,"edit":470,"contribute":475,"config":480,"items":485,"minimal":691},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":465,"config":466},"View page source",{"href":467,"dataGaName":468,"dataGaLocation":469},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":471,"config":472},"Edit this page",{"href":473,"dataGaName":474,"dataGaLocation":469},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":476,"config":477},"Please contribute",{"href":478,"dataGaName":479,"dataGaLocation":469},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":481,"facebook":482,"youtube":483,"linkedin":484},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[486,533,586,630,657],{"title":187,"links":487,"subMenu":502},[488,492,497],{"text":489,"config":490},"View plans",{"href":189,"dataGaName":491,"dataGaLocation":469},"view plans",{"text":493,"config":494},"Why Premium?",{"href":495,"dataGaName":496,"dataGaLocation":469},"/pricing/premium/","why premium",{"text":498,"config":499},"Why Ultimate?",{"href":500,"dataGaName":501,"dataGaLocation":469},"/pricing/ultimate/","why ultimate",[503],{"title":504,"links":505},"Contact Us",[506,509,511,513,518,523,528],{"text":507,"config":508},"Contact sales",{"href":57,"dataGaName":58,"dataGaLocation":469},{"text":362,"config":510},{"href":364,"dataGaName":365,"dataGaLocation":469},{"text":367,"config":512},{"href":369,"dataGaName":370,"dataGaLocation":469},{"text":514,"config":515},"Status",{"href":516,"dataGaName":517,"dataGaLocation":469},"https://status.gitlab.com/","status",{"text":519,"config":520},"Terms of use",{"href":521,"dataGaName":522,"dataGaLocation":469},"/terms/","terms of use",{"text":524,"config":525},"Privacy statement",{"href":526,"dataGaName":527,"dataGaLocation":469},"/privacy/","privacy statement",{"text":529,"config":530},"Cookie preferences",{"dataGaName":531,"dataGaLocation":469,"id":532,"isOneTrustButton":31},"cookie preferences","ot-sdk-btn",{"title":93,"links":534,"subMenu":543},[535,539],{"text":536,"config":537},"DevSecOps platform",{"href":75,"dataGaName":538,"dataGaLocation":469},"devsecops platform",{"text":540,"config":541},"AI-Assisted Development",{"href":82,"dataGaName":542,"dataGaLocation":469},"ai-assisted development",[544],{"title":545,"links":546},"Topics",[547,551,556,561,566,571,576,581],{"text":548,"config":549},"CICD",{"href":550,"dataGaName":40,"dataGaLocation":469},"/topics/ci-cd/",{"text":552,"config":553},"GitOps",{"href":554,"dataGaName":555,"dataGaLocation":469},"/topics/gitops/","gitops",{"text":557,"config":558},"DevOps",{"href":559,"dataGaName":560,"dataGaLocation":469},"/topics/devops/","devops",{"text":562,"config":563},"Version Control",{"href":564,"dataGaName":565,"dataGaLocation":469},"/topics/version-control/","version control",{"text":567,"config":568},"DevSecOps",{"href":569,"dataGaName":570,"dataGaLocation":469},"/topics/devsecops/","devsecops",{"text":572,"config":573},"Cloud Native",{"href":574,"dataGaName":575,"dataGaLocation":469},"/topics/cloud-native/","cloud native",{"text":577,"config":578},"AI for Coding",{"href":579,"dataGaName":580,"dataGaLocation":469},"/topics/devops/ai-for-coding/","ai for coding",{"text":582,"config":583},"Agentic AI",{"href":584,"dataGaName":585,"dataGaLocation":469},"/topics/agentic-ai/","agentic ai",{"title":587,"links":588},"Solutions",[589,591,593,598,602,605,609,612,614,617,620,625],{"text":134,"config":590},{"href":129,"dataGaName":134,"dataGaLocation":469},{"text":123,"config":592},{"href":107,"dataGaName":108,"dataGaLocation":469},{"text":594,"config":595},"Agile development",{"href":596,"dataGaName":597,"dataGaLocation":469},"/solutions/agile-delivery/","agile delivery",{"text":599,"config":600},"SCM",{"href":119,"dataGaName":601,"dataGaLocation":469},"source code management",{"text":548,"config":603},{"href":112,"dataGaName":604,"dataGaLocation":469},"continuous integration & delivery",{"text":606,"config":607},"Value stream management",{"href":162,"dataGaName":608,"dataGaLocation":469},"value stream management",{"text":552,"config":610},{"href":611,"dataGaName":555,"dataGaLocation":469},"/solutions/gitops/",{"text":172,"config":613},{"href":174,"dataGaName":175,"dataGaLocation":469},{"text":615,"config":616},"Small business",{"href":179,"dataGaName":180,"dataGaLocation":469},{"text":618,"config":619},"Public sector",{"href":184,"dataGaName":185,"dataGaLocation":469},{"text":621,"config":622},"Education",{"href":623,"dataGaName":624,"dataGaLocation":469},"/solutions/education/","education",{"text":626,"config":627},"Financial services",{"href":628,"dataGaName":629,"dataGaLocation":469},"/solutions/finance/","financial services",{"title":192,"links":631},[632,634,636,638,641,643,645,647,649,651,653,655],{"text":204,"config":633},{"href":206,"dataGaName":207,"dataGaLocation":469},{"text":209,"config":635},{"href":211,"dataGaName":212,"dataGaLocation":469},{"text":214,"config":637},{"href":216,"dataGaName":217,"dataGaLocation":469},{"text":219,"config":639},{"href":221,"dataGaName":640,"dataGaLocation":469},"docs",{"text":242,"config":642},{"href":244,"dataGaName":245,"dataGaLocation":469},{"text":237,"config":644},{"href":239,"dataGaName":240,"dataGaLocation":469},{"text":247,"config":646},{"href":249,"dataGaName":250,"dataGaLocation":469},{"text":255,"config":648},{"href":257,"dataGaName":258,"dataGaLocation":469},{"text":260,"config":650},{"href":262,"dataGaName":263,"dataGaLocation":469},{"text":265,"config":652},{"href":267,"dataGaName":268,"dataGaLocation":469},{"text":270,"config":654},{"href":272,"dataGaName":273,"dataGaLocation":469},{"text":275,"config":656},{"href":277,"dataGaName":278,"dataGaLocation":469},{"title":293,"links":658},[659,661,663,665,667,669,671,675,680,682,684,686],{"text":300,"config":660},{"href":302,"dataGaName":295,"dataGaLocation":469},{"text":305,"config":662},{"href":307,"dataGaName":308,"dataGaLocation":469},{"text":313,"config":664},{"href":315,"dataGaName":316,"dataGaLocation":469},{"text":318,"config":666},{"href":320,"dataGaName":321,"dataGaLocation":469},{"text":323,"config":668},{"href":325,"dataGaName":326,"dataGaLocation":469},{"text":328,"config":670},{"href":330,"dataGaName":331,"dataGaLocation":469},{"text":672,"config":673},"Sustainability",{"href":674,"dataGaName":672,"dataGaLocation":469},"/sustainability/",{"text":676,"config":677},"Diversity, inclusion and belonging (DIB)",{"href":678,"dataGaName":679,"dataGaLocation":469},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":333,"config":681},{"href":335,"dataGaName":336,"dataGaLocation":469},{"text":343,"config":683},{"href":345,"dataGaName":346,"dataGaLocation":469},{"text":348,"config":685},{"href":350,"dataGaName":351,"dataGaLocation":469},{"text":687,"config":688},"Modern Slavery Transparency Statement",{"href":689,"dataGaName":690,"dataGaLocation":469},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":692},[693,696,699],{"text":694,"config":695},"Terms",{"href":521,"dataGaName":522,"dataGaLocation":469},{"text":697,"config":698},"Cookies",{"dataGaName":531,"dataGaLocation":469,"id":532,"isOneTrustButton":31},{"text":700,"config":701},"Privacy",{"href":526,"dataGaName":527,"dataGaLocation":469},[703,716],{"id":704,"title":19,"body":9,"config":705,"content":707,"description":9,"extension":29,"meta":711,"navigation":31,"path":712,"seo":713,"stem":714,"__hash__":715},"blogAuthors/en-us/blog/authors/benjamin-skierlak.yml",{"template":706},"BlogAuthor",{"name":19,"config":708},{"headshot":709,"ctfId":710},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659471/Blog/Author%20Headshots/Benjamin_Skierlak_headshot.png","Kzp6pkUjPORYYMoeLFPRf",{},"/en-us/blog/authors/benjamin-skierlak",{},"en-us/blog/authors/benjamin-skierlak","RbLU9KGFtah9Juo58JyxfHHYNIU4fyzzOUb5p7-fubo",{"id":717,"title":20,"body":9,"config":718,"content":719,"description":9,"extension":29,"meta":723,"navigation":31,"path":724,"seo":725,"stem":726,"__hash__":727},"blogAuthors/en-us/blog/authors/james-wormwell.yml",{"template":706},{"name":20,"config":720},{"headshot":721,"ctfId":722},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659474/Blog/Author%20Headshots/james_wormwell_headshot.png","CPPijHb0Op5C5aVcvsOEf",{},"/en-us/blog/authors/james-wormwell",{},"en-us/blog/authors/james-wormwell","n6G4XENUWxgqOdCgfG0ECu0Uqj7qOS9zr3Rl8ouF49M",[729,743,749],{"content":730,"config":741},{"title":731,"description":732,"authors":733,"heroImage":735,"date":736,"body":737,"category":10,"tags":738},"GitLab 18.11: Budget guardrails for GitLab Credits","Learn how new spending caps and per-user credit limits give organizations the budget guardrails to scale GitLab Duo Agent Platform.",[734],"Bryan Rothwell","https://res.cloudinary.com/about-gitlab-com/image/upload/v1776259080/cakqnwo5ecp255lo8lzo.png","2026-04-16","Teams using GitLab Duo Agent Platform with on-demand GitLab Credits are shipping faster, catching bugs earlier, and automating tasks that used to take entire sprints. But as adoption grows, so does oversight from finance, procurement, and platform teams to prove that AI spending is bounded, predictable, and controllable.\n\nOne of the greatest barriers to broader AI adoption isn't skepticism about the technology. It's uncertainty about managing spend. Without budget caps, a busy month could produce unexpected expenses. Without per-user limits, a handful of power users could burn through the team's credits before the month is over. And without either, engineering leaders who want to expand their use of agentic AI for software development have to jump through more hoops for budget approval.\n\nSince its [general availability](https://about.gitlab.com/blog/gitlab-duo-agent-platform-is-generally-available/), GitLab Duo Agent Platform has provided usage governance and visibility. With GitLab 18.11, we're introducing usage controls for [GitLab Credits](https://about.gitlab.com/blog/introducing-gitlab-credits/): spending caps and budget guardrails that give your organization even more control and transparency over how credits are consumed.\n\n## Managing GitLab Credits\n\nGitLab 18.11 adds three layers of control over GitLab Credits consumption: a subscription-level spending cap, per-user credit limits, and visibility into cap status and enforcement.\n\n### Subscription-level spending cap\n\nBilling account managers can now set a hard monthly ceiling for on-demand GitLab Credits consumption for their entire subscription.\n\nHere's how it works:\n\n* **Set a cap** in the `Customers Portal` under your subscription's GitLab Credits settings.  \n* **Enforce spend limits automatically.**  When on-demand usage reaches the cap, DAP access is paused for all users on that subscription until the next monthly period begins.  \n* **Make adjustments as you go.** Raise or disable the cap mid-month to restore access.\n\nThe cap resets each monthly period and your configured limit carries forward unless you change it. Because usage data is synchronized periodically rather than in real time, a small amount of additional usage may occur after the cap is reached before enforcement takes effect. See the [GitLab Credits documentation](https://docs.gitlab.com/subscriptions/gitlab_credits/) for details.\n\n### User-level spending caps\n\nNot every user consumes credits at the same rate, and that's expected. But when one or two power users account for a disproportionate share of the pool, the rest of the team can lose access before the month is over.\n\nPer-user credit caps prevent any single user from consuming more than their fair share:\n\n* **Flat per-user cap.** Set a uniform credit limit that applies equally to every user on the subscription through the GitLab GraphQL API. Unlike the subscription-level cap, the per-user cap applies to a user's total consumption across all credit sources.  \n* **Custom per-user overrides.** For organizations that need differentiated limits, you can set individual credit caps for specific users through the GraphQL API. For example, you could give your staff engineers a higher allocation while applying a standard limit to the broader team.  \n* **Individual enforcement.** When a user reaches their cap, they retain full access to GitLab. Only their Duo Agent Platform credit usage is paused until the next billing cycle. Everyone else keeps working uninterrupted until they hit their own limit or the subscription-level cap is reached, whichever comes first.\n\n### Visibility and notifications\n\nWhen a subscription-level cap is reached, GitLab sends an email notification to billing account managers so they can take action: raise the cap, wait for the next period, or redistribute credits.\n\nWithin GitLab, group owners (GitLab.com) and instance administrators (Self-Managed) can view which users have been blocked due to reaching their per-user cap and restore access by adjusting the cap through the GraphQL API. \n\n## How budget guardrails help organizations scale AI usage\n\nGuardrails are essential as organizations ramp up their AI adoption. Here's why:\n\n### Predictable AI budgets\n\nUsage controls for GitLab Duo Agent Platform turn AI into a bounded, predictable budget item using on-demand GitLab Credits. That makes it easier to deploy agents across the software development lifecycle and get sign-off from finance, justify renewals, and plan quarterly spend.\n\n### Governance and chargeback\n\nLarge organizations often need to align AI consumption with internal budgets, cost centers, or departmental policies. Per-user caps give platform teams a straightforward mechanism to allocate credits fairly and track consumption at the individual level. The API import options make it practical to manage caps at enterprise scale. Combined with per-user usage data from the GitLab Credits dashboard, organizations can track consumption patterns to inform their own internal chargeback or budget allocation processes.\n\n### Confidence to scale\n\nMany customers start GitLab Duo Agent Platform with a small pilot group. Usage controls remove risks associated with expanding that pilot across the organization. You can roll out Duo Agent Platform to hundreds or thousands of developers knowing there's a hard ceiling protecting your budget. If usage grows faster than expected, you'll hit the cap, not an unexpected invoice.\n\n## Addressing the seat-based and visibility conundrum\n\nMany AI coding tools take a seat-based approach to cost management. You buy a fixed number of seats at a flat per-user price, and that's your budget. It's simple, but rigid. You pay the same whether a developer uses the tool ten times a day or never touches it. And as vendors introduce premium models and usage-based overages on top of seat pricing, the cost predictability that seat-based licensing promised starts to erode.\n\n\nGitLab takes a different approach. Usage-based pricing with hard caps and a single governance dashboard. You get the flexibility of paying for what your teams actually use, with the budget predictability of enforced spending limits.\n\n## Real-world usage controls\n\n**One example is a mid-size SaaS customer that wants to protect their monthly budget.** A 200-person engineering organization sets a subscription-level cap equal to their expected on-demand usage. Their VP of Engineering can confidently tell finance that GitLab Duo Agent Platform spend will never exceed the approved amount, even as they onboard new teams. If they approach the cap mid-month, the billing account manager gets a notification and can decide whether to raise the limit or wait for the next period.\n\n**At GitLab, we also work with large enterprises that want to keep usage fair across teams.** A global financial services company with 2,000 developers uses per-user caps to ensure equitable access. Staff engineers working on complex refactoring projects get a higher individual allocation via API, while most developers receive a standard flat cap. No single user can exhaust the pool, and the platform team uses the per-user usage data in the GitLab Credits dashboard to track consumption patterns and inform quarterly budget planning.\n\n## Getting started\n\nUsage controls are available for both GitLab.com and Self-Managed customers running GitLab 18.11. Different controls are configured in different places depending on the scope and your role.\n\n**Subscription-level cap**\n\nBilling account managers set the subscription-level on-demand cap in the Customers Portal:\n\n1. Sign in to the `Customers Portal`.  \n2. On your subscription card, navigate to **GitLab Credits** settings.  \n3. Enable the monthly on-demand credits cap and enter your desired limit.\n\n**Flat per-user cap**\n\nThe flat per-user cap can be set through the GitLab GraphQL API by namespace owners (GitLab.com) or instance administrators (Self-Managed). Check the [GitLab Credits documentation](https://docs.gitlab.com/subscriptions/gitlab_credits/) for the latest on available configuration surfaces.\n\n**Custom per-user overrides**\n\nFor differentiated limits, namespace owners (GitLab.com) and instance administrators (Self-Managed) can set individual caps programmatically. This is useful for automation and infrastructure-as-code workflows.\n\n**Monitor usage and cap status**\n\n* **Customers Portal:** View detailed usage and cap status.  \n* **GitLab.com:** Group owners can view blocked users under **Settings > GitLab Credits**.  \n* **Self-Managed:** Instance administrators can view cap status and blocked users under **Admin > GitLab Credits**.\n\n## GitLab Duo Agent Platform is ready to scale\n\nUsage controls are available now in GitLab 18.11. If you've been waiting for the right guardrails before expanding GitLab Duo Agent Platform across your organization, this is your moment. Set your caps, roll out Duo Agent Platform to more teams, and start shipping faster!\n\n> [Learn more about GitLab Credits and usage controls](https://docs.gitlab.com/subscriptions/gitlab_credits/).",[10,739,740],"AI/ML","news",{"featured":13,"template":14,"slug":742},"gitlab-18-11-budget-guardrails-for-gitlab-credits",{"content":744,"config":747},{"title":745,"heroImage":735,"description":746,"date":736,"category":10},"GitLab 18.11 release","This release includes Agentic SAST Vulnerability Resolution, Data Analyst Foundational Agent, CI Expert Agent, and more.",{"featured":13,"template":14,"externalUrl":748},"https://docs.gitlab.com/releases/18/gitlab-18-11-released/",{"content":750,"config":757},{"title":751,"description":752,"authors":753,"heroImage":735,"date":736,"body":755,"category":10,"tags":756},"GitLab 18.11: CI Expert and Data Analyst AI agents target development gaps","Set up CI and query your software development lifecycle data with two new GitLab Duo Agent Platform foundational agents available in GitLab 18.11.",[754],"Corinne Dent","AI-generated code moves faster than the systems around it can keep up with. More code means more merge requests queued, more pipelines to configure, more questions about delivery that nobody has time to answer — and most of the tooling teams rely on wasn't built for this pace.\n\nIn GitLab 18.11, two new foundational agents for Duo Agent Platform address specific gaps in the development lifecycle that AI has largely left untouched:\n* CI Expert Agent (now in beta) focuses on the gap between writing code and getting it into a running pipeline\n* Data Analyst Agent (now generally available) focuses on the gap between shipping code and being able to answer basic questions about how that delivery is actually going.\n\n\nThese are problem areas that couldn't be solved by a general-purpose assistant. A tool running outside GitLab can generate a YAML file or answer a question, but it has no awareness of how your pipelines have historically performed, where failures cluster, or what your actual MR cycle times look like. That context lives in GitLab. These agents do too.\n## Fast CI setup with CI Expert Agent\n\nAI has made it easier than ever to write code. Getting that code into a running pipeline is still something most teams do days, or weeks, later — if at all. The blank-page problem isn't in the editor anymore. The blank page is now in `.gitlab-ci.yml`.\n\nDevelopers who have never configured CI don't know what language detection looks like in YAML, what their test commands should be, or how to validate the result before pushing. Teams either copy a config from a previous project that may not fit, stitch together examples from documentation, or wait for the one person who's done it before. If that person isn't available, CI becomes the thing you'll \"get to later.\" Later becomes never.\n\nWhen CI never happens, the impact shows up everywhere else. Changes ship without a reliable safety net, regressions surface in production instead of in pipelines, and work piles up in bigger, riskier batches because no one wants to be the person who “breaks the build.” Over time, teams normalize working in the dark, often relying on undocumented institutional knowledge and ad-hoc testing, instead of having a fast, predictable feedback loop baked into every change.\n\nCI Expert Agent, now available in beta, removes that friction. It inspects your repository, identifies your language and framework, and proposes a working build and test pipeline tailored to what's actually there — then explains every decision in plain language. The target: a running pipeline in minutes, with no YAML written by hand.\n\nWhat CI Expert Agent does:\n\n* Repo-aware pipeline generation detects language, framework, and test setup \n* Generates valid, runnable build and test configurations   \n* Guided first-pipeline flow with plain-language explanation of each step in Agentic Chat  \n* Native GitLab CI semantics with no config translation required\n\nBecause it runs inside GitLab and sees real pipeline behavior over time, each improvement can build on how teams actually work, not just on static examples.\n\u003Ciframe src=\"https://player.vimeo.com/video/1183458036?badge=0&amp;autopause=0&amp;player_id=0&amp;app_id=58479\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write; encrypted-media; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" style=\"position:absolute;top:0;left:0;width:100%;height:100%;\" title=\"CI/CD Expert Agent\">\u003C/iframe>\u003Cscript src=\"https://player.vimeo.com/api/player.js\">\u003C/script>\n\u003Cbr>\u003C/br>\n\nCI Expert Agent is available on GitLab.com, Self-Managed, Dedicated; Free, Premium, Ultimate Editions with Duo Agent Platform enabled.\n\n## Query GitLab data in plain language with Data Analyst Agent\n\nAI has sped up how teams ship. Answering basic questions about how that work is going has gotten harder, not easier.\n\nHow long are MRs sitting in review? Which pipelines are slowing teams down? Are deployment targets actually being hit? These questions used to be answerable by glancing at a dashboard. Now, with more code, more teams, and more complexity, the data exists — it's in GitLab — but accessing it still means waiting on an analytics team, filing a dashboard request, or learning GLQL.\n\nData Analyst Agent targets that gap. Ask a natural-language question and get an instant visualization in Agentic Chat. No query language, no dashboard request, no waiting for the answers to be assembled by someone else.\n\nFor example, the agent can answer questions about the following topics for these roles:\n\n* Engineering managers: MR cycle time, throughput by project, where reviews get stuck  \n* Developers: Contribution patterns, flaky tests blocking their MRs, pipeline speed trends  \n* DevOps and platform engineers: Pipeline success/failure rates, runner utilization, deployment frequency  \n* Engineering leadership: Cross-portfolio deployment frequency, project health metrics, lead time comparisons\n\nNow generally available in 18.11, the agent covers MRs, issues, projects, pipelines, and jobs — full software development lifecycle coverage, expanded from the beta scope. Because Data Analyst Agent queries what's already in GitLab, the context is always current, and there's no pipeline to maintain or third-party tool to keep synchronized. Generated GitLab Query Language queries can be copied and used anywhere GitLab Flavored Markdown is supported, with direct export to work items and dashboards on the roadmap.\n\n\u003Ciframe src=\"https://player.vimeo.com/video/1183094817?badge=0&amp;autopause=0&amp;player_id=0&amp;app_id=58479\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write; encrypted-media; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" style=\"position:absolute;top:0;left:0;width:100%;height:100%;\" title=\"Data Analyst agent demo\">\u003C/iframe>\u003Cscript src=\"https://player.vimeo.com/api/player.js\">\u003C/script>\n\u003Cbr>\u003C/br>\n\nData Analyst Agent is available on GitLab.com, Self-Managed, Dedicated; Free, Premium and Ultimate Edition with Duo Agent Platform enabled.\n\n## One platform, connected context\n\nBoth agents run inside GitLab, with access to the code, pipelines, issues, and merge requests already there. That's what separates platform-native AI from a disconnected assistant: the context is always current, and it only gets more useful over time. CI Expert Agent and Data Analyst Agent represent two concrete steps toward a platform where AI doesn't just help you write code faster; it helps you understand, ship, and maintain what gets built.\n\n> [Start a free trial of GitLab Duo Agent Platform](https://about.gitlab.com/gitlab-duo/) to experience these foundational AI agents.",[739,27,10],{"featured":31,"template":14,"slug":758},"ci-expert-and-data-analyst-ai-agents-target-development-gaps",{"promotions":760},[761,775,786,798],{"id":762,"categories":763,"header":765,"text":766,"button":767,"image":772},"ai-modernization",[764],"ai-ml","Is AI achieving its promise at scale?","Quiz will take 5 minutes or less",{"text":768,"config":769},"Get your AI maturity score",{"href":770,"dataGaName":771,"dataGaLocation":245},"/assessments/ai-modernization-assessment/","modernization assessment",{"config":773},{"src":774},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":776,"categories":777,"header":778,"text":766,"button":779,"image":783},"devops-modernization",[10,570],"Are you just managing tools or shipping innovation?",{"text":780,"config":781},"Get your DevOps maturity score",{"href":782,"dataGaName":771,"dataGaLocation":245},"/assessments/devops-modernization-assessment/",{"config":784},{"src":785},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":787,"categories":788,"header":790,"text":766,"button":791,"image":795},"security-modernization",[789],"security","Are you trading speed for security?",{"text":792,"config":793},"Get your security maturity score",{"href":794,"dataGaName":771,"dataGaLocation":245},"/assessments/security-modernization-assessment/",{"config":796},{"src":797},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"id":799,"paths":800,"header":803,"text":804,"button":805,"image":810},"github-azure-migration",[801,802],"migration-from-azure-devops-to-gitlab","integrating-azure-devops-scm-and-gitlab","Is your team ready for GitHub's Azure move?","GitHub is already rebuilding around Azure. Find out what it means for you.",{"text":806,"config":807},"See how GitLab compares to GitHub",{"href":808,"dataGaName":809,"dataGaLocation":245},"/compare/gitlab-vs-github/github-azure-migration/","github azure migration",{"config":811},{"src":785},{"header":813,"blurb":814,"button":815,"secondaryButton":820},"Start building faster today","See what your team can do with the intelligent orchestration platform for DevSecOps.\n",{"text":816,"config":817},"Get your free trial",{"href":818,"dataGaName":53,"dataGaLocation":819},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":507,"config":821},{"href":57,"dataGaName":58,"dataGaLocation":819},1776443042117]