GitLab Integration for IaC & GitOps
Connect GitLab repositories for both IaC and GitOps workflows. Kestrel reads your Terraform code, finds misconfigurations, and opens merge requests. For Kubernetes, deploy YAML changes to GitLab with an interactive file browser.
Whether your team manages cloud infrastructure with Terraform or deploys Kubernetes workloads via GitOps, changes should flow through code review - not ad-hoc commands. The GitLab Integration connects your repositories directly to Kestrel for both workflows: IaC remediation for cloud misconfigurations, and GitOps deployment for Kubernetes YAML changes. Every fix goes through a merge request in your existing review process.
Connect Once, Fix Everywhere
Connect your GitLab account via OAuth, sync the projects you want Kestrel to manage, and link each repository to the AWS or OCI account it provisions. From that point on, Kestrel has full context of your infrastructure code whenever it investigates an issue or answers a question.
Both GitHub and GitLab are supported simultaneously - if your team uses GitHub for some repositories and GitLab for others, Kestrel works with both. Each repository can be configured independently with its own IaC type (Terraform, CloudFormation, or Pulumi) and root path.
AI Copilot with IaC Context
When you ask the Cloud AI Copilot a question about your infrastructure, Kestrel doesn't just look at the live AWS state - it reads your Terraform files and understands the full picture. Ask it to find misconfigurations, add a new resource, or fix a security issue, and it generates a complete file update with a diff view showing exactly what changed.
Store the change, review it in the Configuration Changes page, and click Deploy IaC to open a merge request in the correct GitLab repository. No copy-pasting, no switching between tools.
Incident Fixes as Merge Requests
When Kestrel detects a cloud incident - say, an S3 bucket with public access block disabled - it runs root cause analysis, correlates with your connected IaC repositories, and generates a Terraform fix that updates the specific file managing that resource. The fix targets the right repository even when multiple repos contain similar resource types, by matching on the exact resource identifier from the incident signals.
From the incident detail page, click Create Pull Request to open a merge request in GitLab with the remediation. The MR includes the full diff, a description of what the fix does, and links back to the incident.
Multi-Repo Support
Real infrastructure isn't one giant repo. Teams split Terraform across repositories by domain - networking, IAM, storage, application services. Kestrel handles this natively. Connect as many repositories as you need, each linked to the relevant cloud account, and Kestrel fetches only the repos associated with the account you're asking about.
When generating fixes, Kestrel matches the resource identifier from the cloud API against the actual Terraform code across all connected repos to find the right file. No manual selection required.
GitOps: Kubernetes YAML to GitLab
The GitLab integration isn't just for Terraform. When the AI copilot generates a Kubernetes YAML change - scaling a deployment, updating resource limits, adding a network policy - you can deploy it to a GitLab repository with the same interactive workflow available for GitHub.
From the Chat Configuration Changes page or a Kubernetes Incident Detail page, click Deploy to CI/CD. The dialog shows both your GitHub and GitLab repositories. Select a GitLab repo, browse its directory structure with the interactive file browser, pick a target file (or create a new one), and Kestrel opens a merge request with the YAML change.
Once the merge request is created, the change shows a PR Created badge that links directly to the GitLab MR. No duplicate deployments - the deploy button is replaced with the badge so your team knows the change is already in review.
Works from Slack Too
The /kestrel Slack command now includes IaC context when answering cloud questions. Ask about your Terraform code from Slack and get the same quality of analysis as the web UI.
Getting Started
Navigate to Integrations → CI/CD in your Kestrel dashboard and click the GitLab card. Authorize with your GitLab account, sync the projects you want to manage, and you're ready to go. For IaC workflows, enable Terraform on each repository and link a cloud account. For GitOps workflows, your synced repositories are immediately available in the Deploy to CI/CD dialog for Kubernetes changes.