OpenSource compliance CLI
for GitLab CI/CD
Analyze your GitLab CI/CD pipelines for security and compliance: pipeline composition (templates, components, version constraints), container images (mutable tags, trusted registries), and branch protection settings.
How it works
Plumber scans your GitLab CI/CD configuration
Analyze your pipelines for security and compliance issues with automated checks.
Pipeline composition
Detects hardcoded jobs in the .gitlab-ci.yml and verifies that all required template and component modules are included, up to date and do not follow unauthorized patterns (latest, main, etc.)
CI/CD container images
Detects container images using mutable tags that can change unexpectedly. Ensures images come from trusted registries only.
Access and authorization
Verifies that critical branches have proper protection settings.
Quick Start
Get started in minutes
Set up Plumber in your GitLab CI/CD pipeline with just a few simple steps.
Setup Plumber in your GitLab project
Add the Plumber component to your pipeline and configure controls (registries, branch protection, etc.).
Run your CI/CD pipeline
Plumber runs as part of your pipeline and scans your CI configuration and job definitions.
Get your compliance report
View results in the job output or download the report artifact for audit and remediation.
