OpenSource compliance CLI
for GitLab CI/CD
Analyze your GitLab CI/CD pipelines for security and compliance issues. Scan for mutable image tags, untrusted registries, and branch protection compliance.
How it works
Plumber scans your GitLab CI/CD configuration
Analyze your pipelines for security and compliance issues with automated checks.
Mutable Image Tags
Flags 'latest', 'dev', and other non-reproducible tags to ensure your pipelines use versioned images.
Untrusted Image Registries
Ensures images come from approved sources. Configure trusted registries and block unauthorized sources.
Branch Protection Compliance
Verifies critical branches are properly protected according to your organization's security policies.
Quick Start
Get started in minutes
Set up Plumber in your GitLab CI/CD pipeline with just a few simple steps.
Setup Plumber in your GitLab project
Add the Plumber component to your pipeline and configure controls (registries, branch protection, etc.).
Run your CI/CD pipeline
Plumber runs as part of your pipeline and scans your CI configuration and job definitions.
Get your compliance report
View results in the job output or download the report artifact for audit and remediation.