Foundational flows

  • Tier: Premium, Ultimate
  • Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated

Foundational flows are built and maintained by GitLab and display a GitLab-maintained badge ( tanuki-verified ).

Each flow is designed to solve a specific problem or help you with a development task.

The following foundational flows are available:

Configure flow execution CI/CD details

You can configure the environment where flows use CI/CD to execute.

For example, on GitLab Self-Managed, administrators can configure a custom container registry for foundational flow images.

For more information, see Configure flow execution.

Security for foundational flows

In the GitLab UI, foundational flows have access to the following GitLab APIs:

Service accounts

Foundational flows use a service account to complete tasks. For more information, see composite identity workflow.

When foundational flows create merge requests, the merge request is attributed to the service account. This means the user who triggered the flow can approve and merge AI-generated code. Organizations with SOC 2, SOX, ISO 27001, or FedRAMP requirements should review the compliance considerations and implement appropriate approval policies.

Turn foundational flows on or off

You can turn foundational flows on or off:

  • On GitLab.com: For top-level groups and projects.
  • On GitLab Self-Managed: For instances, groups, and projects.

You can also turn flow execution on or off to control whether features that consume compute minutes can run in the GitLab UI. These features include external agents, foundational flows, and custom flows.

On GitLab.com

Prerequisites:

  • The Owner role for the top-level group.
  1. On the top bar, select Search or go to and find your top-level group.
  2. Select Settings > GitLab Duo.
  3. Select Change configuration.
  4. Under Flow execution, select the Allow flow execution and Allow foundational flows checkboxes.
  5. Select the checkbox for each foundational flow you want to turn on.
  6. Select Save changes.

When you turn off foundational flows for a top-level group, users with that group as their default GitLab Duo namespace cannot access foundational flows in any namespace.

Prerequisites:

  • The Owner or Maintainer role for the project.
  • Flow execution and foundational flows turned on for the top-level group.
  1. On the top bar, select Search or go to and find your project.
  2. Select Settings > General.
  3. Expand GitLab Duo.
  4. Turn on the GitLab Duo, Allow flow execution, and Allow foundational flows toggles.
  5. Select Save changes.

On GitLab Self-Managed

Prerequisites:

  • Administrator access.
  1. In the upper-right corner, select Admin.
  2. On the left sidebar, select GitLab Duo.
  3. Select Change configuration.
  4. Under Flow execution, select the Allow flow execution and Allow foundational flows checkboxes.
  5. Select Save changes.

Prerequisites:

  • Administrator access.
  • Flow execution and foundational flows turned on for the instance.
  1. On the top bar, select Search or go to and find your group.
  2. Select Settings > General.
  3. Expand GitLab Duo features.
  4. Under Flow execution, select the Allow flow execution and Allow foundational flows checkboxes.
  5. Select the checkbox for each foundational flow you want to turn on.
  6. Select Save changes.

When turned on for the group, foundational flows are available to all subgroups and projects.

Prerequisites:

  • The Owner or Maintainer role for the project.
  • Flow execution and foundational flows turned on for the instance and group.
  1. On the top bar, select Search or go to and find your project.
  2. Select Settings > General.
  3. Expand GitLab Duo.
  4. Turn on the GitLab Duo, Allow flow execution, and Allow foundational flows toggles.
  5. Select Save changes.