PatchPatrol

Quick Start

Introduction

PatchPatrol runs AI review as a supported public path: GitLab artifact-first CI. Start by pulling the registry image, wiring the merge request job, and reading the generated artifacts before enabling optional delivery modes.

PatchPatrol is a product by aistack. Visit the PatchPatrol website or contact PatchPatrol for product context.

PatchPatrol has four starting points:

Workspace admin

Prepare registry access, CI variables, and the supported GitLab review job.

Developer user

Run the merge request path and read the artifacts once access is ready.

First output

Open `ai-review.md` first, then use `ai-review.json` when structured detail matters.

Troubleshooting

Recover when setup, artifacts, provider trust gates, or delivery do not match the baseline.

Want to learn more?

New to PatchPatrol? Read What is PatchPatrol?, then return here for the artifact-first rollout steps.

Docker Authentication

Registry access: because GitLab pulls the job image before script runs, configure DOCKER_AUTH_CONFIG as a masked GitLab CI/CD variable, not inside .gitlab-ci.yml.

Create the variable value locally from your registry username and password:

AUTH="$(printf '%s:%s' "$PATCHPATROL_REGISTRY_USERNAME" "$PATCHPATROL_REGISTRY_PASSWORD" | base64 | tr -d '\n')"
printf '{"auths":{"registry.patchpatrol.ai":{"auth":"%s"}}}\n' "$AUTH"

Add the printed JSON as the value of a masked DOCKER_AUTH_CONFIG variable in GitLab project or runner settings. The job below can then pull registry.patchpatrol.ai/patchpatrol:latest before script starts.

Pipeline Config

# .gitlab-ci.yml (excerpt)
patchpatrol_review:
  image: registry.patchpatrol.ai/patchpatrol:latest
  rules:
    - if: $CI_MERGE_REQUEST_IID
  variables:
    AI_REVIEW_OUTPUT_DIR: .ai-review
    AI_REVIEW_FEEDBACK_MODE: artifact-only
    AI_REVIEW_PROVIDER: openai
    AI_REVIEW_MODEL: gpt-4o-mini
  script:
    - ai-review run --mode mr
  artifacts:
    when: always
    paths:
      - .ai-review/ai-review.md
      - .ai-review/ai-review.json

Review MR comments

Start with the artifact output created by the merge request job. Open .ai-review/ai-review.md for the human-readable review and .ai-review/ai-review.json for structured detail. If you later enable merge request comments, use Feedback modes after the artifact-first baseline is working.

# quick validation before the first review run
ai-review test --gitlab-readiness

Most clients should use latest so they receive ongoing review-process improvements. Replace latest with vX.Y.Z only when you need a specific patch version. Keep AI_REVIEW_FEEDBACK_MODE set to artifact-only for your first rollout. Supported public path: GitLab artifact-first

Continue setup

Operator map

Use these paths when the first artifact-first run is moving from setup into team usage.

Access and rolesInstallation and upgradesRelease and versioningFeedback modes

For role handoff and optional delivery after the first artifact-first run, use Access and roles and Feedback modes.

If the first run fails, artifacts are missing, or GitLab delivery does not match the expected artifact-first baseline, go straight to Troubleshooting before widening the rollout.

Reference paths

Before rollout

What is PatchPatrol?Concepts

Support contract

Supported runtime and operating modesConfiguration reference

FAQ

What is PatchPatrol

A practical introduction to bounded AI review for GitLab merge requests.

On this page

IntroductionDocker AuthenticationPipeline ConfigReview MR commentsContinue setupReference pathsFAQ