Skip to main content

🚀 Beta: All Pro and Team features are free. Install on GitHub →

GitLab CI/CD

CodeRifts for GitLab — API Governance on Every Merge Request

Add the CodeRifts CI/CD component to your .gitlab-ci.yml and catch breaking API changes before they reach production. Three steps, five minutes.

View Component on GitHub Setup Guide ↓

Setup in 3 Steps

No native app to install. Just add the component to your pipeline.

1

Get a free API key

Sign up at app.coderifts.com/api/signup to get your API key.

2

Add CODERIFTS_API_KEY as a CI/CD variable

Go to Settings → CI/CD → Variables in your GitLab project and add the key as a masked variable.

3

Add the component to .gitlab-ci.yml

include:
  - component: gitlab.com/coderifts/gitlab-ci-component/coderifts@main
    inputs:
      api_key: $CODERIFTS_API_KEY

stages:
  - test

Every Merge Request will now run a CodeRifts check automatically.

What It Does

On every Merge Request, CodeRifts analyzes your OpenAPI specs and reports:

Breaking Changes

Detects 10 types of breaking changes: endpoint removals, type changes, required field additions, and more.

Risk Scoring

Calculates a 0–100 risk score across 4 dimensions so you know exactly how dangerous a change is.

Policy Enforcement

Checks policy violations from your .coderifts.yml — breaking budgets, freeze windows, no-delete rules.

Security Analysis

Catches auth regressions, sensitive field exposure, and security-critical schema changes.

Alternative: Use the REST API Directly

If you prefer to call the API directly instead of using the CI/CD component:

# .gitlab-ci.yml
stages:
  - test

api-contract-check:
  stage: test
  image: curlimages/curl:latest
  variables:
    CODERIFTS_API_KEY: $CODERIFTS_API_KEY
  script:
    - |
      RESULT=$(curl -sf -X POST \
        https://app.coderifts.com/api/diff \
        -H "Authorization: Bearer $CODERIFTS_API_KEY" \
        -H "Content-Type: application/json" \
        -d "{
          \"base\": \"$CI_MERGE_REQUEST_TARGET_BRANCH_NAME:api/openapi.yaml\",
          \"head\": \"api/openapi.yaml\"
        }")
      echo "$RESULT" | python3 -m json.tool
      BREAKING=$(echo "$RESULT" | python3 -c \
        "import sys,json; print(json.load(sys.stdin).get('summary',{}).get('breaking',0))")
      if [ "$BREAKING" -gt 0 ]; then
        echo "ERROR: $BREAKING breaking change(s) detected"
        exit 1
      fi
  rules:
    - if: $CI_MERGE_REQUEST_IID
      changes:
        - "api/**/*.yaml"
        - "api/**/*.json"

See the REST API documentation for full details.

Start protecting your APIs in GitLab today.

Add the CI/CD component, get your free API key, and catch breaking changes on every Merge Request.

Get API Key — Free View Component →