ragidi
← back

Enhancing Quality and Security in CI: Gunjan Patel

2.2K views · Nov 27, 2024 · 18:27 min · Watch on YouTube ↗
Takeaway

Use CI's slack time as the venue for slow, deliberate AI passes (rename/comment/test/security) — Copilot does the fast thinking, GhostPilot does the slow thinking.

Summary

  • Palo Alto Networks director proposes a 'GhostPilot' (vs. Copilot) — slow-thinking AI in CI that improves variable names, regenerates code comments, and adds tests as a PR is opened.
  • Multi-step unit-test generation: LLM first extracts intent → adversarial pass lists edge cases (UTF-8, min/max, boundaries) → personalize from team priorities (context.yaml) and historic Jira bug patterns → finally generate and loop until tests pass.
  • Context.yaml describes cloud provider, service type, PII presence, deployment target, security policies, Slack channels and Jira project so AI pulls follow-up context; references open-context.org by Quinn.
  • Adds a separate AI security-review pass identifying issues per environment context and proposing fixes (not auto-fixing) for human approval, then re-runs tests.
ci-cdai-testingsecurity
Original description 
Learn how AI can enable code to self-improve in readability and security. This session explores the integration of AI into CI/CD pipelines with innovative prompting techniques for improving variable names, automating code comments, adding unit tests, and autonomously identifying and fixing security vulnerabilities. Discover practical methods for integrating AI with developer workflows, resulting in code that evolves and improves with minimal manual intervention. This approach makes software development more efficient and secure. Attendees will walk away with a plug-and-play CI template with a Bring-Your-Own-LLM option that can be integrated into their own CI pipelines.

Recorded live in San Francisco at the AI Engineer World's Fair. See the full schedule of talks at https://www.ai.engineer/worldsfair/2024/schedule & join us at the AI Engineer World's Fair in 2025! Get your tickets today at https://ai.engineer/2025

About Gunjan
Gunjan has extensive experience as a developer, architect, developer relations, and engineering leader at both startups and large corporations. He has contributed to open source projects and has expertise in containers, Kubernetes, and the cloud ecosystem. Currently, Gunjan serves as the Director of Engineering at Palo Alto Networks working on integration of AI for Developer Productivity. He is passionate about GenerativeAI and how it can revolutionize development, cloud computing, and security.