	In Browser
	StumbleUpon
	del.icio.us
	Google
	Google Buzz
	reddit
	LinkedIn

	Facebook
	Twitter
	Linkedin
	E-Mail

Generative AI > Google Gemini API > ADK with Cloud Build for CI/CD Pipelines

ADK with Cloud Build for CI/CD Pipelines

Author: Venkata Sudhakar

ADK agents can participate directly in CI/CD pipelines as intelligent steps - reviewing code changes for quality issues, generating missing tests, validating deployment configurations, and summarising what changed in each release. This turns Cloud Build from a pure automation engine into an intelligent delivery pipeline that catches problems before they reach production.

ShopMax India integrated an ADK agent into its Cloud Build pipeline for the e-commerce backend. The agent runs as a build step after unit tests pass. It reviews the diff, checks for security issues, validates that database migrations are backwards-compatible, and posts a structured summary to the team Slack channel. This step has caught 3 production incidents per month on average since deployment.

The below example shows a Cloud Build configuration that calls an ADK agent as an intelligent review step in the pipeline.

It gives the following output,

Step #0 - unit-tests: ........... 47 passed in 12.3s
Step #1 - adk-code-review: Running ADK review agent...
Step #1 - adk-code-review: Review complete. Score: 8/10. 1 warning found.
Step #2 - deploy: Deploying to shopmax-prod cluster...
Step #2 - deploy: Deployment successful.

The below example shows the Python review script that runs as the ADK build step, analysing the git diff and posting results.

import argparse
import vertexai
from vertexai.generative_models import GenerativeModel
import json, sys

vertexai.init(project="shopmax-india", location="asia-south1")
model = GenerativeModel("gemini-2.0-flash")

def review_diff(diff_text: str, commit_sha: str, branch: str) -> dict:
    prompt = f"""Review this Python code diff for a production e-commerce system.
Return ONLY a JSON object with:
- score: integer 1-10 (code quality)
- security_issues: list of security concerns (strings)
- migration_risks: list of database migration risks (strings)
- breaking_changes: list of API breaking changes (strings)
- summary: 2-3 sentence plain English summary of what changed
- recommendation: "approve" / "warn" / "block"
- block_reason: reason if recommendation is block, else null

Commit: {commit_sha[:8]}
Branch: {branch}

Diff:
{diff_text[:8000]}

JSON:
"""

response = model.generate_content(
        prompt,
        generation_config={"temperature": 0.1, "response_mime_type": "application/json"}
    )
    return json.loads(response.text)

if __name__ == "__main__":
    parser = argparse.ArgumentParser()
    parser.add_argument("--diff")
    parser.add_argument("--commit")
    parser.add_argument("--branch")
    args = parser.parse_args()

diff = open(args.diff).read()
    result = review_diff(diff, args.commit, args.branch)

print(f"Review complete. Score: {result['score']}/10.")
    if result["security_issues"]:
        print(f"Security: {result['security_issues']}")
    if result["migration_risks"]:
        print(f"Migration risks: {result['migration_risks']}")
    print(f"Summary: {result['summary']}")

if result["recommendation"] == "block":
        print(f"BLOCKED: {result['block_reason']}")
        sys.exit(1)  # Fail the build step
    elif result["recommendation"] == "warn":
        print(f"{len(result['security_issues']) + len(result['migration_risks'])} warning found.")

It gives the following output,

Review complete. Score: 8/10.
Migration risks: ['Column orders.status changed from VARCHAR(20) to VARCHAR(50) - verify rollback plan']
Summary: Added bulk order status update endpoint with rate limiting. Extended
  status field length for new cancellation sub-states. No API contract changes.
1 warning found.

The build step exits with code 1 when the agent issues a block recommendation, which halts the entire Cloud Build pipeline before deployment. For ShopMax India, this has caught SQL injection vulnerabilities in ORM queries, detected missing database rollback scripts, and flagged a breaking change in the orders API that would have silently broken the mobile app. The cost of the ADK review step is under Rs 2 per pipeline run - negligible compared to the cost of a production incident.

Send your comments, suggestions or queries regarding this site to [email protected].