Command every repository as one fleet.
- Overview
- Architecture
- Features
- Installation
- Authentication
- Configuration
- Profiles
- Commands
- Common Workflows
- Output Formats
- Safety
- Playbooks
- Development
- Repository Structure
- Contributing
- Security
- Support
- Sponsorship
- License
Gitfleet manages repositories from creation and cloning through collaboration, delivery, security, analytics, and governance. It keeps portable concepts such as changes, pipelines, planning, and development environments consistent while retaining provider-specific capabilities when they exist.
The gitfleet and gf binaries are equivalent. Human-readable output is the
default, and every automation workflow can opt into structured output with
--json.
| Crate | Responsibility |
|---|---|
gitfleet-core |
Provider-neutral entities, capabilities, operations, infrastructure |
gitfleet-providers |
GitHub and GitLab provider clients, wire types, normalization |
gitfleet-cli |
Thin CLI surface over shared operations |
Only gitfleet-providers performs HTTP requests. Unsupported operations return
a capability error instead of pretending another provider supports them.
- Repository lifecycle, cloning, forks, synchronization, stale branches, and multi-repository workspaces.
- Proposed changes, stacked changes, merge queues, reviews, suggestions, issues, discussions, notifications, and mentions.
- Pipeline definitions, runs, logs, artifacts, caches, releases, deployments, environments, registries, and runners.
- Planning boards, milestones, labels, templates, wikis, static sites, and license discovery.
- Dependency review, advisories, attestations, secret scanning, CodeQL, compliance, audit logs, secrets, and variables.
- Repository governance, policies, access management, account keys, analytics, code navigation, snippets, browser integration, and raw provider API access.
- Named profiles, explicit JSON output, terminal themes, aliases, completion, reversible live playbooks.
Gitfleet is a Rust CLI. Install the CLI package from this checkout with Cargo:
cargo install --path gitfleet-cli
gitfleet version
gf versionThis builds optimized release binaries and installs both commands into Cargo's binary directory.
Cargo installs binaries into ~/.cargo/bin; make sure that directory is on
your PATH if the commands are not found.
After pulling new source changes, reinstall the local package to refresh the commands:
cargo install --path gitfleet-cli --forceAuthenticate with a provider token and inspect the resulting profile:
gitfleet auth login --token <token>
gitfleet auth status
gitfleet auth tokenGitHub Enterprise is supported through an explicit host:
gitfleet auth login \
--host github.example.com \
--profile work \
--token <token>For CI, set GITFLEET_GITHUB_TOKEN or GITFLEET_GITLAB_TOKEN. Destructive
operations in JSON or non-interactive mode require --yes.
Choose the narrowest scopes required by the commands you use. For a classic personal access token, the relevant scopes are:
| Scope | Required for |
|---|---|
repo |
Private repositories, changes, issues, code, and CI |
public_repo |
Public-repository access without the full repo scope |
workflow |
Adding or updating workflow files |
notifications |
Inbox notification operations |
read:discussion, write:discussion |
Reading or modifying GitHub discussions |
read:user |
Account and activity information |
read:org |
Organization, team, and runner reads |
admin:org |
Organization membership and team mutations |
read:project, project |
Reading or modifying GitHub planning projects |
gist |
Hosted snippet operations |
read:packages, write:packages |
Reading or publishing package registry content |
delete:packages |
Deleting package versions |
admin:repo_hook, admin:org_hook |
Repository and organization webhook management |
security_events |
Code scanning and security event operations |
read:audit_log |
Organization audit log access |
codespace |
Hosted development environment operations |
admin:public_key, admin:gpg_key |
SSH and GPG key management |
delete_repo |
Destructive repository retirement workflows |
Fine-grained tokens use repository and organization permissions instead of classic scopes. Grant each selected repository the permissions required by the commands you intend to run; some user-scoped endpoints may still require a classic token. See GitHub's official documentation for classic scopes and fine-grained permissions.
Credentials are stored at ~/.config/gitfleet/credentials.toml with mode
0600. Repository-local profile selection uses .gitfleetrc.
Resolution follows explicit flags, environment configuration, the
repository-local profile, the active profile, and then defaults. Repository
targets come from --repo or the current Git remote.
Environment variables:
GITFLEET_GITHUB_TOKENsupplies the GitHub token in automation.GITFLEET_GITLAB_TOKENsupplies the GitLab token in automation.GITFLEET_PROFILEselects a named profile.CI=trueenables non-interactive behavior.
Named profiles support separate provider accounts and hosts:
gitfleet auth login --profile personal --token <token>
gitfleet auth login --profile work --token <token>
gitfleet auth list
gitfleet auth switch work
gitfleet auth detectThe active profile supplies the provider, host, and token for subsequent
operations. auth detect selects a profile from the current repository.
Use gitfleet help for the complete surface or target nested help directly:
gitfleet help
gitfleet help change
gitfleet help pipeline run| Family | Purpose |
|---|---|
auth |
Provider accounts and profiles |
repo |
Repository lifecycle, forks, synchronization, and branches |
change |
Proposed changes, stacks, checks, and merge automation |
review |
Threads, comments, suggestions, reactions, and resolution |
issue, discussion, inbox |
Collaboration and notification workflows |
pipeline |
Definitions, runs, logs, artifacts, and caches |
release, deploy, environment |
Delivery lifecycle |
workspace |
Named fleets and bounded multi-repository execution |
govern, policy |
Fleet governance and repository protection |
planning |
Boards, work items, milestones, and iterations |
wiki, site |
Repository documentation and publishing |
search, code, browse, api |
Discovery, navigation, and provider escape hatches |
label, template, license |
Repository metadata |
deps, advisory, attestation, security |
Dependency and security operations |
registry, dev, runner, webhook |
Build and delivery infrastructure |
secret, variable |
Automation configuration |
access, identity |
Organization access and account keys |
analytics, snippet |
Reporting and hosted snippets |
alias, completion, config, help |
Gitfleet utilities |
version |
Version information |
pipeline definitionmanages pipeline definitions.pipeline runinspects, watches, reruns, and debugs runs.pipeline cachemanages pipeline caches.security audit,security leaks,security dependabot,security compliance, andsecurity codeqlexpose security capabilities.analytics repoandanalytics pipelineprovide repository and pipeline reporting.access organdaccess teammanage organizations, groups, and teams.identity sshandidentity gpgmanage provider account keys.change queue,planning milestone,policy branch, andrepo forkexpose provider capabilities without adding provider-specific root names.
gitfleet change create --title "Add feature"
gitfleet change list --state open
gitfleet change stack create --base main
gitfleet review threads 42
gitfleet review suggest 42 --file src/index.ts --line 12 --body "Use this"gitfleet pipeline definition list
gitfleet pipeline run list
gitfleet pipeline run watch <run-id>
gitfleet pipeline cache inspect
gitfleet release list
gitfleet deploy listgitfleet security compliance check --repos owner/repository
gitfleet security leaks scan --repo owner/repository
gitfleet policy list --repo owner/repository
gitfleet govern report --org examplegitfleet workspace define \
--name platform \
--repos owner/api \
--repos owner/web
gitfleet workspace list
gitfleet workspace run --name platform --command "issue list --state open"Workspace targets may be provider-qualified:
github@github.com:owner/repository
github@github.example.com:platform/repository
Human-readable output is the default:
gitfleet issue listUse structured output explicitly:
gitfleet issue list --jsonGlobal options include:
--jsonfor machine-readable results.--debugfor a redacted diagnostic log.--theme dark|light|autofor terminal color selection.
Destructive human-mode operations request confirmation. JSON and
non-interactive operations require --yes; bulk mutations provide --dry-run
when a useful preview is possible.
Live playbooks under gitfleet-playbooks/ validate command families against
the GitHub API. They require explicit credentials and revert mutations during
teardown.
REPO=owner/test-repository ORG=example bash gitfleet-playbooks/all.sh
SKIP="pipeline-run.sh,planning.sh" bash gitfleet-playbooks/all.sh
PARALLEL=1 bash gitfleet-playbooks/all.shUse a dedicated test repository and review each playbook before running it. Automated tests never make real HTTP requests.
Build release binaries inside the repository when you want to inspect the local artifacts directly:
cargo build --release
./target/release/gitfleet version
./target/release/gf versionRun the required local gates before handing off changes:
cargo fmt --check
cargo clippy -- -D warnings
cargo check
cargo test --workspace
cargo llvm-cov --fail-under-lines 80
cargo build --releaseThe workspace currently lists 2,239 Rust test entries as reported by Cargo:
cargo test --workspace -- --list | grep -c ': test$'Coverage must remain at or above 80 percent. See AGENTS.md for architecture, testing, style, playbook, and release requirements.
gitfleet-core/ provider-neutral entities, capabilities, errors, operations,
infrastructure (config, git, output, prompts, secrets, workspace)
gitfleet-providers/ GitHub and GitLab provider clients, wire types, normalization
gitfleet-cli/ thin CLI surface over shared operations
gitfleet-playbooks/ live API test scripts (bash)
PLAN.md is the Gitfleet refactor contract. ROADMAP.md tracks the Rust
rewrite and GitLab provider.
Read CONTRIBUTING.md before proposing a change.
Report vulnerabilities through the private process in SECURITY.md, not a public issue.
For usage help, run gitfleet help [command...]. For reproducible bugs, open an
issue with the Gitfleet version, operating system, command, expected behavior,
actual behavior, and redacted --debug output.
Gitfleet is maintained by Airscripts. If it helps your team manage repositories more effectively, sponsor ongoing maintenance and provider coverage through GitHub Sponsors.
MIT. See LICENSE.
