Spec Marketplace Progress Security GitHub X LinkedIn Bluesky
Public beta · Building in the open

CI/CD that runs inside

the tools you already use.

LabHit adds portable, isolated, policy-checked builds to GitHub and your existing pipelines — the same pipeline, the same result, on any CI and any cloud. Run it as a layer, or run it standalone.

Plug-and-play Portable Secure Standalone-ready
Try the beta → Read the spec
Why LabHit

A layer on top of the CI you already run.

Connect your repo or add one step. The same pipeline runs the same way everywhere — and you can run it on its own whenever you want.

🔌

Plug-and-play

Connect your GitHub repo, or add one step to your workflow.

🔗

Portable

Define once. Run on any CI, any cloud, or your own machine.

🛡

Secure

Isolated execution, policy checks, and signed build provenance — on every run.

📦

Standalone-ready

Want to run it on its own? It is a single binary.

Pipeline Format

Define stages, not workflows

Each stage declares what to run — an extension or a shell command. Wire dependencies with after. The scheduler builds a DAG and runs independent stages in parallel.

pipeline.yaml 
engine: "1"

pipeline:
  name: build-and-deploy

stages:
  fetch:
    use: source/git
    with:
      depth: 1

  test:
    after: [fetch]
    run: cargo test --workspace
    sandbox:
      image: rust:1.93-slim

  build:
    after: [test]
    use: build/container
    with:
      dockerfile: Dockerfile

  scan:
    after: [test]
    use: scan/trivy

  deploy:
    after: [build, scan]
    use: deploy/kubernetes
    gate:
      approval: required
Scheduler DAG
fetch
test
build
scan
⚖ deploy
The Extension Model

From smart contracts to model training. One pipeline.

The engine ships with zero built-in integrations. Every capability is an extension you install by name: source/git for checkout, build/container for Docker builds, deploy/ethereum for smart contracts.

Ship Solidity to mainnet. Train PyTorch models. Run security audits. 77 extensions planned across DevOps, blockchain, machine learning, and security — all sandboxed, all composable.

Browse the extension interface →
source/git
Source
build/container
Build
build/solidity
Blockchain
🧠
train/pytorch
Machine Learning
🔍
scan/trivy
Scan
deploy/ethereum
Blockchain
deploy/kubernetes
Deploy
🔐
scan/sast
Security
Extension Marketplace

The app store for CI/CD.

Browse, install, and publish extensions across 15 categories. Build in any language that compiles to WASM.

Blockchain

Solidity builds, Foundry tests, Ethereum & Solana deploys, gas audits, Etherscan verification.

🧠

Machine Learning

PyTorch training, ONNX builds, model validation gates, GPU containers, inference deployment.

🛡

Security

SAST, DAST, dependency scanning, secret detection, license gates, CIS benchmarks.

Build extensions. Sell them. Keep 85%.

77 extensions planned across 15 categories. Publish for free or sell with Dev Pro.

Browse extensions → Publish yours
Portability

One binary. Three modes.

Same config. Same extensions. Same results. Scale when you need to.

01

Local

SQLite · Embedded

Run on your laptop. Zero infrastructure. Start with labhit run and watch your pipeline execute.

02

Standalone

PostgreSQL · Single Node

Deploy to a server. Same binary, same config. Add a database for persistence and your team is running.

03

Cluster

PostgreSQL · Distributed

Scale horizontally. High availability, distributed scheduling, same extensions. The config never changes.

The config never changes. Only the infrastructure beneath it does.

Progress

Where we are

Built in the open. Shipped when ready. Follow our engineering milestones.

7
Shipped
3
Building
5
Planned
Pipeline engineShipped
Extension system & marketplaceShipped
Policy & isolated executionShipped
Live build logsShipped
WebhooksShipped
Sign-in & accountsShipped
Public beta API & dashboardShipped
GitHub integration — run on every push, results as a status checkBuilding
Connect-your-repo flowBuilding
Per-repo secretsBuilding
LabHit step for your existing workflowPlanned
Bring your existing pipeline (import your current config)Planned
Deploy to any cloudPlanned
Run portably across any CIPlanned
Standalone mode, documentedPlanned

Run it as a layer.
Or run it standalone.

Add LabHit to the CI you already use, or run it on its own as a single binary. Try the public beta or read the open specification.

Try the beta → Read the spec
One email when we launch. No spam, no newsletter.