How to Build a Custom AI Quality Gate on Cloud own way

In my previous article about treating architecture documentation as a first-class asset, I had a great discussion in the comments about enforcing architectural rules. I promised to share materials from my recent Google Developer Groups workshop.

The workshop is now finished! Here is the story of how I built an AI Quality Gate, how it helped me solve the internal "CEO, CTO, CFO, CISO" conflict, and a summary of the live demonstration.

Playground repositories with source code:

The Backstory: Mentoring and the

I work as a DevSecOps engineer, but in my free time, I mentor for Technovation Girls, a global program that helps young women learn tech and STEM. Because we always need more IT mentors, I built an AI mentor bot to help the students.
Building this bot had two big challenges:

Safety: Because children use it, it had to be completely safe from AI hallucinations.
Budget: Because I pay for it myself, it had to be very cheap.

The bot was a big success. Using Google Cloud Run and Vertex AI, it handled 250 users and answered 1,500 questions for only about \(25-\)55 a month.

However, when I tried to add new features quickly, I faced a big problem. With only 1-2 hours of free time a day for this project, I experienced a harsh "CEO, CTO, CFO, CISO" conflict in my own head:

The CTO wanted to write code and ship features fast.
The CISO wanted to stop releases to make sure everything was secure.
The CFO wanted to keep cloud costs low.
The CEO wanted the product to grow and succeed.

The Solution: What is an AI Quality Gate?

To solve the "CEO, CTO, CFO, CISO" conflict, I created an AI Quality Gate.
An AI Quality Gate is a custom microservice that automatically reviews code for architecture, security, and costs (FinOps). It is built on Google Cloud Run and uses Vertex AI (Gemini).