Quality assurance · Production

Cloudflare builds an internal AI engineering stack achieving 93% R&D adoption in under a year

The problem

Cloudflare needed to build the internal MCP servers, access layer, and agentic tooling to make AI coding genuinely useful at scale, while early coding agents produced contextually incorrect changes because they lacked structured knowledge about individual repositories.

First attempt

Early in the rollout, coding agents repeatedly produced plausible-looking but wrong changes because they lacked local context: the correct test command, team conventions, and which parts of the codebase were off-limits.

Workflow diagram · grounded in source
1
One-command authenticated setup
trigger
“The entire setup starts with one command: opencode auth login https://opencode.internal.domain. That command triggers a chain that configures providers, models, MCP servers, agents, commands, and permissions, without the user touching a …”
2
Centralized LLM routing via AI Gateway
integration
“every LLM request routes through AI Gateway. This gives us a single place to manage provider keys, cost tracking, and data retention policies.”
3
Agent reads repo and org context
ai_action
“when an agent can pull context from Backstage, read AGENTS.md for the repo it's editing, and get reviewed against Codex rules by the same toolchain, the first draft is usually close enough to ship”
4
Multi-agent MR classification and review
ai_action
“The coordinator classifies the MR by risk tier (trivial, lite, or full) and delegates to specialized review agents: code quality, security, codex compliance, documentation, performance, and release impact. Each agent connects to the AI G…”
5
Structured findings posted as MR comments
output
“Results are posted back as structured MR comments. We spent time getting the output format right. Reviews are broken into categories (Security, Code Quality, Performance) so engineers can scan headers rather than reading walls of text. E…”
6
Stale AGENTS.md flagged for update
feedback_loop
“A stale AGENTS.md can be worse than no file at all. We closed that loop with the AI Code Reviewer, which can flag when repository changes suggest that AGENTS.md should be updated.”
Reported outcome

Within less than a year, 93% of Cloudflare's R&D organization adopted the AI coding stack and merge-request volume nearly doubled from the Q4 baseline, with 100% CI coverage by the AI Code Reviewer.

Reported metrics
R&D team AI tool adoption93%
company-wide AI tool adoption60% company-wide
active AI coding tool users3,683
AI requests (30 days)47.95 million
Show all 20 reported metrics
R&D team AI tool adoption93%
company-wide AI tool adoption60% company-wide
active AI coding tool users3,683
AI requests (30 days)47.95 million
teams using agentic AI tools295
AI Gateway requests per month20.18 million
tokens routed through AI Gateway (30 days)241.37 billion
tokens processed on Workers AI (30 days)51.83 billion
merge request weekly peak10,952
merge request volume vs Q4 baselinenearly double the Q4 baseline
merge request 4-week rolling average growthclimbed from ~5,600/week to over 8,700
AI code reviewer CI pipeline coverage100%
Workers AI cost savings vs mid-tier proprietary model77% cheaper
estimated annual cost on mid-tier proprietary model (security agent)$2.4M per year
security agent daily token processingover 7 billion tokens per day
repositories processed for AGENTS.mdroughly 3,900
AI Gateway requests for code reviewer (30 days)5.47M
tokens processed by code reviewer (30 days)24.77B
Workers AI share of reviewer trafficabout 15%
time to reach 93% R&D adoptionless than a year
Reported stack
OpenCodeWindsurfAI GatewayWorkers AICloudflare AccessKimi K2.5Agents SDKDurable ObjectsWorkers KVD1BackstageGitLabHonoBazelMcpAgentCode ModeOpus 4.6GPT 5.4JiraSentryElasticsearchPrometheusGoogle Workspace
Source
https://blog.cloudflare.com/internal-ai-engineering-stack/
Read source ↗

Frequently asked questions

What did this team achieve with this AI workflow?

Within less than a year, 93% of Cloudflare's R&D organization adopted the AI coding stack and merge-request volume nearly doubled from the Q4 baseline, with 100% CI coverage by the AI Code Reviewer.

What tools did this team use?

OpenCode, Windsurf, AI Gateway, Workers AI, Cloudflare Access, Kimi K2.5, Agents SDK, Durable Objects, Workers KV, D1.

What results were reported?

R&D team AI tool adoption: 93%; company-wide AI tool adoption: 60% company-wide; active AI coding tool users: 3,683; AI requests (30 days): 47.95 million (source-reported, not independently verified).

What failed first in this deployment?

Early in the rollout, coding agents repeatedly produced plausible-looking but wrong changes because they lacked local context: the correct test command, team conventions, and which parts of the codebase were off-limits.

How is this quality assurance AI workflow structured?

One-command authenticated setup → Centralized LLM routing via AI Gateway → Agent reads repo and org context → Multi-agent MR classification and review → Structured findings posted as MR comments → Stale AGENTS.md flagged for update.