book

Automating DevOps with GitLab CI/CD Pipelines

Name: Automating DevOps with GitLab CI/CD Pipelines
ISBN: 9781803233000

by Christopher Cowell, Nicholas Lotz, Chris Timberlake

February 2023

Intermediate to advanced

348 pages

9h 49m

English

Packt Publishing

Read now

Unlock full access

Automating DevOps with GitLab CI/CD Pipelines
Contributors
About the authors
About the reviewers
Preface
Who this book is forWhat this book coversTo get the most out of this bookConventions usedGet in touchShare Your ThoughtsDownload a free PDF copy of this book
Part 1 Getting Started with DevOps, Git, and GitLab
Chapter 1: Understanding Life Before DevOps
Introducing the Hats for Cats web appBuilding and verifying code manuallyBuilding code manuallyVerifying code manuallyMore challenges of verifying codeSecurity-testing code manuallyStatic code analysisSecret detectionDynamic analysisDependency scanningContainer scanningManual security testing summaryPackaging and deploying code manuallyLicense compliance scanningDeploying softwareProblems with manual software development life cycle practicesSolving problems with DevOpsHow GitLab implements DevOpsSummary
Chapter 2: Practicing Basic Git Commands
Technical requirementsWhy use Git?What is a version control system?What problems does a VCS solve?Why Git is popularDrawbacks of GitCommitting code to keep it safeExcluding files from a repositoryTagging commits to identify versions of codeBranching code for developing in an isolated spaceGit commands for managing branchesHandling merge conflictsSyncing local and remote copies of repositoriesThe “golden” repositoryConfiguring remote repositoriesPushingFetchingPullingAdditional resources for learning GitSummary
Chapter 3: Understanding GitLab Components
Technical requirementsEmphasizing the “why” over the “how”Introducing the GitLab platformWhat is GitLab?What problem does GitLab solve?The verify, secure, and release stagesOrganizing work into projects and groupsExample – organizing your Hats for Cats work Tracking work with issuesThe structure of a GitLab issueThe kinds of tasks that issues can representLabelsIssue workflowsEditing files safely with commits, branches, and merge requestsCommit historyMerging one Git branch into anotherThe three amigos – issues, branches, and merge requestsWhen two amigos are enoughHow are issues and merge requests different?Enabling DevOps practices with GitLab flowSummary
Chapter 4: Understanding GitLab’s CI/CD Pipeline Structure
Technical requirementsDefining the terms pipeline, CI, and CDUnderstanding what a pipeline isDefining one pipeline per projectUnderstanding different uses of the term “pipeline”Viewing a list of pipelinesCI – finding out if your code is goodCD – finding out where your code should go (and putting it there)GitLab RunnersParts of a pipeline – stages, jobs, and commandsStagesJobsCommandsFitting the pipeline pieces togetherRunning GitLab CI/CD pipelinesBranch pipelinesGit tag pipelinesOther types of pipelinesSkipping pipelinesReading GitLab CI/CD pipeline statusesConfiguring GitLab CI/CD pipelinesSummary
Part 2 Automating DevOps Stages with GitLab CI/CD Pipelines

Chapter 5: Installing and Configuring GitLab Runners
Technical requirementsDefining GitLab runners and their relationship to CI/CDGitLab Runner is an open source application written in GoGitLab Runner runs CI/CD jobs specified in .gitlab-ci.ymlThe runner architecture and supported platformsGitLab Runner is supported on most platforms and architecturesRunners can be specific, group, or sharedEach runner has a defined executorRunner tags restrict which runners can pick up which jobsInstalling the Runner agentInstalling GitLab RunnerRegistering a runner with GitLabConsiderations regarding the various runner types and executorsPerformance considerationsSecurity considerationsMonitoring considerationsSummary
Chapter 6: Verifying Your Code
Technical requirementsBuilding code in a CI/CD pipelineCompiling Java with javacCompiling Java with MavenCompiling C with Gnu Compiler Collection (GCC)Storing built code as artifactsChecking code quality in a CI/CD pipelineEnabling Code QualityViewing Code Quality resultsRunning automated functional tests in a CI/CD pipelineEnabling automated functional testsViewing automated functional test resultsFuzz testing in a CI/CD pipelineThe architecture and workflow of fuzz testingA fuzz testing workflowViewing the results of fuzz testingExtra considerations when fuzz testingFuzz testing with a corpusChecking accessibility in a CI/CD pipelineEnabling accessibility testingViewing accessibility testing resultsAdditional ways to verify your codeCode coverageBrowser performance testingLoad performance testingSummary
Chapter 7: Securing Your Code
Technical requirementsUnderstanding GitLab’s security scanning strategyGitLab uses open-source scannersScanners are packaged as Docker imagesSome scanners use different analyzers for different languagesVulnerabilities don’t stop the pipelineFindings appear in three different reportsPipelines can use non-GitLab-provided scannersUsing SAST to scan your source code for vulnerabilitiesUnderstanding SASTEnabling SASTConfiguring SASTViewing SAST’s findingsUsing Secret Detection to find private information in your repositoryUnderstanding Secret DetectionEnabling and configuring Secret DetectionViewing Secret Detection’s findingsUsing DAST to find vulnerabilities in web applicationsUnderstanding DASTEnabling and configuring DASTViewing DAST’s findingsUsing Dependency Scanning to find vulnerabilities in dependenciesUnderstanding Dependency ScanningEnabling and configuring Dependency ScanningViewing Dependency Scanning’s findingsUsing Container Scanning to find vulnerabilities in Docker imagesUnderstanding Container ScanningEnabling and configuring Container ScanningViewing Container Scanning’s findingsUsing License Compliance to manage licenses of dependenciesUnderstanding License ComplianceEnabling and configuring License ComplianceViewing License Compliance’s findingsUsing IaC Scanning to find problems in infrastructure configuration filesUnderstanding IaC ScanningEnabling and configuring IaC scanningViewing IaC Scanning’s findingsUnderstanding the different types of security reportsManaging security vulnerabilitiesIntegrating outside security scannersSummary
Chapter 8: Packaging and Deploying Code
Technical requirementsStoring code in GitLab’s package registry for later re-useLocating GitLab’s container and package registriesGetting started with the package registrySupported package formatsAuthenticating to the registryBuilding and pushing packages to the package registryBuilding and pushing packages to the container registryStoring code in GitLab’s container and package registries for later deploymentUsing images from the container registryUsing packages from the package registryDeploying to different environments using GitLab FlowDeploying to a review app for testingDeploying to real-world production environmentsDeploying to a Kubernetes clusterThe CI/CD workflowA GitOps workflowSummary
Part 3 Next Steps for Improving Your Applications with GitLab
Chapter 9: Enhancing the Speed and Maintainability of CI/CD Pipelines
Accelerating pipelines with directed acyclic graphs and parent-child architectureHow to create a DAG in GitLab CIBuilding code for multiple architecturesWhen and how to leverage caching or artifactsCaching characteristicsArtifact characteristicsUsing cachingUsing artifactsLeveraging artifacts as job dependenciesReducing repeated configuration code with anchors and extensionsAnchorsThe extends: keywordReference tagsImproving maintainability by combining multiple pipelines and leveraging parent-child pipelinesLeveraging includes for maintainabilityLeveraging includes for reusabilityIncludes from remote areasLeveraging parent-child pipelinesSecuring and accelerating jobs with purpose-built containersA purpose-built container exampleSummary
Chapter 10: Extending the Reach of CI/CD Pipelines
Using CI/CD pipelines to spot performance problemsHow to integrate browser performance testingHow to integrate load performance testing with k6Using feature flags to allow business-driven release decisionsHow to configure your application for feature flagsIntegrating third-party tools into your CI/CD pipelinesCreating our tool container’s DockerfileAutomating our container’s buildContainer scanningInvoking the third-party toolUsing CI/CD pipelines for developing mobile appsRequirementsFastlaneFastlane – deploymentFastlane – automated testingSummary
Chapter 11: End-to-End Example
Technical requirementsSetting up your environmentMaking a GitLab projectPlanning work with GitLab issuesSetting up a local Git repositoryWriting codeCreating a Git branch to work onCreating an MRCommitting and pushing codeEstablishing the pipeline infrastructureCreating a pipelineCreating a runnerVerifying your codeAdding functional tests to the pipelineAdding Code Quality scanning to the pipelineAdding a fuzz test to the pipelineSecuring your codeAdding SAST to the pipelineAdding Secret Detection to the pipelineAdding Dependency Scanning to the pipelineAdding License Compliance to the pipelineIntegrating a third-party security scanner into the pipelineImproving your pipelineUsing a DAG to speed up the pipelineBreaking the pipeline into several filesDelivering your code to the right environmentDeploying the codeSummary
Chapter 12: Troubleshooting and the Road Ahead with GitLab
Technical requirementsTroubleshooting and best practices for common pipeline problemsTroubleshooting CI/CD syntax and logicTroubleshooting pipeline operation and runner assignmentManaging your operational infrastructure using GitOpsUsing Terraform to deploy and update infrastructure stateUsing Ansible to manage resource configurationsFuture industry trendsAutomation will create more software at a larger scaleAbstraction will lead to everything-as-code business modelsReduced cycle time will help teams release better software fasterConclusion and next steps
Index
Why subscribe?
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Overview

Discover how to automate your CI/CD processes with GitLab CI/CD pipelines in 'Automating DevOps with GitLab CI/CD Pipelines'. This book teaches you how to handle the full software development lifecycle using GitLab-covering everything from source control to deploying robust, secure applications.

What this Book will help me do

Master GitLab CI/CD pipeline creation and management.
Improve your software lifecycle automation using GitLab.
Secure your deployments with built-in tools and best practices.
Deploy on advanced infrastructure like Kubernetes easily.
Understand troubleshooting and best practices for CI/CD pipelines.

Author(s)

Christopher Cowell, Nicholas Lotz, and Chris Timberlake bring years of experience in DevOps, software development, and automation. Their expertise lies in creating efficient CI/CD workflows and educating professionals through simple and practical examples. They aim to make learning DevOps approachable and rewarding.

Who is it for?

Targeted at developers, release engineers, and DevOps professionals, this book suits individuals keen to enhance their automation skills. Whether you're new to CI/CD pipelines or looking to master GitLab-specific features, this guide is tailored for you. It assumes some familiarity with DevOps principles but caters to a wide range of experience levels. Perfect for those aiming to optimize their workflows with GitLab.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781803233000

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills