0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Automating DevOps with GitLab CI/CD Pipelines

You're reading from Automating DevOps with GitLab CI/CD Pipelines Build efficient CI/CD pipelines to verify, secure, and deploy your code using real-life examples

Product type Paperback

Published in Feb 2023

Publisher Packt

ISBN-13 9781803233000

Length 348 pages

Edition 1st Edition

Tools

Gitlab

Concepts

DevOps

Authors (3):

Chris Timberlake

Christopher Cowell

Nicholas Lotz

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1 Getting Started with DevOps, Git, and GitLab

2. Chapter 1: Understanding Life Before DevOps FREE CHAPTER

3. Chapter 2: Practicing Basic Git Commands

4. Chapter 3: Understanding GitLab Components

5. Chapter 4: Understanding GitLab’s CI/CD Pipeline Structure

6. Part 2 Automating DevOps Stages with GitLab CI/CD Pipelines

7. Chapter 5: Installing and Configuring GitLab Runners

8. Chapter 6: Verifying Your Code

9. Chapter 7: Securing Your Code

10. Chapter 8: Packaging and Deploying Code

11. Part 3 Next Steps for Improving Your Applications with GitLab

12. Chapter 9: Enhancing the Speed and Maintainability of CI/CD Pipelines

13. Chapter 10: Extending the Reach of CI/CD Pipelines

14. Chapter 11: End-to-End Example

15. Chapter 12: Troubleshooting and the Road Ahead with GitLab

16. Index

Why subscribe?

17. Other Books You May Enjoy

Securing your code

For this sample use case, you’re going to add four scanners to your pipeline: Static Application Security Testing (SAST), Secret Detection, Dependency Scanning, and License Compliance. You’ll also review how to add a third-party scanner.

Adding SAST to the pipeline

In general, adding a GitLab-provided security scanner to a pipeline is a trivial process. To enable SAST and make sure our Hats for Cats source code doesn’t contain security vulnerabilities, we simply need to include a new template in .gitlab-ci.yml on the add-login-feature branch. Add this line anywhere within the existing include: section, making sure that it’s indented correctly:

    - template: Security/SAST.gitlab-ci.yml

This enables SAST, but we also want to configure it so that it doesn’t scan our automated test file or our fuzz target file. The GitLab documentation tells us which variable to set to accomplish this. Add a new section...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (3)

Christopher Cowell

Christopher Cowell

Christopher Cowell is a former trainer at GitLab, now building educational content at Instabase. He also worked for two decades as a research and development scientist, consultant, and QA Engineer at companies such as Accenture, Oracle, and Puppet. He thinks the software industry undervalues code quality and thoughtful design, and overvalues delivering mediocre code quickly. Slow down, simplify, and get it right! He holds a Ph.D. in Philosophy from Berkeley and a B.A. in Computer Science from Harvard. He lives in Portland, Oregon.

See other products by Christopher Cowell

Chris Timberlake

Chris Timberlake

Chris Timberlake is a Senior Solutions Architect at GitLab where he works closely with the Product, Services, and Sales teams. Previously, he has worked with Red Hat as a Senior Consultant, where he owned and managed a Digital Marketing firm, and has a background in Security and Law Enforcement. Chris loves technical engineering problems and does whatever possible to have successful customer outcomes. Chris is passionate about open source software, collaborative development, and education. Chris lives in Chattanooga, Tennessee with his family.

See other products by Chris Timberlake

Nicholas Lotz

Nicholas Lotz

Nicholas Lotz is a technical trainer at GitLab, where he teaches organizations how to use GitLab to build and ship better software. He has previously worked as a systems engineer, trainer, and consultant in the software infrastructure space. He is passionate about open source and its capacity to help teams innovate. Nicholas holds a B.S. in Chemical Engineering from the University of Pittsburgh. He lives in Nashville, Tennessee with his Labrador retriever.

See other products by Nicholas Lotz

Personalised recommendations for you

Based on your interests and search pattern

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Network Automation with Nautobot

Network Automation with Nautobot

This book will help you understand why a network source of truth is needed for long-term network automation success, which will in turn save you hundreds of hours in deploying and integrating Nautobot into network automation.

May 2024 27h 12m

NGINX HTTP Server

NGINX HTTP Server

Explore the power of NGINX with this guide covering an array of essential practical topics, including securing your infrastructure with automatic TLS certificates, placing NGINX in front of your existing applications, and much more.

May 2024 8h 44m

Mastering Azure Virtual Desktop

Mastering Azure Virtual Desktop

This updated edition will help you plan an Azure Virtual Desktop Architecture, implement its infrastructure, and manage its access and security. With content aligned with the exam objectives, it'll help you ace the Microsoft AZ-140 exam.

Jul 2024 23h 56m

Learn Ansible will teach you how to write Ansible Playbooks for deploying simple apps. This updated edition covers the latest Ansible features, helping you confidently implement Ansible in your daily workflows.

May 2024 13h 48m

HashiCorp Terraform Associate (003) Exam Guide

HashiCorp Terraform Associate (003) Exam Guide

This book will help you explore HashiCorp Terraform and prepare for Associate (003) certification, from understanding core concepts to advanced modules. You'll gain hands-on expertise, troubleshoot with confidence, and more.

May 2024 11h 28m

Kubernetes – An Enterprise Guide

Kubernetes – An Enterprise Guide

Navigate the complexities of Kubernetes and fully leverage its capabilities for enterprise applications. This edition dives into advanced deployments, groundbreaking techniques, and insights that will elevate your skills and redefine your expertise.

Aug 2024 22h 44m

Atlassian DevOps Toolchain Cookbook

Atlassian DevOps Toolchain Cookbook

Master setting up a DevOps toolchain using Atlassian tools and Open DevOps as a framework with this recipe-driven guide to automated testing, integration, deployment, observability, and incident management for streamlining development processes.

Jul 2024 16h 48m

AWS Certified Developer Associate Certification and Beyond

AWS Certified Developer Associate Certification and Beyond

This is your guide to passing the challenging AWS Certified Developer – Associate certification exam and setting yourself up for a rewarding career. Through a sample project, it explains how to design, architect, and implement applications on AWS.

Jul 2024 23h 40m

Implementing GitOps with Kubernetes

Implementing GitOps with Kubernetes

This book provides step-by-step tutorials and hands-on examples for effectively implementing GitOps practices in your Kubernetes deployments. You'll learn how to automate, monitor, and secure your infrastructure for efficient application delivery.

Aug 2024 14h 48m