Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Free Learning

You're reading from Mastering GitLab 12 Implement DevOps culture and repository management solutions

Product type Paperback

Published in Aug 2019

Publisher Packt

ISBN-13 9781789531282

Length 608 pages

Edition 1st Edition

Tools

Gitlab

Concepts

DevOps

Author (1):

Joost Evertse

View More author details

Table of Contents (30) Chapters

Preface

1. Section 1: Install and Set Up GitLab On-Premises or in the Cloud FREE CHAPTER

2. Introducing the GitLab Architecture

3. Installing GitLab

4. Configuring GitLab Using the Web UI

5. Configuring GitLab from the Terminal

6. Section 2: Migrating Data from Different Locations

7. Importing Your Project from GitHub to GitLab

8. Migrating from CVS

9. Switching from SVN

10. Moving Repositories from TFS

11. Section 3: Implement the GitLab DevOps Workflow

12. GitLab Vision - the Whole Toolchain in One Application

13. Create Your Product, Verify, and Package it

14. The Release and Configure Phase

15. Monitoring with Prometheus

16. Integrating GitLab with CI/CD Tools

17. Section 4: Utilize GitLab CI and CI Runners

18. Setting Up Your Project for GitLab Continuous Integration

19. Installing and Configuring GitLab Runners

20. Using GitLab Runners with Docker or Kubernetes

21. Autoscaling GitLab CI Runners

22. Monitoring CI Metrics

23. Section 5: Scale the Server Infrastructure (High Availability Setup)

24. Creating a Basic HA Architecture Using Horizontal Scaling

25. Managing a Hybrid HA Environment

26. Making Your Environment Fully Distributed

27. Using Geo to Create Distributed Read-Only Copies of GitLab

28. Assessments

29. Other Books You May Enjoy

Leave a review - let other readers know what you think

Dynamic Application Security Testing

Dynamic Application Security Testing (DAST) runs PEN tests like scans of your application.

The test uses OWASP ZAProxy (https://github.com/zaproxy/zaproxy) to scan a running instance in your web application. It runs a passive scan, which means it only tries to discover your application by exploring links, will not find links created dynamically, and will not attack your application actively.

Before GitLab 12.0, this scan also used the Docker-in-Docker mechanism, but now it just retrieves and runs a container and the test. This means the image is cached on GitLab runners, and after retrieving the image for the first time, the security test will run faster.

As with SAST, you control how scanning happens through the .gitlab-ci.yml file, as follows:

 dast:
 image: registry.gitlab.com/gitlab-org/security-products/zaproxy
 variables:
 website: &quot...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Evertse

Joost Evertse is an all-round professional with over 20 years of experience in IT in the financial and telecom sectors. He has worked for big and small organizations and has lived in different worlds, including Unix, Oracle, Java, and Windows. Creating order from chaos has been a big focus during his system-engineering years. After 10 years of system administration, he moved into software development and started using CI/CD tools, including GitLab. At the end of 2016, he started at a significant financial company in the GitLab team, shifting his focus more toward the entire CI/CD pipeline, with the mission of making the CI/CD platform more stable and highly available. His team eventually migrated GitLab to a private cloud and improved release cycles.

See other products by Evertse