Automating DevOps with GitLab CI/CD Pipelines: Build efficient CI/CD pipelines to verify, secure, and deploy your code using real-life examples
Use GitLab CI/CD pipelines for automating and deploying different steps of your software development lifecycle using best practices and troubleshooting methods.
- Reap the power of GitLab CI/CD pipelines at every stage of your software development lifecycle
- Learn how GitLab makes Git easier to use and more powerful when committing and reviewing code
- Cement your understanding using hands-on tutorials and extensive self-assessment exercises
- Purchase of the print or Kindle book includes a free eBook in the PDF format
Developers and release engineers understand the high stakes involved in building, packaging, and deploying code correctly. Ensuring that your code is functionally correct, fast, and secure is a time-consuming and complex task. Code implementation, development, and deployment can be conducted efficiently using GitLab CI/CD pipelines.
Automating DevOps with GitLab CI/CD Pipelines begins with the basics of Git and GitLab, showing how to commit and review code. You’ll learn to set up GitLab Runners for executing and autoscaling CI/CD pipelines and creating and configuring pipelines for many software development lifecycle steps. You’ll also discover where to find pipeline results in GitLab, and how to interpret those results. Through the course of the book, you’ll become well-equipped with deploying code to different environments, advancing CI/CD pipeline features such as connecting GitLab to a Kubernetes cluster and using GitLab with Terraform, triggering pipelines and improving pipeline performance and using best practices and troubleshooting tips for uncooperative pipelines. In-text examples, use cases, and self-assessments will reinforce the important CI/CD, GitLab, and Git concepts, and help you prepare for interviews and certification exams related to GitLab.
By the end of this book, you’ll be able to use GitLab to build CI/CD pipelines that automate all the DevOps steps needed to build and deploy high-quality, secure code.
What you will learn
- Gain insights into the essentials of Git, GitLab, and DevOps
- Understand how to create, view, and run GitLab CI/CD pipelines
- Explore how to verify, secure, and deploy code with GitLab CI/CD pipelines
- Configure and use GitLab Runners to execute CI/CD pipelines
- Explore advanced GitLab CI/CD pipeline features like DAGs and conditional logic
- Follow best practices and troubleshooting methods of GitLab CI/CD pipelines
- Implement end-to-end software development lifecycle workflows using examples
Who this book is for
This book is for DevOps/DevSecOps engineers, application developers, release engineers, quality assurance engineers, security engineers, SREs, and sysadmins looking to implement fast, secure and automated software development lifecycle tasks using continuous integration and continuous delivery (CI/CD) pipelines in GitLab. Basic knowledge of major stages of the software development life cycle and DevOps processes will be helpful.
Cover Title Page Copyright and Credit Dedicated Contributors Table of Contents Preface Part 1 Getting Started with DevOps, Git, and GitLab Chapter 1: Understanding Life Before DevOps Introducing the Hats for Cats web app Building and verifying code manually Building code manually Verifying code manually More challenges of verifying code Security-testing code manually Static code analysis Secret detection Dynamic analysis Dependency scanning Container scanning Manual security testing summary Packaging and deploying code manually License compliance scanning Deploying software Problems with manual software development life cycle practices Solving problems with DevOps How GitLab implements DevOps Summary Chapter 2: Practicing Basic Git Commands Technical requirements Why use Git? What is a version control system? What problems does a VCS solve? Why Git is popular Drawbacks of Git Committing code to keep it safe Excluding files from a repository Tagging commits to identify versions of code Branching code for developing in an isolated space Git commands for managing branches Handling merge conflicts Syncing local and remote copies of repositories The “golden” repository Configuring remote repositories Pushing Fetching Pulling Additional resources for learning Git Summary Chapter 3: Understanding GitLab Components Technical requirements Emphasizing the “why” over the “how” Introducing the GitLab platform What is GitLab? What problem does GitLab solve? The verify, secure, and release stages Organizing work into projects and groups Example – organizing your Hats for Cats work Tracking work with issues The structure of a GitLab issue The kinds of tasks that issues can represent Labels Issue workflows Editing files safely with commits, branches, and merge requests Commit history Merging one Git branch into another The three amigos – issues, branches, and merge requests When two amigos are enough How are issues and merge requests different? Enabling DevOps practices with GitLab flow Summary Chapter 4: Understanding GitLab’s CI/CD Pipeline Structure Technical requirements Defining the terms pipeline, CI, and CD Understanding what a pipeline is Defining one pipeline per project Understanding different uses of the term “pipeline” Viewing a list of pipelines CI – finding out if your code is good CD – finding out where your code should go (and putting it there) GitLab Runners Parts of a pipeline – stages, jobs, and commands Stages Jobs Commands Fitting the pipeline pieces together Running GitLab CI/CD pipelines Branch pipelines Git tag pipelines Other types of pipelines Skipping pipelines Reading GitLab CI/CD pipeline statuses Configuring GitLab CI/CD pipelines Summary Part 2 Automating DevOps Stages with GitLab CI/CD Pipelines Chapter 5: Installing and Configuring GitLab Runners Technical requirements Defining GitLab runners and their relationship to CI/CD GitLab Runner is an open source application written in Go GitLab Runner runs CI/CD jobs specified in .gitlab-ci.yml The runner architecture and supported platforms GitLab Runner is supported on most platforms and architectures Runners can be specific, group, or shared Each runner has a defined executor Runner tags restrict which runners can pick up which jobs Installing the Runner agent Installing GitLab Runner Registering a runner with GitLab Considerations regarding the various runner types and executors Performance considerations Security considerations Monitoring considerations Summary Chapter 6: Verifying Your Code Technical requirements Building code in a CI/CD pipeline Compiling Java with javac Compiling Java with Maven Compiling C with Gnu Compiler Collection (GCC) Storing built code as artifacts Checking code quality in a CI/CD pipeline Enabling Code Quality Viewing Code Quality results Running automated functional tests in a CI/CD pipeline Enabling automated functional tests Viewing automated functional test results Fuzz testing in a CI/CD pipeline The architecture and workflow of fuzz testing A fuzz testing workflow Viewing the results of fuzz testing Extra considerations when fuzz testing Fuzz testing with a corpus Checking accessibility in a CI/CD pipeline Enabling accessibility testing Viewing accessibility testing results Additional ways to verify your code Code coverage Browser performance testing Load performance testing Summary Chapter 7: Securing Your Code Technical requirements Understanding GitLab’s security scanning strategy GitLab uses open-source scanners Scanners are packaged as Docker images Some scanners use different analyzers for different languages Vulnerabilities don’t stop the pipeline Findings appear in three different reports Pipelines can use non-GitLab-provided scanners Using SAST to scan your source code for vulnerabilities Understanding SAST Enabling SAST Configuring SAST Viewing SAST’s findings Using Secret Detection to find private information in your repository Understanding Secret Detection Enabling and configuring Secret Detection Viewing Secret Detection’s findings Using DAST to find vulnerabilities in web applications Understanding DAST Enabling and configuring DAST Viewing DAST’s findings Using Dependency Scanning to find vulnerabilities in dependencies Understanding Dependency Scanning Enabling and configuring Dependency Scanning Viewing Dependency Scanning’s findings Using Container Scanning to find vulnerabilities in Docker images Understanding Container Scanning Enabling and configuring Container Scanning Viewing Container Scanning’s findings Using License Compliance to manage licenses of dependencies Understanding License Compliance Enabling and configuring License Compliance Viewing License Compliance’s findings Using IaC Scanning to find problems in infrastructure configuration files Understanding IaC Scanning Enabling and configuring IaC scanning Viewing IaC Scanning’s findings Understanding the different types of security reports Managing security vulnerabilities Integrating outside security scanners Summary Chapter 8: Packaging and Deploying Code Technical requirements Storing code in GitLab’s package registry for later re-use Locating GitLab’s container and package registries Getting started with the package registry Supported package formats Authenticating to the registry Building and pushing packages to the package registry Building and pushing packages to the container registry Storing code in GitLab’s container and package registries for later deployment Using images from the container registry Using packages from the package registry Deploying to different environments using GitLab Flow Deploying to a review app for testing Deploying to real-world production environments Deploying to a Kubernetes cluster The CI/CD workflow A GitOps workflow Summary Part 3 Next Steps for Improving Your Applications with GitLab Chapter 9: Enhancing the Speed and Maintainability of CI/CD Pipelines Accelerating pipelines with directed acyclic graphs and parent-child architecture How to create a DAG in GitLab CI Building code for multiple architectures When and how to leverage caching or artifacts Caching characteristics Artifact characteristics Using caching Using artifacts Leveraging artifacts as job dependencies Reducing repeated configuration code with anchors and extensions Anchors The extends: keyword Reference tags Improving maintainability by combining multiple pipelines and leveraging parent-child pipelines Leveraging includes for maintainability Leveraging includes for reusability Includes from remote areas Leveraging parent-child pipelines Securing and accelerating jobs with purpose-built containers A purpose-built container example Summary Chapter 10: Extending the Reach of CI/CD Pipelines Using CI/CD pipelines to spot performance problems How to integrate browser performance testing How to integrate load performance testing with k6 Using feature flags to allow business-driven release decisions How to configure your application for feature flags Integrating third-party tools into your CI/CD pipelines Creating our tool container’s Dockerfile Automating our container’s build Container scanning Invoking the third-party tool Using CI/CD pipelines for developing mobile apps Requirements Fastlane Fastlane – deployment Fastlane – automated testing Summary Chapter 11: End-to-End Example Technical requirements Setting up your environment Making a GitLab project Planning work with GitLab issues Setting up a local Git repository Writing code Creating a Git branch to work on Creating an MR Committing and pushing code Establishing the pipeline infrastructure Creating a pipeline Creating a runner Verifying your code Adding functional tests to the pipeline Adding Code Quality scanning to the pipeline Adding a fuzz test to the pipeline Securing your code Adding SAST to the pipeline Adding Secret Detection to the pipeline Adding Dependency Scanning to the pipeline Adding License Compliance to the pipeline Integrating a third-party security scanner into the pipeline Improving your pipeline Using a DAG to speed up the pipeline Breaking the pipeline into several files Delivering your code to the right environment Deploying the code Summary Chapter 12: Troubleshooting and the Road Ahead with GitLab Technical requirements Troubleshooting and best practices for common pipeline problems Troubleshooting CI/CD syntax and logic Troubleshooting pipeline operation and runner assignment Managing your operational infrastructure using GitOps Using Terraform to deploy and update infrastructure state Using Ansible to manage resource configurations Future industry trends Automation will create more software at a larger scale Abstraction will lead to everything-as-code business models Reduced cycle time will help teams release better software faster Conclusion and next steps Index Other Books You May Enjoy
How to download source code?
1. Go to:
2. In the Find a repository… box, search the book title:
Automating DevOps with GitLab CI/CD Pipelines: Build efficient CI/CD pipelines to verify, secure, and deploy your code using real-life examples, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.