Introduction of Gitlab DevSecOps Platform

Hai semuanya, di materi kali ini kita akan membahas salah satu tools implementasi dari Continues Integration (CI) yaitu menggunakan Gitlab DevSecOps Platform.

Okay karena pembahasan kali ini akan lumayan panjang jadi kita bagi-bagi menjadi beberapa section diantaranya:

1. Gitlab DevSecOps Platform
2. Gitlab CI/CD workflow
3. What can Gitlab CI/CD do?

Gitlab DevOps Platform

Gitlab Features

Fundamentally changing the way Development, Security, and Ops teams collaborate and build software - GitLab provides all of the essential DevSecOps tools in one DevSecOps platform.

From idea to production, GitLab helps teams improve cycle time from weeks to minutes, reduce development costs, speed time to market, and deliver more secure and compliant applications.

Planning

Regardless of your process, GitLab provides powerful planning tools to keep everyone synchronized.

Create

Create, view, and manage code and project data through powerful branching tools.

Verify

Keep strict quality standards for production code with automatic testing and reporting.

Package

Create a consistent and dependable software supply chain with built-in package management.

Secure

Security capabilities, integrated into your development lifecycle.

Deploy

GitLab’s integrated CD solution allows you to ship code with zero-touch, be it on one or one thousand servers.

Monitor

Help reduce the severity and frequency of incidents.

Govern

Manage security vulnerabilities, policies, and compliance across your organization.

Gitlab CI/CD workflow

Gitlab CI menawarkan 3 konsep yaitu Continues Integration, Continues Delivery dan Continues Deployment. Out-of-the-box management systems can decrease hours spent on maintaining toolchains by 10% or more, so you can test, build, and publish your software with no third-party application or integration needed because Gitlab CI is the part of Gitlab.

GitLab CI/CD fits in a common development workflow.

You can start by discussing a code implementation in an issue and working locally on your proposed changes. Then you can push your commits to a feature branch in a remote repository that’s hosted in GitLab. The push triggers the CI/CD pipeline for your project. Then, GitLab CI/CD:

Runs automated scripts (sequentially or in parallel) to:

• Build and test your application.
• Preview the changes in a Review App, the same as you would see on your localhost.

After the implementation works as expected:

• Get your code reviewed and approved.
• Merge the feature branch into the default branch.
• GitLab CI/CD deploys your changes automatically to a production environment.
• If something goes wrong, you can roll back your changes.

This workflow shows the major steps in the GitLab process. You don’t need any external tools to deliver your software and you can visualize all the steps in the GitLab UI.

What can Gitlab CI/CD do?

If you look deeper into the workflow, you can see the features available in GitLab at each stage of the DevOps lifecycle.

Stages continues integration:

• Code quality, To measure/analyze your source code’s quality and complexity.
• Unit tests, To test your source code’s with automated
• Dependency scanning, To measure/analyze your dependencies is verify and not contains vulnerability

Stages continues delivery/deployment:

• Build & Package, To compile then wrap your source code’s into package, it’s can be executeable from anywere
• Shipping, After build script succeed, we can store that artifact to registry such as Container registry, NPM registry, Maven repository and etc.
• Deploy, After artifact stored on registry/repository, we can used that object to run the application

Back to top ↑