Automating DevOps with GitLab CI/CD Pipelines: Build efficient CI/CD pipelines to verify, secure, and deploy your code using real-life examples

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

Use GitLab CI/CD pipelines for automating and deploying different steps of your software development lifecycle using best practices and troubleshooting methods.

Key Features

  • Reap the power of GitLab CI/CD pipelines at every stage of your software development lifecycle
  • Learn how GitLab makes Git easier to use and more powerful when committing and reviewing code
  • Cement your understanding using hands-on tutorials and extensive self-assessment exercises
  • Purchase of the print or Kindle book includes a free eBook in the PDF format

Book Description

Developers and release engineers understand the high stakes involved in building, packaging, and deploying code correctly. Ensuring that your code is functionally correct, fast, and secure is a time-consuming and complex task. Code implementation, development, and deployment can be conducted efficiently using GitLab CI/CD pipelines.

Automating DevOps with GitLab CI/CD Pipelines begins with the basics of Git and GitLab, showing how to commit and review code. You'll learn to set up GitLab Runners for executing and autoscaling CI/CD pipelines and creating and configuring pipelines for many software development lifecycle steps. You'll also discover where to find pipeline results in GitLab, and how to interpret those results. Through the course of the book, you'll become well-equipped with deploying code to different environments, advancing CI/CD pipeline features such as connecting GitLab to a Kubernetes cluster and using GitLab with Terraform, triggering pipelines and improving pipeline performance and using best practices and troubleshooting tips for uncooperative pipelines. In-text examples, use cases, and self-assessments will reinforce the important CI/CD, GitLab, and Git concepts, and help you prepare for interviews and certification exams related to GitLab.

By the end of this book, you'll be able to use GitLab to build CI/CD pipelines that automate all the DevOps steps needed to build and deploy high-quality, secure code.

What you will learn

  • Gain insights into the essentials of Git, GitLab, and DevOps
  • Understand how to create, view, and run GitLab CI/CD pipelines
  • Explore how to verify, secure, and deploy code with GitLab CI/CD pipelines
  • Configure and use GitLab Runners to execute CI/CD pipelines
  • Explore advanced GitLab CI/CD pipeline features like DAGs and conditional logic
  • Follow best practices and troubleshooting methods of GitLab CI/CD pipelines
  • Implement end-to-end software development lifecycle workflows using examples

Who this book is for

This book is for DevOps/DevSecOps engineers, application developers, release engineers, quality assurance engineers, security engineers, SREs, and sysadmins looking to implement fast, secure and automated software development lifecycle tasks using continuous integration and continuous delivery (CI/CD) pipelines in GitLab. Basic knowledge of major stages of the software development life cycle and DevOps processes will be helpful.

Table of Contents

  1. Exploring the Life Before DevOps
  2. Practicing Basic Git Commands
  3. Understanding GitLab Components
  4. Understanding GitLab CI/CD Pipeline Structure
  5. Installing and Configuring GitLab Runners
  6. Verifying Your Code
  7. Securing Your Code
  8. Packaging and Deploying Your Code
  9. Enhancing Speed and Maintainability of CI/CD Pipelines
  10. Extending the Reach of CI/CD Pipelines
  11. End-to-End Example
  12. Troubleshooting and Moving Ahead with GitLab
  13. Appendix: Self-Assessment Questions and Answers

Author(s): Christopher Cowell, Nicholas Lotz, Chris Timberlake
Edition: 1
Publisher: Packt Publishing
Year: 2023

Language: English
Pages: 348
City: Birmingham
Tags: DevOps; Git; GitLab; CI/CD; Continuous Integration; Continuous Delivery; Code Security; Packaging; Deployment; Maintainability

Cover
Title Page
Copyright and Credit
Dedicated
Contributors
Table of Contents
Preface
Part 1 Getting Started with DevOps, Git, and GitLab
Chapter 1: Understanding Life Before DevOps
Introducing the Hats for Cats web app
Building and verifying code manually
Building code manually
Verifying code manually
More challenges of verifying code
Security-testing code manually
Static code analysis
Secret detection
Dynamic analysis
Dependency scanning
Container scanning
Manual security testing summary
Packaging and deploying code manually
License compliance scanning
Deploying software
Problems with manual software development life cycle practices
Solving problems with DevOps
How GitLab implements DevOps
Summary
Chapter 2: Practicing Basic Git Commands
Technical requirements
Why use Git?
What is a version control system?
What problems does a VCS solve?
Why Git is popular
Drawbacks of Git
Committing code to keep it safe
Excluding files from a repository
Tagging commits to identify versions of code
Branching code for developing in an isolated space
Git commands for managing branches
Handling merge conflicts
Syncing local and remote copies of repositories
The “golden” repository
Configuring remote repositories
Pushing
Fetching
Pulling
Additional resources for learning Git
Summary
Chapter 3: Understanding GitLab Components
Technical requirements
Emphasizing the “why” over the “how”
Introducing the GitLab platform
What is GitLab?
What problem does GitLab solve?
The verify, secure, and release stages
Organizing work into projects and groups
Example – organizing your Hats for Cats work
Tracking work with issues
The structure of a GitLab issue
The kinds of tasks that issues can represent
Labels
Issue workflows
Editing files safely with commits, branches, and merge requests
Commit history
Merging one Git branch into another
The three amigos – issues, branches, and merge requests
When two amigos are enough
How are issues and merge requests different?
Enabling DevOps practices with GitLab flow
Summary
Chapter 4: Understanding GitLab’s CI/CD Pipeline Structure
Technical requirements
Defining the terms pipeline, CI, and CD
Understanding what a pipeline is
Defining one pipeline per project
Understanding different uses of the term “pipeline”
Viewing a list of pipelines
CI – finding out if your code is good
CD – finding out where your code should go (and putting it there)
GitLab Runners
Parts of a pipeline – stages, jobs, and commands
Stages
Jobs
Commands
Fitting the pipeline pieces together
Running GitLab CI/CD pipelines
Branch pipelines
Git tag pipelines
Other types of pipelines
Skipping pipelines
Reading GitLab CI/CD pipeline statuses
Configuring GitLab CI/CD pipelines
Summary
Part 2 Automating DevOps Stages with GitLab CI/CD Pipelines
Chapter 5: Installing and Configuring GitLab Runners
Technical requirements
Defining GitLab runners and their relationship to CI/CD
GitLab Runner is an open source application written in Go
GitLab Runner runs CI/CD jobs specified in .gitlab-ci.yml
The runner architecture and supported platforms
GitLab Runner is supported on most platforms and architectures
Runners can be specific, group, or shared
Each runner has a defined executor
Runner tags restrict which runners can pick up which jobs
Installing the Runner agent
Installing GitLab Runner
Registering a runner with GitLab
Considerations regarding the various runner types and executors
Performance considerations
Security considerations
Monitoring considerations
Summary
Chapter 6: Verifying Your Code
Technical requirements
Building code in a CI/CD pipeline
Compiling Java with javac
Compiling Java with Maven
Compiling C with Gnu Compiler Collection (GCC)
Storing built code as artifacts
Checking code quality in a CI/CD pipeline
Enabling Code Quality
Viewing Code Quality results
Running automated functional tests in a CI/CD pipeline
Enabling automated functional tests
Viewing automated functional test results
Fuzz testing in a CI/CD pipeline
The architecture and workflow of fuzz testing
A fuzz testing workflow
Viewing the results of fuzz testing
Extra considerations when fuzz testing
Fuzz testing with a corpus
Checking accessibility in a CI/CD pipeline
Enabling accessibility testing
Viewing accessibility testing results
Additional ways to verify your code
Code coverage
Browser performance testing
Load performance testing
Summary
Chapter 7: Securing Your Code
Technical requirements
Understanding GitLab’s security scanning strategy
GitLab uses open-source scanners
Scanners are packaged as Docker images
Some scanners use different analyzers for different languages
Vulnerabilities don’t stop the pipeline
Findings appear in three different reports
Pipelines can use non-GitLab-provided scanners
Using SAST to scan your source code for vulnerabilities
Understanding SAST
Enabling SAST
Configuring SAST
Viewing SAST’s findings
Using Secret Detection to find private information in your repository
Understanding Secret Detection
Enabling and configuring Secret Detection
Viewing Secret Detection’s findings
Using DAST to find vulnerabilities in web applications
Understanding DAST
Enabling and configuring DAST
Viewing DAST’s findings
Using Dependency Scanning to find vulnerabilities in dependencies
Understanding Dependency Scanning
Enabling and configuring Dependency Scanning
Viewing Dependency Scanning’s findings
Using Container Scanning to find vulnerabilities in Docker images
Understanding Container Scanning
Enabling and configuring Container Scanning
Viewing Container Scanning’s findings
Using License Compliance to manage licenses of dependencies
Understanding License Compliance
Enabling and configuring License Compliance
Viewing License Compliance’s findings
Using IaC Scanning to find problems in infrastructure configuration files
Understanding IaC Scanning
Enabling and configuring IaC scanning
Viewing IaC Scanning’s findings
Understanding the different types of security reports
Managing security vulnerabilities
Integrating outside security scanners
Summary
Chapter 8: Packaging and Deploying Code
Technical requirements
Storing code in GitLab’s package registry for later re-use
Locating GitLab’s container and package registries
Getting started with the package registry
Supported package formats
Authenticating to the registry
Building and pushing packages to the package registry
Building and pushing packages to the container registry
Storing code in GitLab’s container and package registries for later deployment
Using images from the container registry
Using packages from the package registry
Deploying to different environments using GitLab Flow
Deploying to a review app for testing
Deploying to real-world production environments
Deploying to a Kubernetes cluster
The CI/CD workflow
A GitOps workflow
Summary
Part 3 Next Steps for Improving Your Applications with GitLab
Chapter 9: Enhancing the Speed and Maintainability of CI/CD Pipelines
Accelerating pipelines with directed acyclic graphs and parent-child architecture
How to create a DAG in GitLab CI
Building code for multiple architectures
When and how to leverage caching or artifacts
Caching characteristics
Artifact characteristics
Using caching
Using artifacts
Leveraging artifacts as job dependencies
Reducing repeated configuration code with anchors and extensions
Anchors
The extends: keyword
Reference tags
Improving maintainability by combining multiple pipelines and leveraging parent-child pipelines
Leveraging includes for maintainability
Leveraging includes for reusability
Includes from remote areas
Leveraging parent-child pipelines
Securing and accelerating jobs with purpose-built containers
A purpose-built container example
Summary
Chapter 10: Extending the Reach of CI/CD Pipelines
Using CI/CD pipelines to spot performance problems
How to integrate browser performance testing
How to integrate load performance testing with k6
Using feature flags to allow business-driven release decisions
How to configure your application for feature flags
Integrating third-party tools into your CI/CD pipelines
Creating our tool container’s Dockerfile
Automating our container’s build
Container scanning
Invoking the third-party tool
Using CI/CD pipelines for developing mobile apps
Requirements
Fastlane
Fastlane – deployment
Fastlane – automated testing
Summary
Chapter 11: End-to-End Example
Technical requirements
Setting up your environment
Making a GitLab project
Planning work with GitLab issues
Setting up a local Git repository
Writing code
Creating a Git branch to work on
Creating an MR
Committing and pushing code
Establishing the pipeline infrastructure
Creating a pipeline
Creating a runner
Verifying your code
Adding functional tests to the pipeline
Adding Code Quality scanning to the pipeline
Adding a fuzz test to the pipeline
Securing your code
Adding SAST to the pipeline
Adding Secret Detection to the pipeline
Adding Dependency Scanning to the pipeline
Adding License Compliance to the pipeline
Integrating a third-party security scanner into the pipeline
Improving your pipeline
Using a DAG to speed up the pipeline
Breaking the pipeline into several files
Delivering your code to the right environment
Deploying the code
Summary
Chapter 12: Troubleshooting and the Road Ahead with GitLab
Technical requirements
Troubleshooting and best practices for common pipeline problems
Troubleshooting CI/CD syntax and logic
Troubleshooting pipeline operation and runner assignment
Managing your operational infrastructure using GitOps
Using Terraform to deploy and update infrastructure state
Using Ansible to manage resource configurations
Future industry trends
Automation will create more software at a larger scale
Abstraction will lead to everything-as-code business models
Reduced cycle time will help teams release better software faster
Conclusion and next steps
Index
Other Books You May Enjoy