Book Image

Mastering GitLab 12

By : Joost Evertse

Book Image

Mastering GitLab 12

By: Joost Evertse

Overview of this book

GitLab is an open source repository management and version control toolkit with functions for enterprises and personal software projects. It offers configurability options, extensions, and APIs that make it an ideal tool for enterprises to manage the software development life cycle. This book begins by explaining GitLab options and the components of the GitLab architecture. You will learn how to install and set up GitLab on-premises and in the cloud, along with understanding how to migrate code bases from different systems, such as GitHub, Concurrent Versions System, Team Foundation Version Control, and Subversion. Later chapters will help you implement DevOps culture by introducing the workflow management tools in GitLab and continuous integration/continuous deployment (CI/CD). In addition to this, the book will guide you through installing GitLab on a range of cloud platforms, monitoring with Prometheus, and deploying an environment with GitLab. You'll also focus on the GitLab CI component to assist you with creating development pipelines and jobs, along with helping you set up GitLab runners for your own project. Finally, you will be able to choose a high availability setup that fits your needs and helps you monitor and act on results obtained after testing. By the end of this book, you will have gained the expertise you need to use GitLab features effectively, and be able to integrate all phases in the development process.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Section 1: Install and Set Up GitLab On-Premises or in the Cloud

Section 1: Install and Set Up GitLab On-Premises or in the Cloud

Introducing the GitLab Architecture

Introducing the GitLab Architecture

Technical requirements

The origins of GitLab

Exploring GitLab editions – CE and EE

The core system components of GitLab

Further reading

Installing GitLab

Installing GitLab

Technical requirements

Installing GitLab using omnibus packages

Running from source

Using it from Docker

Deploying GitLab using Kubernetes

Further reading

Configuring GitLab Using the Web UI

Configuring GitLab Using the Web UI

Technical requirements

Configuring GitLab settings at the instance level

Configuring GitLab settings at the group level

Configuring GitLab settings at the project level

Further reading

Configuring GitLab from the Terminal

Configuring GitLab from the Terminal

Technical requirements

Configuring omnibus and GitLab installations from the terminal

Configuring source installations

Reconfiguring GitLab Docker containers

Changing GitLab in a Kubernetes environment

Further reading

Section 2: Migrating Data from Different Locations

Section 2: Migrating Data from Different Locations

Importing Your Project from GitHub to GitLab

Importing Your Project from GitHub to GitLab

Technical requirements

Using the GitHub integration feature

Using a GitHub token

Using a GitLab rake task

Further reading

Migrating from CVS

Migrating from CVS

Technical requirements

Preparing to migrate from CVS to Git

Running the conversion

Cleaning up after migration

Further reading

Switching from SVN

Switching from SVN

Technical requirements

The difference between SVN and Git

Mirroring SVN and GIT

Using svn2git to migrate in one cut

Further reading

Moving Repositories from TFS

Moving Repositories from TFS

Technical requirements

Centralized or decentralized

The git-tfs tool

Further reading

Section 3: Implement the GitLab DevOps Workflow

Section 3: Implement the GitLab DevOps Workflow

GitLab Vision - the Whole Toolchain in One Application

GitLab Vision - the Whole Toolchain in One Application

Technical requirements

The Agile Manifesto

XP

The DevOps movement

Further reading

Create Your Product, Verify, and Package it

Create Your Product, Verify, and Package it

Technical requirements

The GitLab workflow

DevOps phase – manage your ideas

DevOps phase – plan your feature

DevOps phase – create it

DevOps phase – verify your product

DevOps phase – package it for use

Further reading

The Release and Configure Phase

The Release and Configure Phase

Technical requirements

Continuous Deployment

Further reading

Monitoring with Prometheus

Monitoring with Prometheus

Technical requirements

Setting up Prometheus

Customizing monitoring

The static analysis of security vulnerabilities

Dynamic Application Security Testing

Dependency checking

Further reading

Integrating GitLab with CI/CD Tools

Integrating GitLab with CI/CD Tools

Technical requirements

Using Jira with GitLab

Connecting Jenkins to GitLab

Integrating with Mattermost

Using webhooks for events

Further reading

Section 4: Utilize GitLab CI and CI Runners

Section 4: Utilize GitLab CI and CI Runners

Setting Up Your Project for GitLab Continuous Integration

Setting Up Your Project for GitLab Continuous Integration

Technical requirements

Creating .gitlab-ci.yml

Configuring a runner

Further reading

Installing and Configuring GitLab Runners

Installing and Configuring GitLab Runners

Technical requirements

The Runner client architecture

Creating a basic Runner with the shell executor

Further reading

Using GitLab Runners with Docker or Kubernetes

Using GitLab Runners with Docker or Kubernetes

Technical requirements

Runner client architecture

Creating your own Dockerized GitLab Runner

Using a prebuilt Docker container to deploy GitLab Runners

Using a Kubernetes cluster to spawn GitLab Runners

Further reading

Autoscaling GitLab CI Runners

Autoscaling GitLab CI Runners

Technical requirements

Runner client architecture

Setting up the environment

Configuring the Runner

Further reading

Monitoring CI Metrics

Monitoring CI Metrics

Technical requirements

Enabling monitoring for Runners

Editing the GitLab Runner configuration file

Runner business logic metrics

General process metrics

Further reading

Section 5: Scale the Server Infrastructure (High Availability Setup)

Section 5: Scale the Server Infrastructure (High Availability Setup)

Creating a Basic HA Architecture Using Horizontal Scaling

Creating a Basic HA Architecture Using Horizontal Scaling

Technical requirements

The underlying architecture of this solution

Setting up the bastion hosts

Configuring the database nodes

The Redis configuration

Connecting the shared filesystem

Setting up the application servers

Further reading

Managing a Hybrid HA Environment

Managing a Hybrid HA Environment

Technical requirements

The basic architecture of this solution

A renewed Terraform configuration

Splitting application components into frontend and middleware tiers

Connecting the shared filesystem

Changes in Ansible files

Script enhancements

Further reading

Making Your Environment Fully Distributed

Making Your Environment Fully Distributed

Technical requirements

The basic architecture of this solution

Performing changes to the Terraform configuration

Splitting more application components

The clustered Redis/Sentinel configuration

Changes in Ansible files

Script enhancements

Further reading

Using Geo to Create Distributed Read-Only Copies of GitLab

Using Geo to Create Distributed Read-Only Copies of GitLab

Technical requirements

The basic architecture of this solution

Preparing the infrastructure

Further reading

Assessments

Chapter 1: Introducing the GitLab Architecture

Chapter 2: Installing GitLab

Chapter 3: Configuring GitLab Using the Web UI

Chapter 4: Configuring GitLab from the Terminal

Chapter 5: Importing Your Project from GitHub to GitLab

Chapter 6: Migrating From CVS

Chapter 7: Switching from SVN

Chapter 8: Moving Repositories from TFS

Chapter 9: GitLab Vision: The Whole Toolchain in One Application

Chapter 10: Create Your Product, Verify, and Package it

Chapter 11: The Release and Configure Phase

Chapter 12: Monitoring with Prometheus

Chapter 13: Integrating GitLab with CI/CD Tools

Chapter 14: Setting Up Your Project for GitLab Continuous Integration

Chapter 15: Installing and Configuring GitLab Runners

Chapter 16: Using GitLab Runners with Docker or Kubernetes

Chapter 17: Autoscaling GitLab CI Runners

Chapter 18: Monitoring CI Metrics

Chapter 19: Creating a Basic HA Architecture by Using Horizontal Scaling

Chapter 20: Managing a Hybrid HA Environment

Chapter 21: Making Your Environment Fully Distributed

Chapter 22: Using Geo to Create Distributed Read-Only Copies of GitLab

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Dynamic Application Security Testing

Dynamic Application Security Testing (DAST) runs PEN tests like scans of your application.

The test uses OWASP ZAProxy (https://github.com/zaproxy/zaproxy) to scan a running instance in your web application. It runs a passive scan, which means it only tries to discover your application by exploring links, will not find links created dynamically, and will not attack your application actively.

Before GitLab 12.0, this scan also used the Docker-in-Docker mechanism, but now it just retrieves and runs a container and the test. This means the image is cached on GitLab runners, and after retrieving the image for the first time, the security test will run faster.

As with SAST, you control how scanning happens through the .gitlab-ci.yml file, as follows:

 dast:
 image: registry.gitlab.com/gitlab-org/security-products/zaproxy
 variables:
 website: &quot...