With Gitlab Ci/cd Pipelines Read Online | Automating Devops

include: - template: Security/SAST.gitlab-ci.yml GitLab automatically runs SAST scanners for your language (Python, Java, Go, etc.) and shows vulnerabilities in merge requests. include: - template: Security/Dependency-Scanning.gitlab-ci.yml Secret Detection Prevents accidental commits of passwords/keys:

test_job: stage: test script: - npm run test automating devops with gitlab ci/cd pipelines read online

container_scan: stage: scan image: docker:latest script: - docker run --rm $IMAGE_TAG trivy image $IMAGE_TAG include: - template: Security/SAST

curl --request POST --form "token=$CI_JOB_TOKEN" --form "ref=main" "https://gitlab.com/api/v4/projects/123/trigger/pipeline" This allows external systems (monitoring, chatops) to start pipelines. DevOps automation must include security. GitLab provides native security scanning. SAST (Static Application Security Testing) Add to your pipeline: GitLab provides native security scanning

build: stage: build-image image: docker:20.10.16 services: - docker:20.10.16-dind script: - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - docker build -t $IMAGE_TAG . - docker push $IMAGE_TAG only: - main

workflow: rules: - if: $CI_PIPELINE_SOURCE == "merge_request_event" - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS when: never - if: $CI_COMMIT_BRANCH Now each merge request runs a full pipeline, and GitLab blocks merging if tests fail. Modern applications often consist of multiple microservices. GitLab supports cross-project automation. Triggering a downstream pipeline In project A (frontend):

variables: DOCKER_REGISTRY: registry.gitlab.com APP_NAME: myapp job: script: - docker build -t $DOCKER_REGISTRY/$APP_NAME .