test_job: stage: test script: - npm run test
curl --request POST --form "token=$CI_JOB_TOKEN" --form "ref=main" "https://gitlab.com/api/v4/projects/123/trigger/pipeline" This allows external systems (monitoring, chatops) to start pipelines. DevOps automation must include security. GitLab provides native security scanning. SAST (Static Application Security Testing) Add to your pipeline: automating devops with gitlab ci/cd pipelines read online
container_scan: stage: scan image: docker:latest script: - docker run --rm $IMAGE_TAG trivy image $IMAGE_TAG test_job: stage: test script: - npm run test
GitLab then shows a dashboard of deployments, and you can roll back from the UI. For secure cluster access, use the GitLab Agent instead of storing kubeconfig . SAST (Static Application Security Testing) Add to your
build: stage: build-image image: docker:20.10.16 services: - docker:20.10.16-dind script: - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - docker build -t $IMAGE_TAG . - docker push $IMAGE_TAG only: - main
workflow: rules: - if: $CI_PIPELINE_SOURCE == "merge_request_event" - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS when: never - if: $CI_COMMIT_BRANCH Now each merge request runs a full pipeline, and GitLab blocks merging if tests fail. Modern applications often consist of multiple microservices. GitLab supports cross-project automation. Triggering a downstream pipeline In project A (frontend):