GitLab Dynamic Environments with Docker-Compose instead of K8S

Dynamic Environment is when your pipeline creates a branchname.example.com deployment, for integration tests or manual review. Gitlab in autodevops mode and with Kubernetes lets you enjoy this kind of stuff by just starting projects from their template images. Note that YourLabs offers consulting if you need help to setup/maintain your baremetal K8S or GitLab instance to do this kind of thing. (Please forgive horrible sound recording in our demo) This article however, demonstrates how to acheive dynamic environments for integration testing and reviews with the product team with just docker-compose and nginx-proxy. [Read More]

yourlabs/python container adds security audit tools

The new version of yourlabs/python docker image, which bundles npm and pip3 on alpine and a bunch of testing tools, was released with bandit and safety baked in.

You can benefit from it in your Open Source software by adding .gitlab-ci.yml:

py-sec-bandit:
  image: yourlabs/python
  script: bandit -v -x commands,tests {posargs:-r src}

py-sec-safety:
  image: yourlabs/python
  script: safety check

very-happy-with-gitlab-ci-however

image

Very happy with GitLab-CI ! However Vagrant/VirtualBox are givin me false positives on high load some times … so we’re starting an r&d; project to do a Vagrant in Python but just for LibVirt and with the purpose of eXtreme performance & stability for development and of course CI as first class citizen ! Interested ? let us know ;) With LOVE

building-images-with-kaniko-and-gitlab-cicd

https://docs.gitlab.com/ee/ci/docker/using_kaniko.html

kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. kaniko solves two problems with using the docker-in-docker build method: Docker-in-docker requires privileged mode in order to function, which is a significant security concern. Docker-in-docker generally incurs a performance penalty and can be quite slow Read more at docs.gitlab.com