DevSecOps Tutorial: How to Setup DevSecOps CI/CD Using GitLab

DevSecOps Tutorial: How to Setup DevSecOps CI/CD Using GitLab

GitLab is a Continuous Integration (CI) tool, it easy to setup either you want use using their SaaS platform or their Community/Enterprise version which you can deploy GitLab using your own Cloud(AWS, Azure, GCP, etc.). There are several resources used in DevOps. GitLab will removes pain in selecting, integrating, learning and maintaining the various tools that are needed for a productive DevOps tool chain as a single application for the entire DevOps life cycle.

GitLab Features

GitLab covered all DevOps Cycle, as you can see below from Manage to Defend, it like "One-stop" tools for your DevOps team and no other places you need to go


GitLab covered all DevOps core cycles which

Plan : To plan all the features of the Software, User Story, Sprint and Project Roadmap.

Code : Where the centralized source code management (SCM) for your team and everyone using same source code. All codes changes need Peer-Review before it merge into master code.

Build : Using GitLab-Runner to build and deploy to dedicated server or endpoint.

Test : Implement all the Unit-Test or Security Test in GitLab CI/CD pipeline.

Release : The stage where we produce or convert all source code into deployable artifact and it can be reusable in any destination we want to deploy.

Deploy : Also know as Continuous Delivery or Continuous Deployment (CD), the stage we deploy all artifact into Test, Staging and Production environment. Once deployed, end-user can use the new feature or software.

Operate : The stage we monitor all newly deployed software or feature and get fast feedback to any issue or bug in Production environment with help of monitor tools.

Step 1: Sign-Up GitLab New Account

You may sign-up as new user/account via this URL. You fill-up all require for Registration as new user below;


Step 2: Setup a New GitLab Project

You can go to to create new project;


Step 3: Newly Created GitLab Project

Once we created new GitLab project, it will redirect us to our repository;


You may add your own source code in this new repository by connect it from your laptop or your choice of IDE tools.

Step 4: Add new .gitlab-ci.yml file for CI/CD pipeline

We can create our 1st .gitlab-ci.yml file, this file we use as our GitLab CI/CD pipeline stages, jobs, and etc. We can define in this file, GitLab will auto-detect when there is changes in this file and it will run your CI/CD pipeline once any changes or update in the repository;


Step 5: Setup a GitLab-Runner

If we run our GitLab CICD now, you might facing below error;


Hence, you need to add new GitLab-Runner


You may refer this URL on how setup your own GitLab-Runner, we you already setup, you can add existing or newly created GitLab-Runner under Settings menu: Setting -> CI / CD -> Runner;


Step 6: Re-Deploy our 1st CI/CD pipeline

Now we have GitLab-Runner added in this project, hence we can redeploy it by go to project -> Pipeline -> "Run Pipeline" ;


Step 7: Successfully Setup Our 1st CI/CD pipeline in GitLab

Now we successfully setup our CI/CD pipeline in GitLab;



In this post, we already learned the following:

  1. How to sign-up a new account of GitLab
  2. Create a new GitLab project
  3. Create new GitLab Repository
  4. Create a new .gitlab-ci.yml for CI/CD Pipeline
  5. Add new GitLab-Runner

In summary, this is how development workflow will look like in below picture;


Share Tweet Send
You've successfully subscribed to DevOps4Me
Great! Next, complete checkout for full access to DevOps4Me
Welcome back! You've successfully signed in
Success! Your account is fully activated, you now have access to all content.