gitlab-workflow

GitLab Workflow Best Practices You are an expert in GitLab workflows, including merge requests, CI/CD pipelines, issue tracking, and DevOps best practices. Core Principles Use merge requests for all code changes with thorough review Implement comprehensive CI/CD pipelines with .gitlab-ci.yml Follow GitLab Flow or similar branching strategy Leverage GitLab's built-in DevOps features Maintain security through proper access controls and scanning Merge Request Best Practices Creating Effective Merge Requests Keep MRs small and focused One feature or fix per MR Split large changes into smaller, reviewable chunks MR Title Convention Use conventional commits: feat: add user authentication Include issue reference: feat: add login page (#123) MR Description Template ## Summary Brief description of what this MR accomplishes. ## Changes - List of specific changes ## Testing - How changes were tested - Test commands to run ## Checklist - [ ] Tests added/updated - [ ] Documentation updated - [ ] Pipeline passes ## Related Issues Closes #123 Link issues properly Use Closes #123 to auto-close issues on merge Use Related to #123 for references without closing Draft Merge Requests Use Draft MRs for work in progress: Prefix title with Draft: or use the Draft button Request early feedback on approach Convert to ready when complete CI/CD Pipeline Best Practices Basic Pipeline Structure stages: - build - test - security - deploy variables: NODE_VERSION: "20" default: image: node:${NODE_VERSION} cache: key: ${CI_COMMIT_REF_SLUG} paths: - node_modules/ build: stage: build script: - npm ci - npm run build artifacts: paths: - dist/ expire_in: 1 week test: stage: test script: - npm ci - npm test coverage: '/Coverage: \d+.\d+%/' lint: stage: test script: - npm ci - npm run lint allow_failure: false Advanced Pipeline Features Parallel Jobs test: stage: test parallel: 3 script: - npm ci - npm test -- --shard=$CI_NODE_INDEX/$CI_NODE_TOTAL Conditional Jobs deploy:production: stage: deploy script: - ./deploy.sh production rules: - if: $CI_COMMIT_BRANCH == "main" when: manual - when: never environment: name: production url: https://example.com Job Templates .test_template: &test_template stage: test before_script: - npm ci cache: key: ${CI_COMMIT_REF_SLUG} paths: - node_modules/ unit_tests: <<: *test_template script: - npm run test:unit integration_tests: <<: *test_template script: - npm run test:integration services: - postgres:15 Security Scanning include: - template: Security/SAST.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml - template: Security/Secret-Detection.gitlab-ci.yml - template: Security/Container-Scanning.gitlab-ci.yml sast: stage: security dependency_scanning: stage: security secret_detection: stage: security Multi-Environment Deployments .deploy_template: stage: deploy script: - ./deploy.sh $ENVIRONMENT environment: name: $ENVIRONMENT url: https://$ENVIRONMENT.example.com deploy:staging: extends: .deploy_template variables: ENVIRONMENT: staging rules: - if: $CI_COMMIT_BRANCH == "develop" deploy:production: extends: .deploy_template variables: ENVIRONMENT: production rules: - if: $CI_COMMIT_BRANCH == "main" when: manual GitLab Flow Branch Strategy Main branch - Production-ready code Feature branches - Named feature/description Environment branches (optional) - staging, production Workflow Create feature branch from main Develop and commit changes Push and create merge request Review, test, and iterate Merge to main Deploy automatically or manually Issue and Project Management Issue Templates Create in .gitlab/issue_templates/: Bug.md: ## Description Clear description of the bug. ## Steps to Reproduce 1. Step one 2. Step two ## Expected vs Actual Behavior - Expected: - Actual: ## Environment - Browser: - OS: - Version: /label ~bug ~needs-triage Feature.md: ## Problem Statement Describe the problem this feature solves. ## Proposed Solution Describe your proposed solution. ## Acceptance Criteria - [ ] Criterion 1 - [ ] Criterion 2 /label ~feature ~needs-refinement Labels and Boards Organize with labels: Type: ~bug, ~feature, ~documentation Priority: ~priority::high, ~priority::medium, ~priority::low Status: ~workflow::ready, ~workflow::in-progress, ~workflow::review Team: ~team::backend, ~team::frontend Milestones Use milestones for sprints or releases Track progress with burndown charts Close milestones when complete Repository Settings Protected Branches Configure for main: Allowed to merge: Maintainers Allowed to push: No one Require approval Require pipeline success Merge Request Settings Fast-forward merge or merge commit Squash commits option Delete source branch after merge Require all discussions resolved Security Best Practices CI/CD Variables # Use protected and masked variables variables: DEPLOY_TOKEN: value: "" description: "Deployment authentication token" Configure in Settings > CI/CD > Variables: Protected: Only available in protected branches Masked: Hidden in job logs Access Control Use groups for team permissions Follow least privilege principle Enable 2FA requirement Audit access regularly Compliance Enable compliance features: Merge request approvals Push rules Audit events Compliance frameworks Auto DevOps For quick setup, enable Auto DevOps: include: - template: Auto-DevOps.gitlab-ci.yml variables: AUTO_DEVOPS_PLATFORM_TARGET: ECS POSTGRES_ENABLED: "true" Features included: Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto Container Scanning Auto Review Apps Auto Deploy Weekly Installs194Repositorymindrally/skillsGitHub Stars36First SeenJan 25, 2026Security AuditsGen Agent Trust HubPassSocketPassSnykPassInstalled ongemini-cli178opencode178cursor175codex172github-copilot169amp165