Auto Devops is a GitLab feature set that encapsulates best practices for GitLab CI/CD and exercises many of GitLab’s most powerful features.

The Auto Devops package in its entirety consists of:

All of the above code is released under an open source license.

Auto Devops provides a large set of functionality, and is most useful for:

  • Database-driven web applications that are
  • Written in a common open source language such as Java or Ruby and are
  • Being deployed (or can be deployed) to Kubernetes.

It works out-of-the-box if:

  • It’s enabled on the GitLab instance (not an issue on GitLab.com); and
  • There is a Kubernetes cluster configured; and
  • The repo contains a Dockerfile, a .buildpacks file, or is of a type recognized by Heroku buildpacks; and
  • Auto Devops turned on for the project; and
  • There’s no .gitlab-ci.yml file at the root of the project.

In those cases, Auto Devops will do (or at least try to do) the following:

  1. Build the Docker container
    • Detects the language/platform of the code (if no Dockerfile or .buildpacks provided)
    • Performs normal build steps for that language/platform using Herokuish
    • Adds Docker image to the GitLab Container Registry
  2. Run your unit tests and integration tests, also using Herokuish; note that this testing step does not pull the container built in the first step, nor does it work for Python
  3. Run static scans and reports to the Merge Request; note that reporting security scan results to the MR is an Ultimate/Gold-tier feature
    • Code Quality Scan
    • Static Application Security Scan
    • Dependency Scan
    • Container Scan
    • Licence Management Scan
  4. Deploy to review app with hostname and SSL; assumes Kubernetes is set up and configured properly; pulls the Docker image from the Container Registry
  5. Run review app scans and reports to MR; once again, this is mostly for Ultimate/Gold-tier projects; honestly I haven’t spent much time learning about these scans
    • Dynamic Application Security Scan
    • Browser Performance Tests
  6. Deploy to Staging using Helm Chart
    • Only after merge
    • Runs post-deployment steps e.g. database migrations
  7. Deploy to Production on command
    • Supports Canary deployment option
    • Supports incremental rollout option
  8. Instrument for monitoring using Prometheus
  9. Record all deployments on the Deploy Board for the project

See Docker Container Registry and GitLab CI for more information about the Container Registry, including some details about how Auto Devops works with it.

Now try Overriding Auto Devops to customize its behavior!