A single stop for all your SCM & CI related woes !!

Item: GitLab
Rating: 10
Author: Swati Rastogi

Use Cases and Deployment Scope

Gitlab is used as a Source Code Management tool in my organization. It is also used as a CI tool as we create a lot of Gitlab pipelines. Business problems. We needed a reliable SCM which has good integration with Jenkins. It should have good support, accessibility, and documentation. Also, it should serve as a CI tool if need be, to reduce dependency on Jenkins. Scope. We have webhook integrations with Jenkins. We create declarative pipelines using Jenkinsfile in GitLab. Multiple GitLab pipelines are running to build & deploy code directly on the sandbox & production environments. We are using Gitlab tokens for deploying images in Openshift. Also for storing Project POCs & their documentation, GitLab serves as a great tool.

Pros and Cons

Tight coupling with CI Tools like Jenkins.
Creating Gitlab CI pipelines.
Creating Source Code Repositories.
Using Gitlab deploy tokens for deployment in Openshift.

Gitlab web hooks are not very user friendly as hard to configure.
Gitlab CLI is not elaborate in its functionality.

Return on Investment

We are moving towards Gitlab only as our SCM & CI tool. So it would be an alternative to Jenkins. Saving our licensing cost there.
We have also stopped using Confluence & using Gitlab for our documentation purposes. Reducing cost there as well.

Alternatives Considered

Apache Subversion

Earlier we used SVN as our SCM tool. SVN was a centralized version control system due to which developers had to connect to the server every time they needed to commit. It was causing trouble for developers considering the large Org size. Also, SVN does not have a robust CI process. We selected Gitlab as each developer can work on their local code block and create non-linear commits. Also, we were looking forward to using Gitlab CI.

Security

We have used both Gitlab Enterprise & Gitlab SAAS. We have used Static Application Security Testing & Dynamic Application Security testing with Gitlab code. We have also used Blackduck Scanning on Gitlab repos. We also have Checkmarx integration with Gitlab.

Continuous Integration

Our team is now using Jenkinsfile within the Gitlab source code repository. Instead of creating complex pipelines in Jenkins, we are simply putting all the stages & steps within a groovy script. This has made it easier for the team to view the entire pipeline in a single text file. Also, it has reduced validation problems since we need not go at different Jenkins projects and nodes in case of any issues and work on all the issues in a single place.

Key Insights

Do you think GitLab delivers good value for the price?

Yes

Are you happy with GitLab's feature set?

Yes

Did GitLab live up to sales and marketing promises?

Yes

Did implementation of GitLab go as expected?

Yes

Would you buy GitLab again?

Yes

Other Software Used

Red Hat OpenShift, JFrog Artifactory, Red Hat Ansible Automation Platform

Likelihood to Recommend

Well suited:
- Gitlab is well suited for organizations with a good headcount. At least 500 +.
- Large orgs generally follow an Org->Group->Repo hierarchy. So it can easily manage the repo architecture.
- Gitlab is very secure. So orgs who want to have a highly secure environment should use Gitlab.
- Organizations who do not want to spend on any CI tool can use this. As it's becoming more & more self-sufficient lately.
- If the Org follows a proper workflow of branching & merging strategy, then they should use GitLab.

Less Appropriate:
- Less Appropriate for small-scale organizations that do not want to spend huge amounts on the licensing cost.
- If you have a robust CI on Jenkins/Bamboo etc. then you can skip using GitLab & use open-source alternatives like Github.
- If we are just dealing with a Sandbox-type environment & code is just a POC then maybe less security can be an option. And Gitlab can be avoided.