Git & GitLab 入門 (5) ~Git マスターへの道~「Git のブランチについて」SIOS Tech. Lab
はじめに 前回は、GitLab上のリモートリポジトリとの連携やプロジェクトの作成・管理、ローカル環境でのクロー| SIOS Tech.Lab
はじめに 昨今の開発環境においては、オンプレミスであってもコンテナアプリケーションを稼働させたいというニーズが高まっています。その様なオンプレミスかつ外部インターネットに接続できない閉域環境などでも、効率的かつセキュアな ... The post GitLabとコンテナプラットフォームの連携 first appeared on SIOS Tech. Lab.| SIOS Tech. Lab
はじめに 前回は、GitLab上のリモートリポジトリとの連携やプロジェクトの作成・管理、ローカル環境でのクロー| SIOS Tech.Lab
Ever had one of those days?| Shayne Fletcher
はじめに Git & GitLab入門ブログ Gitマスターへの道の第4回です。前回のGit & GitLab入門ブログ3Gitマスターへの道「Git操作チーム利用コマンドやロールバック」では、チーム開発 ... The post Git & GitLab 入門 (4) ~Git マスターへの道~「リモートリポジトリとローカルリポジトリ」 first appeared on SIOS Tech. Lab.| SIOS Tech. Lab
はじめに Git & GitLab入門ブログ Gitマスターへの道の第3回です。前回のGit &| SIOS Tech.Lab
Over the past couple of (gasp!) decades, I've had my fair share of release blunders: forgetting to clean the tree before making a tarball by hand, forgetting to update the NEWS file, forgetting to push after creating the tarball locally, forgetting to update the appdata file (causing problems on Flathub)...| /bɑs ˈtjɛ̃ no ˈse ʁɑ/ (hadess) | News
Maester is now available for GitLab| Maester Blog
GitLab has clear documentation of how to implement flexible merge request approval workflows. This is useful in code repositories where multiple teams collaborate together to implement an applicati…| Technical Scratchpad
| Jayson Salazar Rodriguez | @jdsalaro | Blog
本文永久链接 - https://tonybai.com/2025/07/07/go-module-supply-chain-attack-case 大家好,我是Tony Bai。 最近,GitLab的安全研究团队披露了一起极其巧妙的供应链攻击,目标直指 Go 社区中一个流行的 Mongo| tonybai.com
GitLab says it is on track to launch its agentic AI iteration of the Duo assistance technology this […]| DEVCLASS
https://docs.renovatebot.com/assets/images/mend-renovate-cli-banner.jpgRenovate is an OSS CLI/bot that updates your software dependencies automatically. It is usually integrated into the CI/CD process and runs on a schedule. It will create a Pull Request / Merge Request (PR/MR) to your repository with dependency updates. It can optionally auto-merge them. If you host it for several repositories or an organization, it can auto-discover new projects and create an onboarding MR/PR, which introd...| blog.compass-security.com
This is a follow-up from our Spam-label approach, but this time with MOAR EMOJIS because that's what the world is turning into.| Who-T
As of today, gitlab.freedesktop.org allows anyone with a GitLab Developer role or above to remove spam issues. If you are reading this article a while after it's published, it's best to refer to the damspam README for up-to-date details.| Who-T
Pulumi’s integration with GitLab has reached new heights with enhancements designed to streamline your infrastructure as code workflows. Today, we’re excited to announce several significant improvements to our GitLab integration that make managing cloud infrastructure with Pulumi and GitLab more seamless than ever before: GitLab as a first-class VCS in Pulumi Cloud, enhanced merge request comments, organizational templates in GitLab, and later this year, Pulumi Deployments for GitLab. Pul...| Pulumi Blog
After thinking about multi-stage Debian rebuilds I wanted to implement the idea. Recall my illustration: Earlier I rebuilt all packages that make up the difference between Ubuntu and Trisquel. It turned out to be a 42% bit-by-bit identical similarity. To Continue reading Building Debian in a GitLab Pipeline→| Simon Josefsson's blog
I host my own GitLab CI/CD runners, and find that having coverage on the riscv64 CPU architecture is useful for testing things. The HiFive Premier P550 seems to be a common hardware choice. The P550 is possible to purchase online. You also need a (mini-)ATX chassi, power supply (~500W is more than sufficient), PCI-to-M2 converter and a NVMe storage device. Total cost per machine was around $8k/€8k for me. Assembly was simple: bolt everything, connect ATX power, connect cables for the front-...| Simon Josefsson's blog
Remember the XZ Utils backdoor? One factor that enabled the attack was poor auditing of the release tarballs for differences compared to the Git version controlled source code. This proved to be a useful place to distribute malicious data.| Simon Josefsson's blog
Secrets Analyzer now enriches detected secrets with scope, permission, and ownership details. This helps security teams assess risk and prioritize remediation more efficiently.| GitGuardian SaaS Release Notes
Instead of checking GitHub for new notifications, let GitHub alert you every time someone stars one of your projects. See how you can do it with one of our agents.| Livable Software
2025/2/26に、Self-hostedなGitLabに関して、そのCI/CDを実行するGitLab RunnerをCodeBuildで動かせるようになったという発表がありました (2024/9/17に発表された[AWS CodeBuild がマネージド GitLab ランナーのサポート開始:title:bookmark]はあくまでSaaSのGitLabに対してのものでした)。 企業でGitLabを使っている場合、情報資産管理の関係でSelf-hostedなGitLabを使い情報資産を封じ込める構成をとっ...| 理系学生日記
Around a year ago I discussed two concerns with software release archives (tarball artifacts) that could be improved to increase confidence in the supply-chain security of software releases. Repeating the goals for simplicity:| Simon Josefsson's blog
最近、GitHubだけでなくGitLabを利用する機会が増えてきました。しかも、単なるユーザーとしてではなく、GitLabの構築や運用に関わることが多くなっています。そのため、改めて 「GitLab実践ガイド 第2版」 を読んでみました。 GitLab実践ガイド 第2版 (impress top gear)作者:北山 晋吾,棚井 俊インプレスAmazon 実は5年前、2020年にこの書籍の初版を読んでいました。当時はGitLabの...| 理系学生日記
Learn how to manage secrets securely in GitLab CI/CD using Infisical, a modern secrets management tool designed for today's CI/CD workflows.| Infisical Blog
I am using GitLab CI/CD pipelines for several upstream projects (libidn, libidn2, gsasl, inetutils, libtasn1, libntlm, …) and a long-time concern for these have been that there is too little testing on GNU Guix. Several attempts have been made, and earlier this year Ludo’ came really close to finish this. My earlier effort to idempotently rebuild Debian recently led me to think about re-bootstrapping Debian. Since Debian is a binary distribution, it re-use earlier binary packages when ...| Simon Josefsson's blog
Apache NiFi is about to turn 10 years old as an Apache Software Foundation (ASF) project and it is in use by over 8,000 enterprises around the globe. No better time for this incredibly flexible and powerful framework to finalize its 2.0.0 version. Welcome to the Next Generation Apache NiFi. Over 2000 Jira issues and […] The post Next Generation Apache NiFi | NiFi 2.0.0 is GA appeared first on Datavolo.| Datavolo
GitLab pipelines are a convenient way to expose deployment/delivery tasks. But with their rudimentary web UI for variable input, it can be challenging for users to populate the required list of variables. One way of making it more convenient for end-users is to provide them a URL pre-populated with the specific branch and pipeline variable ... GitLab: URL shortcut to override pipeline variable values| Fabian Lee : Software Engineer
A partir de mayo de 2024 GitLab ha dejado de dar soporte a los tokens de acceso sin fecha de expiración, de esta forma el token que veníamos usando desde 2018| Art Project Group
Sometime last week, an attempted automated GitLab via Docker upgrade failed catastrophically, and left that Docker image in a pretty botched state. Kudos to the GitLab team for making it so many years without this being a problem. It was a real surprise to see it broken!| JJJ's Blog
The State of DevOps Threats Report sheds light on the most critical cybersecurity incidents concerning DevOps and GitHub.| Help Net Security
In a first post about Tanzu Platform for Kubernetes I walked you through the process of bringing an application “from code to production” on Kubernetes using four simple commands: build, d| viktorious.nl - All things cloud-native
With the release of Libntlm version 1.8 the release tarball can be reproduced on several distributions. We also publish a signed minimal source-only tarball, produced by git-archive which is the same format used by Savannah, Codeberg, GitLab, GitHub and others. Continue reading Reproducible and minimal source-only tarballs→| Simon Josefsson's blog
My effort to improve transparency and confidence of public apt archives continues. I started to work on this in “Apt Archive Transparency” in which I mention the debdistget project in passing. Debdistget is responsible for mirroring index files for some Continue reading Apt archive mirrors in Git-LFS→| Simon Josefsson's blog
Recently I noticed a new tool called licenserecon written by Peter Blackman, and I helped get licenserecon into Debian. The purpose of licenserecon is to reconcile licenses from debian/copyright against the output from licensecheck, a tool written by Jonas Smedegaard. Continue reading Validating debian/copyright: licenserecon→| Simon Josefsson's blog
The absolute number may not be impressive, but what I hope is at least a useful contribution is that there actually is a number on how much of Trisquel is reproducible. Hopefully this will inspire others to help improve the actual metric.| Simon Josefsson's blog
The Guile bindings for GnuTLS has been part of GnuTLS since spring 2007 when Ludovic Courtès contributed it after some initial discussion. I have been looking into getting back to do GnuTLS coding, and during a recent GnuTLS meeting one Continue reading On language bindings & Relaunching Guile-GnuTLS→| Simon Josefsson's blog
In my last post, I talked about the benefits of an opinionated platform. An opinionated platform allows your engineers to focus on things that matter to your business, such as shipping and improvin…| Brave New Geek
GitLab Container Registry allows developers to manage container images per project via one or more Container Repositories. As storage size increase, so will cost 💸 and you'll want to cleanup your Container Repositories. Easier said than done, here's a story of how it went with our on-prem GitLab instance. Automated cleanup policy will be enough......|
When you talk to a doctor about a medical issue they will often present you with all of the options but shy away from providing an unambiguous recommendation. When you talk to a lawyer about a lega…| Brave New Geek
You’ve changed renovate.json, but of course you want to test the change before merging. There doesn’t seem to be a simple guide to this, so here’s what I’ve cobbled together.| Paperless
GitLab Agent for Kubernetes is an integration for the GitLab CI/CD pipeline that provides kubectl access from pipeline jobs, allowing Continuous Deployment into a live Kubernetes Cluster. However, the default role for this Agent is cluster-admin when doing a basic Helm install, which is far too permissive and needs to be scoped down to only ... GitLab: least privilege for Kube-API calls from GitLab Agent for Kubernetes| Fabian Lee : Software Engineer
GitLab pipelines are frequently used for the building of binaries and publishing of images to container registries, but do not always follow through with Continuous Deployment to a live environment. One reason is that pipelines do not usually have access to the internal systems where these applications are meant to be deployed. In this article, ... GitLab: Continuous Deployment with Agent for Kubernetes and GitLab pipeline| Fabian Lee : Software Engineer
The globally shared set of GitLab runners for CI/CD jobs works well for building binaries, publishing images, and reaching out to publicly available endpoints for services and infrastructure building. But the ability to run a private, self-managed runner can grant pipelines entirely new levels of functionality on several fronts: Can communicate openly to private, internal ... GitLab: self-managed runner for CI/CD jobs on GCP VM instances| Fabian Lee : Software Engineer
If you have a previous investment in Ansible Configuration Management for command line automation, you may now want to invoke that same logic from a GitLab CI/CD pipeline. The cleanest way to provide Ansible to a pipeline job is to create a custom Docker image that contains all the Ansible binaries and required Galaxy modules. ... GitLab: invoking Ansible from a GitLab pipeline job| Fabian Lee : Software Engineer
When a GitLab CI/CD pipeline needs to persist job output or a rendered report, it will typically save it as an artifact on the job, or perhaps write it to an external storage service or as a GitLab Release archive. But it is also capable of pushing this file to its own git repository, stored ... GitLab: add files to source repository as part of GitLab pipeline| Fabian Lee : Software Engineer
The Gitlab documentation shows how to use a ‘dotenv’ artifact to pass values from one job to another in a CI/CD pipeline. In this article, I want to show an example of this method, but also another method using a custom artifact. dotenv artifact for passing variable between jobs Here is how a variable set ... GitLab: passing values between two jobs in pipeline| fabianlee.org
GitLab CI/CD pipelines can be used to automatically build and push Docker images to the GitLab Container Registry. Beyond building a simple image, in this article I will show how to define a workflow that builds and pushes a multi-platform image (amd64,arm64,arm32) with manifest index to the GitLab Container Registry. This is enabled by using ... GitLab: automated build and publish of multi-platform container image with GitLab pipeline| fabianlee.org
If you are within the context of a CI/CD tool, you may run into the scenario where a newly applied git tag has initiated a pipeline action. Depending on the tool, the pipeline will provide you with either a SHA of the last commit and/or the tag name – but not the branch where the ... Git: find branch name of newly applied tag| fabianlee.org
The forked workflow is popularized by the Open Source community where your personal contributions are made by having your own personal fork of a repository and pushing a GitLab Merge Request to a central repository. A GitLab Merge Request can be submitted from the web UI by clicking on “Merge requests” and manually selecting the ... GitLab: generating URL that can be used for Merge Request from fork to upstream| Fabian Lee : Software Engineer
In a previous post, I explained the fundamental competing priorities that companies have when building software: security and governance, maintainability, and speed to production. These three conce…| Brave New Geek
It’s taken about-a-million tiny steps, but as of this moment (2 May, 2024 07:42 UTC-6) this WordPress blog (jjj.blog) and a bunch of other blogs for friends & family are all calling from inside the house running on a cluster of Raspberry Pi 4’s in a server rack in my basement.| JJJ's Blog
После устройства на новое место работы мне был выдан корпоративный email и доступы в закрытый репозиторий компании, который, само собой, не совпадает с вашим личным| Злой полицейский
Real Kinetic helps businesses transform how they build and deliver software in the cloud. This encompasses legacy migrations, app modernization, and greenfield development. We work with companies r…| Brave New Geek
I have been toying with the idea to use hugo as my static web site generator for few weeks now. And then the news of its version 0.17 release are announced, and hugo shows up on Hacker News once again.| A Scripter's Notes
tl;dr Flake8 development has moved to GitLab and has a mirror on GitHub. Please send all further bug reports and pull requests to the GitLab repository. Changing to Git Recently I started a discussion on the code quality mailing list about moving Flake8 from Mercurial to Git and to …| cat /dev/brain
Days after releasing a major update, GitLab rolled out another emergency update addressing a serious vulnerability affecting workspace creation. The service urged all users to update to the latest releases at the earliest, assuring that| Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Test...
We recently migrated from a self-managed Gitlab instance to gitlab.com. The system administrator of the self-managed Gitlab instance said this would simply entail a git pull && git push and that the migration will be done quickly. Depending on your usage of Gitlab, this is either a naïve oversimplification or straight forward dangerous. The truth is more nuanced and entails quite a bit more work. Since the migration took us a couple of full working days and we wrote some reusable checklists ...| 200ok - Accelerating Publishing
In which I explain how to build and publish your library’s API reference on GitLab| halting problem
What is docker machine?| Vin01’s Blog
What is docker machine?| Vin01’s Blog
Meet Gitlab CI Lint API| Vin01’s Blog
While at GUADEC I finished a small script which uses the GitLab API to estimate the resource use of a project on GitLab. It looks at the CI pipeline job durations and artifact storage for the proje…| Philip Withnall
And if all the people go to GibtLab now, just out of protest, is that a clone war?| De Amentiae Mundi
version: '3.5' services: gitlab: image: gitlab/gitlab-ce:latest hostname: www.jamescoyle.net restart: unless-stopped environment: GITLAB_OMNIBUS_CONFIG: | gitlab_rails['gitlab_shell_ssh_port'] = 8822 ports: - "8000:80" - "8822:22" volumes: - ./config/gitlab:/etc/gitlab - ./data/gitlab:/var/opt/gitlab - ./logs:/var/log/gitlab networks: - gitlab gitlab-runner: image: gitlab/gitlab-runner:alpine restart: unless-stopped depends_on: - gitlab volumes: - ./config/gitlab-runner:/etc/gitlab-runner - /...| JamesCoyle.net
Configurer GitLab sur un sous-domaine NGinx : Installer Gitlab c'est extrêmement simple, le configurer sur un sous-domaine sans mixed content un peu moins.| Noobunbox
Hey there, good morning. Sit yourself down, and enjoy some :coffee:.Recently, I’ve worked heavily on GitLab CI/CD pipelines. In my line of work, these pipelines mustincorporate security requirements, such as Static Application Security Testing (SAST), DynamicApplication Security Testing (DAST), C...| codingindex.xyz
(Spoiler) In short, it appears that you currently can't use OpenShift Online as a Kubernetes cluster for gitlab.com. I'd be happy to find out I'm...| stumbles.id.au
