CI / CD
Don't reinvent the wheel: powerful CI/CD with muppy
Classic CI/CD
Design
- Define Pipelines, Stages, Jobs
Setup
- Provision servers ( CI/CD and Workers, Runners)
Development
- Code all scripts
- Training in all analysis tools and their implementation
- Create all deployment packages and scripts
CI/CD operation
- Developers need to go into each of the analysis tools to understand the analysis results
- Deployments are managed by various tools (e.g. ArgoCD)
Gitlab Auto DevOps + Muppy
Gitlab Auto DevOps + Muppy
Design
- Select the parts of Pipelines to be deactivated
Setup
- Activate Auto DevOps in 3 clicks
Development
- Add a gitlab-ci.yaml file to the root of each repo if you need to customize it.
CI/CD operation
- All results are fed back into Gitlab and can be used as logs (free version) or via a GUI (for paid versions).
- Deployments (test/review) are triggered by the Gitlab pipeline and managed by Muppy.
Beyond the initial design and setup of the CI/CD, Gitlab makes it possible to avoid the cost of CI/CD maintenance (OS, tools and new practices).
- Auto Code Quality
- Code Climate: Code quality and performance analysis tool
- Auto SAST (Static Application Security Testing)
- Gitlab Advanced SAST: Source code analysis to identify potential security flaws and vulnerabilities
- Semgrep, bandit
- Auto Secret Detection
- Gitlab Secret Detection Docker image : Source code analysis to identify secrets or sensitive information (such as API keys, passwords or tokens) that may have been accidentally left in the code.
- Auto Dependency Scanning
- Gemnasium-python: Dependency analysis at source code level
- setuptools, pip, pipenv, poetry
- Auto Container Scanning
- Trivy: Analysis of docker images for dependencies, licenses, CVE, secrets, configuration bugs (Iac Issues)
- Trivy: Analysis of docker images for dependencies, licenses, CVE, secrets, configuration bugs (Iac Issues)
All these tests are performed automatically with each commit, providing the compliance and safety guarantees essential for audits.