{"id":18623606,"url":"https://github.com/codica2/gitlab-ci-configuration","last_synced_at":"2025-08-12T22:39:45.914Z","repository":{"id":63153492,"uuid":"180936899","full_name":"codica2/gitlab-ci-configuration","owner":"codica2","description":"Example of configuration Gitlab CI for Rails Application","archived":false,"fork":false,"pushed_at":"2022-11-13T23:09:37.000Z","size":1233,"stargazers_count":14,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-06-04T12:55:16.587Z","etag":null,"topics":["ci","gitlab-ci","rails"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/codica2.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-04-12T05:32:14.000Z","updated_at":"2025-03-10T22:30:17.000Z","dependencies_parsed_at":"2022-11-14T00:52:23.801Z","dependency_job_id":null,"html_url":"https://github.com/codica2/gitlab-ci-configuration","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/codica2/gitlab-ci-configuration","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codica2%2Fgitlab-ci-configuration","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codica2%2Fgitlab-ci-configuration/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codica2%2Fgitlab-ci-configuration/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codica2%2Fgitlab-ci-configuration/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/codica2","download_url":"https://codeload.github.com/codica2/gitlab-ci-configuration/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codica2%2Fgitlab-ci-configuration/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270148415,"owners_count":24535700,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-12T02:00:09.011Z","response_time":80,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ci","gitlab-ci","rails"],"created_at":"2024-11-07T04:25:19.164Z","updated_at":"2025-08-12T22:39:45.852Z","avatar_url":"https://github.com/codica2.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003eGitLab CI for Rails \u003c/h1\u003e\n\n![](gitlab.jpg)\n\nGitLab CI/CD is GitLab’s built-in tool for software development using continuous methodology:\n\nContinuous integration (CI).\nContinuous delivery and deployment (CD).\n\n[Gitlab Documentation](https://docs.gitlab.com/ee/ci)\n\n## Configure the project\n\nGitLab CI/CD pipelines are configured using a YAML file called .gitlab-ci.yml within each project. The .gitlab-ci.yml file defines the structure and order of the pipelines and determines:\nThis is what the .gitlab-ci.yml file looks like for this project:\n\n### Creating a .gitlab-ci.yml file\n\nThe .gitlab-ci.yml file is where you configure what CI does with your project. It lives in the root of your repository.\n\nOn any push to your repository, GitLab will look for the .gitlab-ci.yml file and start jobs on Runners according to the contents of the file, for that commit.\n\n```yaml\n\n\nstages:\n  - build \n  # running build \n  - linters\n  # running code quality tools (rubocop, brakeman)\n  - tests\n  # running tests\n  - scanners \n  # image and application scanning\n  - deploy\n  # application deployment\n\n# All variables you will set up in your repo settings (Settings-\u003eCI/CD-\u003eVariables)\nvariables:\n  RAILS_MASTER_KEY: $RAILS_MASTER_KEY\n  AWS_REGISTRY_URL: $AWS_REGISTRY_URL\n  AWS_REGION: $AWS_REGION\n  REGISTRY_IMAGE: $AWS_REGISTRY_URL:$CI_COMMIT_REF_SLUG\n  REGISTRY_IMAGE_PRODUCTION: $AWS_REGISTRY_URL_PRODUCTION:$CI_COMMIT_REF_SLUG\n  ECS_CLUSTER_STAGING: $ECS_CLUSTER_STAGING\n  ECS_CLUSTER_PRODUCTION: $ECS_CLUSTER_PRODUCTION\n  ECS_SERVICE_STAGING: $ECS_SERVICE_STAGING\n  GITLEAKS_CONFIG: gitleaks.toml\n  DOCKER_DRIVER: overlay2\n  SENTRY_AUTH_TOKEN: $SENTRY_AUTH_TOKEN\n  SENTRY_ORG: $SENTRY_ORG\n  SENTRY_PROJECT: $SENTRY_PROJECT\n\n\n# Perform private ECR registry authentication\n.registry_auth: \u0026registry_auth\n  image: public.ecr.aws/o0j8c5i3/codica:registry-auth-leaks\n  before_script:\n    - aws ecr get-login-password --region $AWS_REGION | docker login -u AWS --password-stdin $AWS_REGISTRY_URL\n\n\n# Rubocop linter\nrubocop:\n  stage: linters\n  needs: [Build]\n  image: $REGISTRY_IMAGE_ID\n  except:\n    - master\n  script:\n    - bundle exec rubocop\n\n\n# Brakeman linter\nbrakeman:\n  stage: linters\n  needs: [Build]\n  image: $REGISTRY_IMAGE_ID\n  except:\n    - master\n  script:\n    - brakeman\n  \n\n# Bundle audit\nbundle_audit:\n  stage: linters\n  needs: [Build]\n  image: $REGISTRY_IMAGE_ID\n  except:\n    - master\n  script:\n    - bundle exec bundle-audit\n\n\n# Trivy to scan image vulnerabilities\nTrivy:\n  stage: linters\n  allow_failure: true\n  image:\n    name: aquasec/trivy:0.31.3\n    entrypoint: [\"\"]\n  needs: [Build]\n  except:\n    - main\n  script:\n    - trivy image --security-checks vuln $REGISTRY_IMAGE_ID\n\n\n# Gitleaks to detect credentials leak\nGitleaks:\n  \u003c\u003c: *registry_auth\n  stage: linters\n  allow_failure: true\n  needs: []\n  except:\n    - main\n    - master\n  script:\n    - gitleaks detect --verbose --no-git | jq -r '[\"Description:\", .Description], [\"File:\", .File], [\"Line:\", .StartLine, \"Column:\", .StartColumn, \"--------------\"]' | tr -d '[],\"\"'\n\n\n# Hadolint to check dockerfiles syntax\nHadolint:\n  needs: []\n  image: hadolint/hadolint:latest-debian\n  stage: scanners\n  allow_failure: false\n  script:\n    - hadolint Dockerfile\n    - hadolint Dockerfile.dev\n  rules: \n    - if: '$CI_PIPELINE_SOURCE == \"merge_request_event\"'\n      when: never\n    - changes: \n        - Dockerfile*\n\n\n# Yamllint to check yaml files syntax\nYamllint:\n  needs: []\n  image:\n    name: public.ecr.aws/**/codica:yamllint\n    entrypoint: [\"\"]\n  stage: scanners\n  allow_failure: false\n  script:\n    - rm -rf spec\n    - yamllint .\n  rules:\n    - if: '$CI_PIPELINE_SOURCE == \"merge_request_event\"'\n      when: never\n    - changes:\n        - \"**/*.yml\"\n        - \"**/*.yaml\"\n\n\n# Rspec tests\nrspec:\n  stage: tests\n  image: $REGISTRY_IMAGE\n  needs: [Build | Staging]\n  variables:\n    DB_HOST: postgres\n    DB_USERNAME: postgres\n    DB_PASSWORD: $DB_PASSWORD\n    DB_PORT: 5432\n    REDIS_URL: \"redis://redis:6379\"\n  script:\n    - bundle exec rails db:migrate RAILS_ENV=test\n    - bundle exec rspec\n  except:\n    - master\n\n\n# We use Kaniko as main image builder\nBuild:\n  stage: build\n  image:\n    name: gcr.io/kaniko-project/executor:debug\n    entrypoint: [\"\"]\n  except: \n    - master\n  before_script: \n    - mkdir -p /kaniko/.docker\n    - echo \"{\\\"credHelpers\\\":{\\\"$AWS_REGISTRY_URL\\\":\\\"ecr-login\\\"}}\" \u003e /kaniko/.docker/config.json\n  script:\n    - /kaniko/executor --destination \"${REGISTRY_IMAGE}\"  \n       --build-arg RAILS_MASTER_KEY=${RAILS_MASTER_KEY}  # if we need to use RAILS_MASTER_KEY to build our app\n       --context \"${CI_PROJECT_DIR}\"\n       --dockerfile \"${CI_PROJECT_DIR}/Dockerfile\"\n\n\n# Deploy application to staging or production environment \nDeploy:\n  stage: deploy\n  variables:\n    ASG_NAME: $ASG_STAGE\n    CLUSTER_NAME: $ECS_CLUSTER_STAGING\n    SERVICE_NAME: $SERVICE_STAGING\n    AWS_REGION: $AWS_REGION\n    REGISTRY_IMAGE: $REGISTRY_IMAGE_ID\n  only:\n    - develop\n  \u003c\u003c: *registry_auth\n  script:\n    - aws ecs update-service --cluster $ECS_CLUSTER_STAGING --service $ECS_SERVICE_STAGING --force-new-deployment\n    # We use sentry to push our release to our sentry account\n    - VERSION=$(sentry-cli releases propose-version) \u0026\u0026 sentry-cli releases -o $SENTRY_ORG new -p $SENTRY_PROJECT $VERSION\n    - sentry-cli releases -o $SENTRY_ORG -p $SENTRY_PROJECT --auth-token $SENTRY_AUTH_TOKEN set-commits --auto $VERSION\n  environment:\n    name: Staging\n```\n\n### Push .gitlab-ci.yml to GitLab\n\nOnce you’ve created .gitlab-ci.yml, you should add it to your Git repository and push it to GitLab.\n\n```\ngit add .gitlab-ci.yml\ngit commit -m \"Add .gitlab-ci.yml\"\ngit push origin master\n```\n\n### Configuring a Runner\n\nIn GitLab, Runners run the jobs that you define in .gitlab-ci.yml. A Runner can be a virtual machine, a VPS, a bare-metal machine, a docker container or even a cluster of containers. GitLab and the Runners communicate through an API, so the only requirement is that the Runner’s machine has network access to the GitLab server.\n\nA Runner can be specific to a certain project or serve multiple projects in GitLab. If it serves all projects it’s called a Shared Runner.\n\nFind more information about different [Runners](https://docs.gitlab.com/ee/ci/runners/README.html) in the Runners documentation.\n\n## Regular pipeline graphs\n\nRegular pipeline graphs show the names of the jobs of each stage. Regular pipeline graphs can be found when you are on a single pipeline page. For example:\n![pipline](gitlab-ci1.png)\n\n## Status of your pipeline and jobs\n\nAfter configuring the Runner successfully, you should see the status of your last commit change from pending to either running, success or failed.\n\n![status](job-status1.png)\n\nBy clicking on a job’s status, you will be able to see the log of that job. This is important to diagnose why a job failed or acted differently than you expected.\n\n![error-log](job-log.png)\n\n## Examples\n\nVisit the [examples README](https://docs.gitlab.com/ee/ci/examples/README.html) to see a list of examples using GitLab CI with various languages.\n\n## License\n\nCopyright © 2015-2022 Codica. It is released under the [MIT License](https://opensource.org/licenses/MIT).\n\n## About Codica\n\n[![Codica logo](https://www.codica.com/assets/images/logo/logo.svg)](https://www.codica.com)\n\nThe names and logos for Codica are trademarks of Codica.\n\nWe love open source software! See [our other projects](https://github.com/codica2) or [hire us](https://www.codica.com/) to design, develop, and grow your product.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodica2%2Fgitlab-ci-configuration","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcodica2%2Fgitlab-ci-configuration","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodica2%2Fgitlab-ci-configuration/lists"}