<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Gitlab on Software Factory</title><link>/tags/gitlab/</link><description>Recent content in Gitlab on Software Factory</description><generator>Hugo</generator><language>en</language><atom:link href="/tags/gitlab/index.xml" rel="self" type="application/rss+xml"/><item><title>Source Code Management</title><link>/use/tools/gitlab/code/source-code/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/code/source-code/</guid><description>&lt;p&gt;&lt;img src="../../img/gitlab-scm-header.png" alt="SF GitLab SCM"&gt;&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;➡️ For detailed information about SCM Practices, refer to the section &lt;a href="/use/practices/code/scm/"&gt;SCM Practices&lt;/a&gt;
.&lt;/p&gt;
&lt;/blockquote&gt;
&lt;h2 id="organize-your-repositories"&gt;Organize your repositories&lt;a class="td-heading-self-link" href="#organize-your-repositories" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;h3 id="gitlab-group"&gt;GitLab Group&lt;a class="td-heading-self-link" href="#gitlab-group" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;p&gt;Groups in GitLab are used to manage multiple projects together that share a common purpose
or belong to the same team.&lt;/p&gt;
&lt;p&gt;They act as containers that can hold projects, other groups (subgroups), and members.&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Key Points:&lt;/strong&gt;&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Project Management: Groups allow you to manage permissions, settings
, and access controls across multiple projects.&lt;/li&gt;
&lt;li&gt;Collaboration: They facilitate collaboration by grouping related projects and team members together.&lt;/li&gt;
&lt;li&gt;Subgroups: Groups can have subgroups, allowing for a nested structure to represent
different departments or teams within an organization.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;For example, you might have a GitLab Group called &amp;ldquo;NextGen Radar&amp;rdquo; that contains separate projects
for the application frontend, backend, and content.&lt;/p&gt;</description></item><item><title>Plan</title><link>/use/tools/gitlab/plan/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/plan/</guid><description>&lt;p&gt;&lt;img src="../img/gitlab-plan-header.png" alt="GitLab plan"&gt;&lt;/p&gt;
&lt;p&gt;GitLab helps teams organize, plan, align and track project work to ensure teams are working
on the right things by maintaining end to end visibility and traceability
of issues throughout the delivery lifecycle.&lt;/p&gt;
&lt;p&gt;By using GitLab for the plan stage your, you use the same tool that developers use to create, test,
secure, and release the software making the whole process transparent and adding more collaboration.&lt;/p&gt;
&lt;p&gt;With GitLab Plan you can:&lt;/p&gt;</description></item><item><title>CI/CD</title><link>/use/tools/gitlab/build/gitlab-cicd/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/build/gitlab-cicd/</guid><description>&lt;p&gt;&lt;img src="../../img/gitlab-cicd-header.png" alt="GitLab CI/CD" title="gitlab-cicd"&gt;&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;GitLab CI/CD&lt;/strong&gt; is a robust suite of DevOps tools embedded within GitLab,
facilitating the automation of the entire software development lifecycle.&lt;/p&gt;
&lt;p&gt;It integrates seamlessly with GitLab repositories, offering a complete pipeline framework
to automate the processes of building, testing and deploying code.&lt;/p&gt;
&lt;h2 id="key-concepts-and-components"&gt;Key Concepts and Components&lt;a class="td-heading-self-link" href="#key-concepts-and-components" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;dl&gt;
&lt;dt id="pipelines"&gt;Pipelines&lt;/dt&gt;
&lt;dd&gt;Series of steps that execute in a defined order.
Each step performs a specific actions, such as building the code, running tests,
or deploying to an environment.
&lt;p&gt;Pipelines could be triggered by various events, such as pushes to the repository, merge requests,
or &lt;strong&gt;scheduled&lt;/strong&gt; intervals.
You can find a detailed explanation of &lt;a href="/use/practices/ci/continuous-integration/#pipeline"&gt;pipelines&lt;/a&gt;
.&lt;/p&gt;</description></item><item><title>Secure</title><link>/use/tools/gitlab/secure/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/secure/</guid><description>&lt;p&gt;&lt;img src="../img/gitlab-security-header.png" alt="GitLab secure"&gt;&lt;/p&gt;
&lt;p&gt;GitLab Ultimate embeds a suite of security scanners directly into your CI/CD pipelines.
They cover two complementary approaches: &lt;strong&gt;static analysis&lt;/strong&gt; (source code, dependencies, secrets)
and &lt;strong&gt;dynamic analysis&lt;/strong&gt; (running application).
All results are centralised in a single &lt;a href="/use/tools/gitlab/secure/vulnerability-report/"&gt;vulnerability report&lt;/a&gt;
 within GitLab.&lt;/p&gt;

 &lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition tip"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 512"&gt;&lt;path d="M272 384c9.6-31.9 29.5-59.1 49.2-86.2c0 0 0 0 0 0c5.2-7.1 10.4-14.2 15.4-21.4c19.8-28.5 31.4-63 31.4-100.3C368 78.8 289.2 0 192 0S16 78.8 16 176c0 37.3 11.6 71.9 31.4 100.3c5 7.2 10.2 14.3 15.4 21.4c0 0 0 0 0 0c19.8 27.1 39.7 54.4 49.2 86.2l160 0zM192 512c44.2 0 80-35.8 80-80l0-16-160 0 0 16c0 44.2 35.8 80 80 80zM112 176c0 8.8-7.2 16-16 16s-16-7.2-16-16c0-61.9 50.1-112 112-112c8.8 0 16 7.2 16 16s-7.2 16-16 16c-44.2 0-80 35.8-80 80z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Tip&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;Not familiar with the terminology?
See &lt;a href="/get-started/glossary/#security"&gt;SAST, DAST, SCA and other security terms&lt;/a&gt;
 in the glossary.&lt;/p&gt;</description></item><item><title>Analytics</title><link>/use/tools/gitlab/analytics/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/analytics/</guid><description>&lt;h2 id="devops-adoption-analytics"&gt;DevOps Adoption Analytics&lt;a class="td-heading-self-link" href="#devops-adoption-analytics" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;GitLab&amp;rsquo;s DevOps Adoption feature provides visibility into how your teams are using GitLab&amp;rsquo;s capabilities
on DevOps life cycle.&lt;/p&gt;
&lt;p&gt;This analytics tool helps leadership and DevOps coaches measure and identify opportunities for improvement.&lt;/p&gt;
&lt;h3 id="what-is-devops-adoption"&gt;What is DevOps Adoption?&lt;a class="td-heading-self-link" href="#what-is-devops-adoption" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;p&gt;DevOps Adoption is a built-in dashboard that tracks DevOps usage across your instance or groups and subgroups.&lt;/p&gt;
&lt;p&gt;It measures whether teams are actively using core GitLab features that represent DevOps best practices,
providing a clear picture of your organization&amp;rsquo;s DevOps maturity.&lt;/p&gt;</description></item><item><title>GitLab Kanban</title><link>/use/howto/plan/gitlab-kanban/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/plan/gitlab-kanban/</guid><description>&lt;blockquote&gt;
&lt;p&gt;Kanban is a scheduling system based on push (rather than pull from scrum). In this tutorial,
we will manage a simple Kanban board with 4 statuses as these are adequate for a demonstration&lt;/p&gt;
&lt;/blockquote&gt;
&lt;h2 id="create-new-subgroup-and-epics"&gt;Create new subgroup and epics&lt;a class="td-heading-self-link" href="#create-new-subgroup-and-epics" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;h3 id="create-a-subgroup--project"&gt;Create a subgroup / project&lt;a class="td-heading-self-link" href="#create-a-subgroup--project" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;ul&gt;
&lt;li&gt;Navigate to your group, and select &lt;code&gt;New subgroup&lt;/code&gt;in the top right for the page,&lt;/li&gt;
&lt;li&gt;Type a name for your subgroup and select &lt;code&gt;Create subgroup&lt;/code&gt;to create it.&lt;/li&gt;
&lt;li&gt;inside the newly created subgroup, select &lt;code&gt;New project&lt;/code&gt;at the top of the page,&lt;/li&gt;
&lt;li&gt;Give your project a Name and select &lt;code&gt;Create project&lt;/code&gt;.&lt;/li&gt;
&lt;/ul&gt;
&lt;h3 id="create-epics"&gt;Create epics&lt;a class="td-heading-self-link" href="#create-epics" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;ul&gt;
&lt;li&gt;Navigate to your subgroup, on open &lt;code&gt;Plan&lt;/code&gt;menu on left pane,&lt;/li&gt;
&lt;li&gt;Select &lt;code&gt;Epics&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;Select &lt;code&gt;New epic&lt;/code&gt;on the top right and type at least some content into the &lt;code&gt;Title&lt;/code&gt; field,
you can fill other field, but they are not mandatory&lt;/li&gt;
&lt;li&gt;Select &lt;code&gt;Create epic&lt;/code&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;blockquote&gt;
&lt;p&gt;For the purpose of this tutorial, you can create 2 others&lt;/p&gt;</description></item><item><title>Black Duck SCA</title><link>/use/howto/secure/blackduck-reports/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/secure/blackduck-reports/</guid><description>&lt;p&gt;This guide outlines practical, step-by-step instructions for integrating Black Duck SCA into your
workflow, from initial project setup to CI/CD integration, advanced manual operations, and local
IDE scanning.&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Prerequisites:&lt;/strong&gt; You must have Maintainer permissions for your GitLab repository and access to
the Black Duck server.&lt;/p&gt;
&lt;h2 id="how-to-prepare-your-black-duck-project"&gt;How to Prepare Your Black Duck Project&lt;a class="td-heading-self-link" href="#how-to-prepare-your-black-duck-project" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Before analyzing your source code, you must provision a project space.&lt;/p&gt;
&lt;ol&gt;
&lt;li&gt;Log in to your account on the Black Duck server.&lt;/li&gt;
&lt;li&gt;In the top-right corner of the dashboard, click &lt;strong&gt;+ Create Project&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;Enter your &lt;strong&gt;Project Name&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;Enter an initial &lt;strong&gt;Version Name&lt;/strong&gt; (e.g., &lt;code&gt;main&lt;/code&gt;, &lt;code&gt;v1.2.0&lt;/code&gt;).&lt;/li&gt;
&lt;li&gt;Fill out the desired fields (like Tier or Phase) and click
&lt;strong&gt;Save&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;Ensure your user account (or service account) has &lt;strong&gt;Project Code Scanner&lt;/strong&gt; permissions.&lt;/li&gt;
&lt;/ol&gt;
&lt;h2 id="how-to-generate-and-secure-an-authentication-token"&gt;How to Generate and Secure an Authentication Token&lt;a class="td-heading-self-link" href="#how-to-generate-and-secure-an-authentication-token" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Your tools need access to a token to communicate with the server. &lt;strong&gt;Never hardcode this token in
your source code.&lt;/strong&gt;&lt;/p&gt;</description></item><item><title>Dynamic Application Security Testing (DAST)</title><link>/use/tools/gitlab/secure/dast/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/secure/dast/</guid><description>&lt;div style="display: flex; align-items: flex-start; gap: 1.5rem; margin-bottom: 1rem; max-width: 80%;"&gt;
 &lt;img src="/logo/gitlab.svg" alt="GitLab logo"
 width="100"
 style="flex-shrink: 0;"&gt;
 &lt;div&gt;GitLab Ultimate uses the same open source tool [OWASP Zed Attack Proxy] for analysis as ZAP.
It&amp;rsquo;s already embedded in your engineering environment and results are directly published in the
&lt;a href="/use/tools/gitlab/secure/vulnerability-report/"&gt;vulnerability report&lt;/a&gt;
 within GitLab.&lt;/div&gt;
&lt;/div&gt;


 &lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition warning"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"&gt;&lt;path d="M256 32c14.2 0 27.3 7.5 34.5 19.8l216 368c7.3 12.4 7.3 27.7 .2 40.1S486.3 480 472 480L40 480c-14.3 0-27.6-7.7-34.7-20.1s-7-27.8 .2-40.1l216-368C228.7 39.5 241.8 32 256 32zm0 128c-13.3 0-24 10.7-24 24l0 112c0 13.3 10.7 24 24 24s24-10.7 24-24l0-112c0-13.3-10.7-24-24-24zm32 224a32 32 0 1 0 -64 0 32 32 0 1 0 64 0z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Always use a staging environment with fake data, not on a production environment.&lt;/span&gt;
 &lt;/div&gt;
 &lt;/div&gt;&lt;h2 id="how-does-dast-scanning-work"&gt;How does DAST Scanning Work?&lt;a class="td-heading-self-link" href="#how-does-dast-scanning-work" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;The two main modes available for DAST are:&lt;/p&gt;</description></item><item><title>Docker image pull</title><link>/use/howto/ci-cd/docker-pull-artifactory/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/ci-cd/docker-pull-artifactory/</guid><description>&lt;h2 id="pulling-docker-images-from-artifactory"&gt;Pulling Docker Images from Artifactory&lt;a class="td-heading-self-link" href="#pulling-docker-images-from-artifactory" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Docker Hub limits the number of Docker image pulls to 100 per 6 hours per IP address
for anonymous users.&lt;/p&gt;
&lt;p&gt;GitLab Instance Runners provided by the Software Factory use a single IP to pull images from Docker Hub.&lt;/p&gt;
&lt;p&gt;When the &lt;a href="https://docs.docker.com/docker-hub/usage/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;pull rate limit&lt;/a&gt;
 is reached, the following error message will appear:&lt;/p&gt;
&lt;div class="highlight"&gt;&lt;pre tabindex="0" class="chroma"&gt;&lt;code class="language-text" data-lang="text"&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;ERROR: Job failed:
&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;prepare environment: waiting for pod running: pulling image &amp;#34;image:tag&amp;#34;:
&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;image pull failed [...] 429 Too Many Requests - Server message: toomanyrequests: You have reached your pull rate limit.
&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;To be able to pull Docker images (&lt;code&gt;image:&lt;/code&gt; in &lt;em&gt;&lt;code&gt;.gitlab-ci.yml&lt;/code&gt;&lt;/em&gt;) from private registries
(for example from artifactory.thalesdigital.io), you need to set up the &lt;a href="https://docs.gitlab.com/ee/ci/variables/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;CICD GitLab variable&lt;/a&gt;
 &lt;code&gt;DOCKER_AUTH_CONFIG&lt;/code&gt;.&lt;/p&gt;</description></item><item><title>Documentation</title><link>/use/tools/gitlab/code/wiki-pages/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/code/wiki-pages/</guid><description>&lt;p&gt;&lt;img src="../../img/gitlab-wp-header.png" alt="GitLab secure"&gt;&lt;/p&gt;
&lt;h2 id="introduction"&gt;Introduction&lt;a class="td-heading-self-link" href="#introduction" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Good documentation is essential for projects to be successful. It allows team collaboration and
easy onboarding, and preserves valuable knowledge.&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;GitLab&lt;/strong&gt; offers a variety of powerful tools to help you document your project comprehensively.&lt;/p&gt;
&lt;p&gt;In this guide, we will explore the different options available for project documentation.&lt;/p&gt;
&lt;p&gt;By using these tools, you can create clear, accessible, and well-organized documentation.&lt;/p&gt;
&lt;h2 id="gitlab-wiki"&gt;GitLab Wiki&lt;a class="td-heading-self-link" href="#gitlab-wiki" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;&lt;a href="https://docs.gitlab.com/ee/user/project/wiki/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;GitLab Wiki&lt;/a&gt;
 is an integrated feature within GitLab projects providing a collaborative space
for teams to write, edit, and organize content.&lt;/p&gt;</description></item><item><title>GitLab</title><link>/use/tools/gitlab/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/</guid><description>&lt;div style="display: flex; align-items: flex-start; gap: 1.5rem; margin-bottom: 1rem; max-width: 80%;"&gt;
 &lt;img src="/logo/gitlab.svg" alt="GitLab"
 width="150"
 style="flex-shrink: 0;"&gt;
 &lt;div&gt;&lt;p&gt;This guide provides a concise overview of GitLab&amp;rsquo;s core features and commonly used functionalities.
It aims to familiarize you with the product and equip you with best practices to optimize your
development workflow.&lt;/p&gt;
&lt;p&gt;For detailed information and advanced features, refer to the official &lt;a href="https://docs.gitlab.com/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;GitLab
documentation&lt;/a&gt;
&lt;/p&gt;
&lt;/div&gt;
&lt;/div&gt;

&lt;div class="admonition info"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"&gt;&lt;path d="M256 512A256 256 0 1 0 256 0a256 256 0 1 0 0 512zM216 336l24 0 0-64-24 0c-13.3 0-24-10.7-24-24s10.7-24 24-24l48 0c13.3 0 24 10.7 24 24l0 88 8 0c13.3 0 24 10.7 24 24s-10.7 24-24 24l-80 0c-13.3 0-24-10.7-24-24s10.7-24 24-24zm40-208a32 32 0 1 1 0 64 32 32 0 1 1 0-64z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Info&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;This page describes the tool independently of any platform-specific details.
For the service URL and other platform-specific configuration,
please refer to your &lt;a href="/get-started/platforms/"&gt;platform&amp;rsquo;s dedicated page&lt;/a&gt;
.&lt;/p&gt;</description></item><item><title>GitLab Advanced Search</title><link>/operate/tools/gitlab/advanced-search/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/operate/tools/gitlab/advanced-search/</guid><description>&lt;h2 id="overview"&gt;Overview&lt;a class="td-heading-self-link" href="#overview" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;This page explains how to enable advanced search.
Once activated, advanced search offers faster results
and enhanced search capabilities.&lt;/p&gt;

 &lt;div class="admonition warning"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"&gt;&lt;path d="M256 32c14.2 0 27.3 7.5 34.5 19.8l216 368c7.3 12.4 7.3 27.7 .2 40.1S486.3 480 472 480L40 480c-14.3 0-27.6-7.7-34.7-20.1s-7-27.8 .2-40.1l216-368C228.7 39.5 241.8 32 256 32zm0 128c-13.3 0-24 10.7-24 24l0 112c0 13.3 10.7 24 24 24s24-10.7 24-24l0-112c0-13.3-10.7-24-24-24zm32 224a32 32 0 1 0 -64 0 32 32 0 1 0 64 0z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Warning&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;Prior to enabling this feature, please be aware that Elasticsearch require more
resources than &lt;a href="https://docs.gitlab.com/install/requirements/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;GitLab installation requirements&lt;/a&gt;

and review the official &lt;a href="https://docs.gitlab.com/integration/advanced_search/elasticsearch/#system-requirements" class="external-link" target="_blank" rel="noopener noreferrer"&gt;GitLab system requirements for Elasticsearch&lt;/a&gt;
 thoroughly.&lt;/p&gt;</description></item><item><title>How to Enable GitLab Container Scanning</title><link>/use/howto/secure/gitlab-container-scanning/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/secure/gitlab-container-scanning/</guid><description>&lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition note"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"&gt;&lt;path d="M0 64C0 28.7 28.7 0 64 0L224 0l0 128c0 17.7 14.3 32 32 32l128 0 0 125.7-86.8 86.8c-10.3 10.3-17.5 23.1-21 37.2l-18.7 74.9c-2.3 9.2-1.8 18.8 1.3 27.5L64 512c-35.3 0-64-28.7-64-64L0 64zm384 64l-128 0L256 0 384 128zM549.8 235.7l14.4 14.4c15.6 15.6 15.6 40.9 0 56.6l-29.4 29.4-71-71 29.4-29.4c15.6-15.6 40.9-15.6 56.6 0zM311.9 417L441.1 287.8l71 71L382.9 487.9c-4.1 4.1-9.2 7-14.9 8.4l-60.1 15c-5.5 1.4-11.2-.2-15.2-4.2s-5.6-9.7-4.2-15.2l15-60.1c1.4-5.6 4.3-10.8 8.4-14.9z"/&gt;&lt;/svg&gt;
 &lt;span&gt;For more information, see &lt;a href="/use/practices/secure/software-composition-analysis/"&gt;SCA practice&lt;/a&gt;&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;.&lt;/p&gt;
 &lt;/div&gt;
 &lt;/div&gt;&lt;h2 id="configure-your-pipeline"&gt;Configure your pipeline&lt;a class="td-heading-self-link" href="#configure-your-pipeline" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Add the following to your &lt;code&gt;.gitlab-ci.yml&lt;/code&gt; and push to your repository:&lt;/p&gt;</description></item><item><title>How to Enable GitLab DAST</title><link>/use/howto/secure/gitlab-dast/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/secure/gitlab-dast/</guid><description>&lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition note"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"&gt;&lt;path d="M0 64C0 28.7 28.7 0 64 0L224 0l0 128c0 17.7 14.3 32 32 32l128 0 0 125.7-86.8 86.8c-10.3 10.3-17.5 23.1-21 37.2l-18.7 74.9c-2.3 9.2-1.8 18.8 1.3 27.5L64 512c-35.3 0-64-28.7-64-64L0 64zm384 64l-128 0L256 0 384 128zM549.8 235.7l14.4 14.4c15.6 15.6 15.6 40.9 0 56.6l-29.4 29.4-71-71 29.4-29.4c15.6-15.6 40.9-15.6 56.6 0zM311.9 417L441.1 287.8l71 71L382.9 487.9c-4.1 4.1-9.2 7-14.9 8.4l-60.1 15c-5.5 1.4-11.2-.2-15.2-4.2s-5.6-9.7-4.2-15.2l15-60.1c1.4-5.6 4.3-10.8 8.4-14.9z"/&gt;&lt;/svg&gt;
 &lt;span&gt;For more information, see &lt;a href="/use/practices/secure/dynamic-application-security-testing/"&gt;DAST practice&lt;/a&gt;&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;.&lt;/p&gt;
 &lt;/div&gt;
 &lt;/div&gt;&lt;h2 id="configure-your-pipeline"&gt;Configure your pipeline&lt;a class="td-heading-self-link" href="#configure-your-pipeline" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;

 &lt;div class="admonition important"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"&gt;&lt;path d="M256 512A256 256 0 1 0 256 0a256 256 0 1 0 0 512zm0-384c13.3 0 24 10.7 24 24l0 112c0 13.3-10.7 24-24 24s-24-10.7-24-24l0-112c0-13.3 10.7-24 24-24zM224 352a32 32 0 1 1 64 0 32 32 0 1 1 -64 0z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Important&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;DAST requires a running web application accessible from the GitLab Runner,
not just your local machine.&lt;/p&gt;</description></item><item><title>How to Enable GitLab Dependency Scanning</title><link>/use/howto/secure/gitlab-dependency-scanning/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/secure/gitlab-dependency-scanning/</guid><description>&lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition note"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"&gt;&lt;path d="M0 64C0 28.7 28.7 0 64 0L224 0l0 128c0 17.7 14.3 32 32 32l128 0 0 125.7-86.8 86.8c-10.3 10.3-17.5 23.1-21 37.2l-18.7 74.9c-2.3 9.2-1.8 18.8 1.3 27.5L64 512c-35.3 0-64-28.7-64-64L0 64zm384 64l-128 0L256 0 384 128zM549.8 235.7l14.4 14.4c15.6 15.6 15.6 40.9 0 56.6l-29.4 29.4-71-71 29.4-29.4c15.6-15.6 40.9-15.6 56.6 0zM311.9 417L441.1 287.8l71 71L382.9 487.9c-4.1 4.1-9.2 7-14.9 8.4l-60.1 15c-5.5 1.4-11.2-.2-15.2-4.2s-5.6-9.7-4.2-15.2l15-60.1c1.4-5.6 4.3-10.8 8.4-14.9z"/&gt;&lt;/svg&gt;
 &lt;span&gt;For more information, see &lt;a href="/use/practices/secure/software-composition-analysis/"&gt;SCA practice&lt;/a&gt;&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;.&lt;/p&gt;
 &lt;/div&gt;
 &lt;/div&gt;&lt;h2 id="add-to-your-pipeline"&gt;Add to your pipeline&lt;a class="td-heading-self-link" href="#add-to-your-pipeline" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Add the following to your &lt;code&gt;.gitlab-ci.yml&lt;/code&gt; and push to your repository:&lt;/p&gt;</description></item><item><title>GitLab Documentation</title><link>/use/howto/code/gitlab-as-documentation/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/code/gitlab-as-documentation/</guid><description>&lt;h2 id="automated-documentation-with-sphinx"&gt;Automated Documentation with Sphinx&lt;a class="td-heading-self-link" href="#automated-documentation-with-sphinx" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;ol&gt;
&lt;li&gt;
&lt;p&gt;Create a &lt;code&gt;.gitlab-ci.yml&lt;/code&gt; file if it does not already exist.&lt;/p&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;Add a job for generating documentation. For example:&lt;/p&gt;
&lt;div class="highlight"&gt;&lt;pre tabindex="0" class="chroma"&gt;&lt;code class="language-yaml" data-lang="yaml"&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="nt"&gt;stages&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;- &lt;span class="l"&gt;build&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;- &lt;span class="l"&gt;docs&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="nt"&gt;generate_docs&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;stage&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="l"&gt;docs&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;image&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="l"&gt;sphinxdoc/sphinx&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;script&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;- &lt;span class="l"&gt;sphinx-build -b html source/ build/html&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;artifacts&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;paths&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;- &lt;span class="l"&gt;build/html&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;Configure your pipeline to trigger the documentation generation job on relevant events, such as
merging to the &lt;code&gt;main&lt;/code&gt; branch or tagging a release.&lt;/p&gt;</description></item><item><title>GitLab Merge Request</title><link>/use/howto/code/gitlab-merge-request/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/code/gitlab-merge-request/</guid><description>&lt;h2 id="approval-rules"&gt;Approval rules&lt;a class="td-heading-self-link" href="#approval-rules" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Create a list of users who act as code owners for specific files and require their approval
before merging work.&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;In the root of your repository, create (if not exist) a new directory &lt;code&gt;.gitlab/&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;Create a file &lt;code&gt;CODEOWNERS&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;set the rules based on this exemple :&lt;/li&gt;
&lt;/ul&gt;
&lt;div class="highlight"&gt;&lt;pre tabindex="0" class="chroma"&gt;&lt;code class="language-yaml" data-lang="yaml"&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="c"&gt;## Code Owners for a file&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="l"&gt;filename-path @username1 @username2&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="c"&gt;## Code Owners for a directory&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="l"&gt;directory-path/ @username1 @username2&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="c"&gt;## All group members as Code Owners for a file&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="l"&gt;filename @groupname&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;h2 id="merge-checks"&gt;Merge Checks&lt;a class="td-heading-self-link" href="#merge-checks" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;To configure checks behavior :&lt;/p&gt;</description></item><item><title>GitLab mirroring</title><link>/use/howto/configure/gitlab-pull-mirror/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/configure/gitlab-pull-mirror/</guid><description>&lt;h2 id="overview"&gt;Overview&lt;a class="td-heading-self-link" href="#overview" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;A pull mirror in GitLab allows you to keep a GitLab repository synchronized with a remote repository
by regularly pulling in changes from the source. This is useful for keeping a copy of an external
project updated within your GitLab instance, or for backing up your own repositories to a separate location.&lt;/p&gt;
&lt;p&gt;For detailed information, refer to the official &lt;a href="https://docs.gitlab.com/ee/user/project/repository/mirror/pull.html" class="external-link" target="_blank" rel="noopener noreferrer"&gt;GitLab Mirror Pull&lt;/a&gt;
.&lt;/p&gt;
&lt;h2 id="how-to-set-up-a-pull-mirror"&gt;How to set up a pull mirror&lt;a class="td-heading-self-link" href="#how-to-set-up-a-pull-mirror" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;h3 id="accessing-mirror-settings"&gt;Accessing Mirror Settings&lt;a class="td-heading-self-link" href="#accessing-mirror-settings" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;p&gt;You can configure a pull mirror in two ways:&lt;/p&gt;</description></item><item><title>GitLab repo. clean</title><link>/use/howto/ci-cd/gitlab-clean-repositories/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/ci-cd/gitlab-clean-repositories/</guid><description>&lt;p&gt;This guide will help you check your storage consumption in GitLab,
explaining different elements that contribute to storage usage.&lt;/p&gt;
&lt;h2 id="check-storage-consumption-in-gitlab"&gt;Check Storage Consumption in GitLab&lt;a class="td-heading-self-link" href="#check-storage-consumption-in-gitlab" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;This guide will help you check your storage consumption in GitLab, explaining different elements
that contribute to storage usage.&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;1. Access Project Settings:&lt;/strong&gt;&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Navigate to your GitLab project.&lt;/li&gt;
&lt;li&gt;On the right of the page, you can find &lt;code&gt;project information&lt;/code&gt;, with the storage overview&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;&lt;img src="/use/howto/ci-cd/gitlab-clean-repositories/img/gitlab-project-info.png" alt="“storage info”"&gt;&lt;/p&gt;</description></item><item><title>How to Enable GitLab SAST</title><link>/use/howto/secure/gitlab-sast/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/secure/gitlab-sast/</guid><description>&lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition note"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"&gt;&lt;path d="M0 64C0 28.7 28.7 0 64 0L224 0l0 128c0 17.7 14.3 32 32 32l128 0 0 125.7-86.8 86.8c-10.3 10.3-17.5 23.1-21 37.2l-18.7 74.9c-2.3 9.2-1.8 18.8 1.3 27.5L64 512c-35.3 0-64-28.7-64-64L0 64zm384 64l-128 0L256 0 384 128zM549.8 235.7l14.4 14.4c15.6 15.6 15.6 40.9 0 56.6l-29.4 29.4-71-71 29.4-29.4c15.6-15.6 40.9-15.6 56.6 0zM311.9 417L441.1 287.8l71 71L382.9 487.9c-4.1 4.1-9.2 7-14.9 8.4l-60.1 15c-5.5 1.4-11.2-.2-15.2-4.2s-5.6-9.7-4.2-15.2l15-60.1c1.4-5.6 4.3-10.8 8.4-14.9z"/&gt;&lt;/svg&gt;
 &lt;span&gt;For more information, see &lt;a href="/use/practices/secure/static-application-security-testing/"&gt;SAST practice&lt;/a&gt;&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;.&lt;/p&gt;
 &lt;/div&gt;
 &lt;/div&gt;&lt;h2 id="configure-your-pipeline"&gt;Configure your pipeline&lt;a class="td-heading-self-link" href="#configure-your-pipeline" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Add the following to your &lt;code&gt;.gitlab-ci.yml&lt;/code&gt; and push to your repository:&lt;/p&gt;</description></item><item><title>How to Enable GitLab Secret Detection</title><link>/use/howto/secure/gitlab-secret-detection/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/secure/gitlab-secret-detection/</guid><description>&lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition note"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"&gt;&lt;path d="M0 64C0 28.7 28.7 0 64 0L224 0l0 128c0 17.7 14.3 32 32 32l128 0 0 125.7-86.8 86.8c-10.3 10.3-17.5 23.1-21 37.2l-18.7 74.9c-2.3 9.2-1.8 18.8 1.3 27.5L64 512c-35.3 0-64-28.7-64-64L0 64zm384 64l-128 0L256 0 384 128zM549.8 235.7l14.4 14.4c15.6 15.6 15.6 40.9 0 56.6l-29.4 29.4-71-71 29.4-29.4c15.6-15.6 40.9-15.6 56.6 0zM311.9 417L441.1 287.8l71 71L382.9 487.9c-4.1 4.1-9.2 7-14.9 8.4l-60.1 15c-5.5 1.4-11.2-.2-15.2-4.2s-5.6-9.7-4.2-15.2l15-60.1c1.4-5.6 4.3-10.8 8.4-14.9z"/&gt;&lt;/svg&gt;
 &lt;span&gt;For more information, see &lt;a href="/use/practices/secure/secret-detection/"&gt;Secret Detection practice&lt;/a&gt;&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;.&lt;/p&gt;
 &lt;/div&gt;
 &lt;/div&gt;&lt;h2 id="configure-your-pipeline"&gt;Configure your pipeline&lt;a class="td-heading-self-link" href="#configure-your-pipeline" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Add the following to your &lt;code&gt;.gitlab-ci.yml&lt;/code&gt; and push to your repository:&lt;/p&gt;</description></item><item><title>GitLab secure repo</title><link>/use/howto/secure/gitlab-secure-repo/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/secure/gitlab-secure-repo/</guid><description>&lt;h2 id="proctecting-branches"&gt;Proctecting branches&lt;a class="td-heading-self-link" href="#proctecting-branches" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;ol&gt;
&lt;li&gt;
&lt;p&gt;&lt;strong&gt;Navigate to Your Repository Settings&lt;/strong&gt;:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Go to your GitLab project.&lt;/li&gt;
&lt;li&gt;Navigate to &lt;strong&gt;Settings &amp;gt; Repository&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;Scroll down to the &lt;strong&gt;Protected branches&lt;/strong&gt; and expand section.&lt;/li&gt;
&lt;li&gt;Select &lt;strong&gt;Add protected branch&lt;/strong&gt;
&lt;img src="/use/howto/secure/gitlab-secure-repo/img/gitlab-protect-branch.png" alt="protect-branch"&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;&lt;strong&gt;Configure a Protected Branch&lt;/strong&gt;:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;In the &lt;strong&gt;Protect a branch&lt;/strong&gt; form, select or type the name of the branch you want to
protect (e.g., &lt;code&gt;main&lt;/code&gt;, &lt;code&gt;develop&lt;/code&gt;, or &lt;code&gt;prod*&lt;/code&gt;).&lt;/li&gt;
&lt;li&gt;Select values to &lt;strong&gt;Allowed to Merge&lt;/strong&gt; (ex: Select &lt;code&gt;Maintainers&lt;/code&gt;).&lt;/li&gt;
&lt;li&gt;Select values to &lt;strong&gt;Allowed to Push&lt;/strong&gt;: (ex: &lt;code&gt;Maintainers&lt;/code&gt; or specific trusted users).&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;&lt;strong&gt;Define more settings&lt;/strong&gt;:&lt;/p&gt;</description></item><item><title>GitLab templates</title><link>/use/howto/plan/gitlab-templates/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/plan/gitlab-templates/</guid><description>&lt;h2 id="create-a-description-template"&gt;Create a Description Template&lt;a class="td-heading-self-link" href="#create-a-description-template" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Navigate to the root directory of your GitLab repository&lt;/li&gt;
&lt;li&gt;Create a &lt;code&gt;.gitlab&lt;/code&gt; directory if it doesn&amp;rsquo;t exist.&lt;/li&gt;
&lt;li&gt;Inside the &lt;code&gt;.gitlab&lt;/code&gt; directory, create the appropriate subdirectory:
&lt;ul&gt;
&lt;li&gt;For issue templates: create &lt;code&gt;issue_templates&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;For merge request templates: create &lt;code&gt;merge_request_templates&lt;/code&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;Inside the newly created subdirectory, create your Markdown (&lt;code&gt;.md&lt;/code&gt;) files:
&lt;ul&gt;
&lt;li&gt;For issue templates, examples include &lt;code&gt;bug_report.md&lt;/code&gt;, &lt;code&gt;feature_request.md&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;For merge request templates, examples include &lt;code&gt;Feature Merge Request.md&lt;/code&gt;, &lt;code&gt;Bug Fix Merge Request.md&lt;/code&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;You should have a similar file structure:&lt;/p&gt;</description></item><item><title>GitLab tokens</title><link>/use/howto/configure/gitlab-access-token/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/configure/gitlab-access-token/</guid><description>&lt;h2 id="introduction"&gt;Introduction&lt;a class="td-heading-self-link" href="#introduction" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;In GitLab, tokens are used to facilitate secure access to the GitLab API, manage permissions,
and automate processes. Here are the different types of tokens you might encounter:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Personal Access Tokens&lt;/strong&gt;: These are user-specific tokens that allow you to authenticate API
requests with your user account. They can be scoped to different permissions, such as read or write
access to the repository.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Project Access Tokens&lt;/strong&gt;: These tokens are designed for automated processes within a specific project.
They can be used for CI/CD pipelines, allowing services to interact with the project without exposing
personal credentials.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Group Access Tokens&lt;/strong&gt;: These tokens grant access to all projects within a specific group. They
are useful for situations where you want to manage permissions across multiple projects efficiently.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="how-to-create-a-personal-access-token"&gt;How to create a personal Access Token&lt;a class="td-heading-self-link" href="#how-to-create-a-personal-access-token" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Here are the steps you typically follow:&lt;/p&gt;</description></item><item><title>Jira/GitLab integration</title><link>/use/howto/plan/jira-gitlab/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/plan/jira-gitlab/</guid><description>&lt;h2 id="concept"&gt;Concept&lt;a class="td-heading-self-link" href="#concept" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;The integration between Jira and GitLab creates a powerful synergy between
project management and code development. This connection establishes
bidirectional links between:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Jira items (Epics, User Stories)&lt;/li&gt;
&lt;li&gt;GitLab activities (commits, Merge Requests)&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;NOTE: Creating a GitLab branch from a Jira ticket is not covered in the how-to
because it requires the Jira DVCS connector, which is not yet integrated.&lt;/p&gt;
&lt;h3 id="use-case"&gt;Use Case&lt;a class="td-heading-self-link" href="#use-case" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;h4 id="from-jira"&gt;From Jira&lt;a class="td-heading-self-link" href="#from-jira" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h4&gt;
&lt;p&gt;When reviewing a ticket, you have direct access to the associated
code changes through links to corresponding GitLab commits or Merge Requests
(MR).&lt;/p&gt;</description></item><item><title>Merge Requests</title><link>/use/practices/code/merge-request/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/practices/code/merge-request/</guid><description>&lt;h2 id="objectives--benefits"&gt;Objectives &amp;amp; Benefits&lt;a class="td-heading-self-link" href="#objectives--benefits" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Merge requests (MRs) are a critical component in the software development life cycle (SDLC)
specially in the &lt;a href="/use/practices/code/scm/branch/#branching-strategies"&gt;GitLab workflow&lt;/a&gt;
.&lt;/p&gt;
&lt;p&gt;They allow developers to:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Propose &lt;strong&gt;code changes&lt;/strong&gt; from feature branches to be merged into the main branch.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Get feedback&lt;/strong&gt; from team members as part of &lt;a href="/use/practices/code/code-review/"&gt;code review&lt;/a&gt;
 workflows.&lt;/li&gt;
&lt;li&gt;Enable &lt;strong&gt;approval and check gates&lt;/strong&gt; before integrating changes into the main codebase.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;Merge Requests improve regular &lt;strong&gt;collaboration&lt;/strong&gt; and &lt;strong&gt;team spirit&lt;/strong&gt;
because they serve as &lt;em&gt;educational moments&lt;/em&gt; and foster &lt;em&gt;team effort&lt;/em&gt;.&lt;/p&gt;</description></item><item><title>NextGen CICD</title><link>/use/tools/nextgen-cicd/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/nextgen-cicd/</guid><description>&lt;div style="display: flex; align-items: flex-start; gap: 1.5rem; margin-bottom: 1rem; max-width: 80%;"&gt;
 &lt;img src="./logo.png" alt="NextGen CICD"
 width="150"
 style="flex-shrink: 0;"&gt;
 &lt;div&gt;&lt;p&gt;&lt;a href="https://gitlab.thalesdigital.io/nextgen-cicd" class="external-link" target="_blank" rel="noopener noreferrer"&gt;NextGen CICD&lt;/a&gt;
 is an Inner Source project that
provides a standalone catalogue of ready-to-use reusable steps and pipelines that support CI/CD best
practices.
Virtually every step runs in a container based on a &lt;a href="https://gitlab.thalesdigital.io/thalescontainerImages/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;trusted image&lt;/a&gt;

we provide.&lt;/p&gt;
&lt;p&gt;The objective is to speed up the lead time for a project to set up a CI/CD pipeline
by using templates with the ability to customize them
or create their own pipelines based on individual steps that we provide in the catalogue.&lt;/p&gt;</description></item><item><title>Polarion/Tests integration</title><link>/use/howto/plan/polarion-test-results/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/plan/polarion-test-results/</guid><description>&lt;h2 id="concept"&gt;Concept&lt;a class="td-heading-self-link" href="#concept" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Import data from automatic test execution result files to produce conformity matrixes&lt;/p&gt;
&lt;pre class="mermaid"&gt;---
config:
 theme: neutral
 layout: elk
---
graph LR
 %% Sous-graphes
 subgraph Polarion
 R(Requirement)
 TC(Test Case)
 TR(Test Run)
 end

 subgraph Gitlab-ci
 AT(automatic tests)
 end

 %% Relations
 AT --&amp;gt;|&amp;#34;&amp;amp;lt;optional&amp;amp;gt; import&amp;#34;| TC
 AT --&amp;gt;|&amp;#34;import&amp;#34;| TR
 R --&amp;gt; TC
 TC --&amp;gt; TR
 

 class Polarion,Gitlab-ci system;
 class R,TC,TR,AT item;&lt;/pre&gt;
&lt;p&gt;Test results can be imported using two XML file formats:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;a href="https://github.com/testmoapp/junitxml" class="external-link" target="_blank" rel="noopener noreferrer"&gt;JUnit file format&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;XML from Vivaldi (See Distributed Systems document)&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="junit-like-format-for-test-results"&gt;JUnit-Like Format for Test Results&lt;a class="td-heading-self-link" href="#junit-like-format-for-test-results" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;JUnit is a commonly used format for reporting test results in XML format.
Polarion supports the import of JUnit XML reports, enabling the automatic creation
or update of test runs and test results within Polarion. +
This document primarily focuses on the JUnit-like format and elaborates on the
structure necessary for importing into Polarion.&lt;/p&gt;</description></item><item><title>Python pipeline Tuto</title><link>/use/howto/ci-cd/first-python-pipeline/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/ci-cd/first-python-pipeline/</guid><description>&lt;h2 id="getting-started"&gt;Getting started&lt;a class="td-heading-self-link" href="#getting-started" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;This Tutorial serves as an introduction to using &lt;a href="https://docs.gitlab.com/ee/ci/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;GitLab CI/CD&lt;/a&gt;
 by creating a CI/CD pipeline
for a basic Python application.&lt;/p&gt;
&lt;p&gt;First, we&amp;rsquo;ll present an example of a standard GitLab CI/CD pipeline.
Following that, we&amp;rsquo;ll explore integration with &lt;a href="https://gitlab.thalesdigital.io/nextgen-cicd/catalog/step/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;NextGen CI/CD&lt;/a&gt;
.&lt;/p&gt;
&lt;p&gt;To get started, we will :&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;a href="/use/howto/ci-cd/first-python-pipeline/#checkout-the-python-repository"&gt;Checkout&lt;/a&gt;
 the repository for a basic Python application.&lt;/li&gt;
&lt;li&gt;&lt;a href="/use/howto/ci-cd/first-python-pipeline/#define-stages"&gt;Define Pipeline Stages&lt;/a&gt;
 in the &lt;code&gt;.gitlab-ci.yml&lt;/code&gt; file.&lt;/li&gt;
&lt;li&gt;&lt;a href="/use/howto/ci-cd/first-python-pipeline/#define-jobs"&gt;Define jobs&lt;/a&gt;
 to be executed within each pipeline stage&lt;/li&gt;
&lt;li&gt;&lt;a href="/use/howto/ci-cd/first-python-pipeline/#define-variables"&gt;Define Variables&lt;/a&gt;
 for job configurations.&lt;/li&gt;
&lt;li&gt;&lt;a href="/use/howto/ci-cd/first-python-pipeline/#execute-the-pipeline"&gt;Execute and monitor&lt;/a&gt;
 the pipeline.&lt;/li&gt;
&lt;li&gt;&lt;a href="/use/howto/ci-cd/first-python-pipeline/#pipeline-triggers"&gt;Explore triggers&lt;/a&gt;
 to automate pipeline execution based on events.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="checkout-the-python-repository"&gt;Checkout the Python Repository&lt;a class="td-heading-self-link" href="#checkout-the-python-repository" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;The &lt;a href="https://gitlab.thalesdigital.io/nextgen-cicd/example/python-project-pipeline/-/tree/tutorial-for-sfdocs" class="external-link" target="_blank" rel="noopener noreferrer"&gt;example application&lt;/a&gt;
 consists of a basic Python code that converts km/h into MPH (US).&lt;/p&gt;</description></item><item><title>Registry</title><link>/use/tools/gitlab/deploy/gitlab-registry/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/deploy/gitlab-registry/</guid><description>&lt;p&gt;&lt;img src="../../img/gitlab-registry-header.png" alt="GitLab registry"&gt;&lt;/p&gt;
&lt;h2 id="overview-of-registry"&gt;Overview of Registry&lt;a class="td-heading-self-link" href="#overview-of-registry" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;The GitLab Registry is a private registry for storing and managing Docker images and other formats.&lt;/p&gt;
&lt;p&gt;It&amp;rsquo;s built into GitLab. This makes it easy to integrate container image management into your CI/CD workflows.&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Store Docker images:&lt;/strong&gt; Securely store your Docker images within your GitLab project.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;CI/CD integration:&lt;/strong&gt; Build and push images as part of your CI/CD pipelines.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Access control:&lt;/strong&gt; Control who can access and use your images.&lt;/li&gt;
&lt;/ul&gt;
&lt;blockquote&gt;
&lt;p&gt;✅ Use the GitLab Registry to manage your container images and streamline your deployment process.&lt;/p&gt;</description></item><item><title>Repo Mirroring</title><link>/use/tools/gitlab/code/repository-mirror/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/code/repository-mirror/</guid><description>&lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition warning"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"&gt;&lt;path d="M256 32c14.2 0 27.3 7.5 34.5 19.8l216 368c7.3 12.4 7.3 27.7 .2 40.1S486.3 480 472 480L40 480c-14.3 0-27.6-7.7-34.7-20.1s-7-27.8 .2-40.1l216-368C228.7 39.5 241.8 32 256 32zm0 128c-13.3 0-24 10.7-24 24l0 112c0 13.3 10.7 24 24 24s24-10.7 24-24l0-112c0-13.3-10.7-24-24-24zm32 224a32 32 0 1 0 -64 0 32 32 0 1 0 64 0z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Disclaimer&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;Each platform choose their limitation to use this feature.
Refer to &lt;a href="/get-started/platforms/#service-per-platform"&gt;Service per platform&lt;/a&gt;
.&lt;/p&gt;
&lt;p&gt;Software Factory recommends that only platform admins have the privilege to create Mirrors.&lt;/p&gt;</description></item><item><title>Runners</title><link>/use/tools/gitlab/build/gitlab-runner/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/build/gitlab-runner/</guid><description>&lt;p&gt;&lt;a href="https://docs.gitlab.com/runner/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;&lt;img src="../../img/gitlab-runner-header.png" alt="GitLab Runners" title="Instance Runners"&gt;&lt;/a&gt;
&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;GitLab Runners&lt;/strong&gt; are essential components of GitLab’s CI/CD system.
While your project’s pipeline defines &lt;em&gt;what&lt;/em&gt; should be done (build, test, deploy steps),
runners are the agents responsible for &lt;em&gt;where&lt;/em&gt; and &lt;em&gt;how&lt;/em&gt; those jobs are actually executed.&lt;/p&gt;
&lt;p&gt;They enable teams to automate processes, enforce consistent environments, and scale their software delivery.&lt;/p&gt;
&lt;p&gt;Runners execute your CI/CD job from the following options:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Instance Runners&lt;/strong&gt;: aka &lt;em&gt;Shared runners&lt;/em&gt; Available to all projects in a GitLab instance.
For some security reason they may not be available on all &lt;a href="/get-started/platforms/"&gt;platforms&lt;/a&gt;
.
On &lt;a href="/get-started/platforms/trustnest-digital-platform/"&gt;TDP C2&lt;/a&gt;
,they are provided as a free managed service for quick testing or prototyping.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Managed Dedicated Runners&lt;/strong&gt;: a &lt;a href="/use/tools/gitlab/build/gitlab-runner/#software-factory-runner-offer"&gt;managed service&lt;/a&gt;

that guarantees the best quality of life, freeing time for developpers to focus on their projects.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Self-managed Dedicated Runners&lt;/strong&gt;: Deploy and manage your own project or group runners on your infrastructure.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="runner-architecture"&gt;Runner Architecture&lt;a class="td-heading-self-link" href="#runner-architecture" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;Runners are installed processes&lt;/strong&gt; (services or daemons) that interact with the GitLab server.&lt;/p&gt;</description></item><item><title>Static Application Security Testing (SAST)</title><link>/use/tools/gitlab/secure/sast/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/secure/sast/</guid><description>&lt;div style="display: flex; align-items: flex-start; gap: 1.5rem; margin-bottom: 1rem; max-width: 80%;"&gt;
 &lt;img src="/logo/gitlab.svg" alt="GitLab logo"
 width="100"
 style="flex-shrink: 0;"&gt;
 &lt;div&gt;GitLab Ultimate provides a SAST tool already integrated in your development environment.
It helps developers identify security issues in their code during the development process,
allowing them to fix vulnerabilities before they reach production.&lt;/div&gt;
&lt;/div&gt;

&lt;p&gt;The SAST scanner uses analyzers to detect vulnerabilities in source code.
Currently, there are six officially supported analyzers:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;GitLab Advanced Security&lt;/strong&gt;: analyzer designed to discover vulnerabilities by performing
cross-function and cross-file taint analysis&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Semgrep&lt;/strong&gt;: standard static scanner for most programming languages&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Kubesec&lt;/strong&gt;: designed to scan Kubernetes manifests and Helm Charts&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;sobelow&lt;/strong&gt;: designed to scan Elixir applications&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;spotbug&lt;/strong&gt;: designed to scan Java and Groovy applications&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;pmd-apex&lt;/strong&gt;: designed to scan Apex code used in Salesforce applications&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;When the SAST scanner is integrated into your pipeline,
it will select the scanner that best suits your repository.&lt;/p&gt;</description></item><item><title>Software Composition Analysis (SCA)</title><link>/use/tools/gitlab/secure/sca/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/secure/sca/</guid><description>&lt;div style="display: flex; align-items: flex-start; gap: 1.5rem; margin-bottom: 1rem; max-width: 80%;"&gt;
 &lt;img src="/logo/gitlab.svg" alt="GitLab logo"
 width="100"
 style="flex-shrink: 0;"&gt;
 &lt;div&gt;GitLab provides Software Composition Analysis capabilities through two CI-integrated tools:
&lt;strong&gt;Dependency Scanning&lt;/strong&gt; and &lt;strong&gt;Container Scanning&lt;/strong&gt;.&lt;br&gt;
Both require GitLab &lt;strong&gt;Ultimate&lt;/strong&gt;, which is included in the Software Factory at no
additional cost.&lt;/div&gt;
&lt;/div&gt;

&lt;p&gt;For background on SCA concepts, see the &lt;a href="/use/practices/secure/software-composition-analysis/"&gt;SCA practice&lt;/a&gt;
 page.&lt;/p&gt;
&lt;h2 id="inventory-coverage"&gt;Inventory Coverage&lt;a class="td-heading-self-link" href="#inventory-coverage" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;The table below maps GitLab SCA&amp;rsquo;s capabilities to the
&lt;a href="/use/practices/secure/software-composition-analysis/#analysis-approaches"&gt;analysis approaches&lt;/a&gt;
 defined in the SCA practice.&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;&lt;a href="https://docs.gitlab.com/ee/user/application_security/dependency_scanning/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Dependency Scanning&lt;/a&gt;
&lt;/strong&gt; parses language-specific lockfiles to build the dependency graph
and produces a &lt;a href="/use/practices/secure/software-composition-analysis/#source-analysis"&gt;Source SBOM&lt;/a&gt;
 in &lt;a href="https://cyclonedx.org/specification/overview/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;CycloneDX&lt;/a&gt;
 format.
It currently relies on the &lt;strong&gt;Gemnasium-based analyzer&lt;/strong&gt;, which is deprecated by GitLab but
remains the only generally available option.
A newer SBOM-based analyzer is in development but not yet GA.
See &lt;a href="https://docs.gitlab.com/user/application_security/dependency_scanning/dependency_scanning_sbom/#supported-languages-and-files" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Supported languages&lt;/a&gt;
 and &lt;a href="https://docs.gitlab.com/user/application_security/dependency_scanning/dependency_scanning_sbom/#supported-package-types" class="external-link" target="_blank" rel="noopener noreferrer"&gt;package types&lt;/a&gt;
 for the full list of supported ecosystems.&lt;/p&gt;</description></item><item><title>Secret Detection</title><link>/use/tools/gitlab/secure/secret-detection/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/secure/secret-detection/</guid><description>&lt;div style="display: flex; align-items: flex-start; gap: 1.5rem; margin-bottom: 1rem; max-width: 80%;"&gt;
 &lt;img src="/logo/gitlab.svg" alt="GitLab logo"
 width="100"
 style="flex-shrink: 0;"&gt;
 &lt;div&gt;&lt;p&gt;Code may use secrets to integrate with external services, such as webservices or databases.
These secrets can take various forms, including passwords, API keys, and SSH keys.&lt;/p&gt;
&lt;p&gt;If this sensitive information is committed to a source code repository,
it may become accessible to anyone who accesses the repository, posing a significant security risk.&lt;/p&gt;
&lt;p&gt;To mitigate this risk, GitLab provides a Secret Detection tool that scans your codebase for sensitive
information (check [full list of supported secret types]) and alerts you to potential security issues.&lt;/p&gt;</description></item><item><title>Secure your Repository</title><link>/use/practices/secure/secure-your-repository/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/practices/secure/secure-your-repository/</guid><description>&lt;p&gt;Securing your repository is essential to maintain the integrity and confidentiality of your code base.
This guide covers the practices for implementing robust access controls, enforcing branch protection,
securing secrets, and using groups efficiently within GitLab.&lt;/p&gt;
&lt;h2 id="implement-access-controls"&gt;Implement Access Controls&lt;a class="td-heading-self-link" href="#implement-access-controls" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Establishing strong access controls is fundamental for repository security.&lt;/p&gt;
&lt;p&gt;Properly configured permissions ensure only authorized individuals can perform sensitive actions
like pushing code, merging changes, or altering project settings.&lt;/p&gt;</description></item><item><title>Security Policies</title><link>/use/tools/gitlab/secure/policies/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/secure/policies/</guid><description>&lt;div style="display: flex; align-items: flex-start; gap: 1.5rem; margin-bottom: 1rem; max-width: 80%;"&gt;
 &lt;img src="/logo/gitlab.svg" alt="GitLab logo"
 width="100"
 style="flex-shrink: 0;"&gt;
 &lt;div&gt;You can automate vulnerability management and enforce requirements on
merge requests, security scans, and pipeline execution with &lt;em&gt;policies&lt;/em&gt;.&lt;/div&gt;
&lt;/div&gt;

&lt;h2 id="merge-request-approval-policies"&gt;Merge Request Approval Policies&lt;a class="td-heading-self-link" href="#merge-request-approval-policies" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;GitLab enforces security requirements at the &lt;strong&gt;merge request&lt;/strong&gt; level, not at the pipeline level.
When a policy is triggered, GitLab automatically adds required approvers to the MR — the
pipeline itself continues to pass, but the &lt;strong&gt;merge is blocked&lt;/strong&gt; until the required approvals
are obtained.&lt;/p&gt;</description></item><item><title>Shift Left Testing</title><link>/use/practices/test/shift-left-approach/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/practices/test/shift-left-approach/</guid><description>&lt;p&gt;This guide provides a definition of Shift Left, outlines its benefits, explains how to implement it
and presents some pitfalls to avoid.&lt;/p&gt;
&lt;p&gt;&lt;img src="/use/practices/test/shift-left-approach/img/devops-shift-left.png" alt="“approach”"&gt;&lt;/p&gt;
&lt;h2 id="definition"&gt;Definition&lt;a class="td-heading-self-link" href="#definition" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;Shift Left&lt;/strong&gt; refers to the practice of moving testing activities earlier
in the software development process.&lt;/p&gt;
&lt;p&gt;Instead of waiting until the end of the development cycle to test for defects,
Shift Left advocates for testing activities to begin as soon as possible.&lt;/p&gt;
&lt;p&gt;This approach is aligned with Agile and DevOps methodologies,
promoting ongoing testing throughout the development lifecycle.&lt;/p&gt;</description></item><item><title>Teapot Tuto</title><link>/use/howto/ci-cd/deploy-webapp-teapot/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/ci-cd/deploy-webapp-teapot/</guid><description>&lt;h2 id="overview"&gt;Overview&lt;a class="td-heading-self-link" href="#overview" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;In this tutorial, you&amp;rsquo;ll learn how to create and deploy a first app from Software Factory C2 to a
TDP C2 K8SaaS (the managed Azure Kubernetes Service offered by the TDP C2).&lt;/p&gt;
&lt;p&gt;&lt;img src="/use/howto/ci-cd/deploy-webapp-teapot/img/teapot.jpg" alt="Teapot"&gt;&lt;/p&gt;
&lt;h3 id="prerequisites"&gt;Prerequisites&lt;a class="td-heading-self-link" href="#prerequisites" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;ul&gt;
&lt;li&gt;&lt;a href="https://postit.service-now.com/esc?id=sc_cat_item&amp;amp;sys_id=d22700c997024550e239be7fe153af6b" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Enroll&lt;/a&gt;
 your user account in a TDF account (billing account).&lt;/li&gt;
&lt;li&gt;&lt;a href="https://postit.service-now.com/esc?id=sc_cat_item&amp;amp;sys_id=9cf5069c97fae110b1c6359fe153af4e" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Request a DevSecOps offer&lt;/a&gt;
 (needed for GitLab and Artifactory) or
&lt;a href="https://postit.service-now.com/esc?id=sc_cat_item&amp;amp;sys_id=441cd4d7db0e0510f565cbc405961994" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Request a DevSecOps InnerSource&lt;/a&gt;
 access if you are only working on InnerSource projects.
DevSecOps InnerSource is sponsored by TGS/TCE (Thales Corporate Engineering)&lt;/li&gt;
&lt;li&gt;Subscribe to &lt;a href="https://postit.service-now.com/esc?id=sc_cat_item&amp;amp;sys_id=90158756dba6695055a55947f4961909" class="external-link" target="_blank" rel="noopener noreferrer"&gt;IaaS Discover offer&lt;/a&gt;
 (K8SaaS)&lt;/li&gt;
&lt;/ul&gt;
&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;TIPS&lt;/strong&gt;: If you&amp;rsquo;re stuck with Multi-Factor Authentication (MFA), you can check this
&lt;a href="https://doc-iam.mcs.thalesdigital.io/docs/Features/reset-mfa" class="external-link" target="_blank" rel="noopener noreferrer"&gt;documentation&lt;/a&gt;
 or request a &lt;a href="https://postit.service-now.com/esc?id=sc_cat_item&amp;amp;sys_id=71ddfdd01b16d150fd08cb36464bcbf1" class="external-link" target="_blank" rel="noopener noreferrer"&gt;reset&lt;/a&gt;
.&lt;/p&gt;</description></item><item><title>Technical Documentation</title><link>/use/practices/code/technical-documentation/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/practices/code/technical-documentation/</guid><description>&lt;h2 id="practices-for-writing-technical-documentation"&gt;Practices for writing technical documentation&lt;a class="td-heading-self-link" href="#practices-for-writing-technical-documentation" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Here are some best practices for writing clear and effective technical documentation:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Know Your Audience&lt;/strong&gt;: Understand who will be reading the documentation
(developers, end-users, stakeholders) and tailor the content to their level of expertise and needs.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Clear Structure and Organization&lt;/strong&gt;: Use a logical structure with clear headings and subheadings.
Maybe include a table of contents for easier navigation, especially for lengthy documents.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Clarity and Conciseness&lt;/strong&gt;: Break down complex concepts into manageable sections or steps.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Consistency&lt;/strong&gt;: Maintain consistent terminology, tone, and style throughout the document.
Also use a consistent format for headings, code blocks, and lists.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Code Examples&lt;/strong&gt;: Include code snippets to demonstrate concepts and provide real-world examples.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Maintain and Update&lt;/strong&gt;: Regularly review and update the documentation to keep it current
with any changes in the project or software.&lt;/li&gt;
&lt;/ul&gt;
&lt;h3 id="useful-links"&gt;Useful links&lt;a class="td-heading-self-link" href="#useful-links" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;ul&gt;
&lt;li&gt;&lt;a href="https://developers.google.com/tech-writing/overview" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Google technical writing&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;&lt;a href="https://docs.gitlab.com/ee/development/documentation/styleguide/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;GitLab doc style guide&lt;/a&gt;
&lt;/li&gt;
&lt;/ul&gt;
&lt;hr&gt;
&lt;h2 id="presentation-of-diatixis"&gt;Presentation of Diatixis&lt;a class="td-heading-self-link" href="#presentation-of-diatixis" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;The Diataxis framework is a comprehensive approach to organizing technical documentation.&lt;/p&gt;</description></item><item><title>Traceability, conformity and conformance</title><link>/use/practices/code/traceability/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/practices/code/traceability/</guid><description>&lt;h2 id="overview--expected-benefits"&gt;Overview &amp;amp; Expected Benefits&lt;a class="td-heading-self-link" href="#overview--expected-benefits" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Software engineering projects that work with system engineering face key
challenges in communication, development processes, and compliance with
specifications.&lt;/p&gt;
&lt;p&gt;Five specific areas of focus typically arise and require careful attention.&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Specification Transfer and Collaborative Development Processes&lt;/strong&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;One of the primary challenges is the effective transfer of specifications from
the system engineering team to the software development team. Clear
communication and collaborative documentation are essential to ensure a mutual
understanding of requirements. Misinterpretations at this stage can lead to
significant setbacks later in the project. In a co-engineering environment,
collaboration between system and software teams is essential. Both teams must
engage in parallel activities throughout the development phase. This means
aligning their engineering efforts and providing real-time feedback to ensure
that the project adheres to system specifications.&lt;/p&gt;</description></item><item><title>Vulnerability Report</title><link>/use/tools/gitlab/secure/vulnerability-report/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/gitlab/secure/vulnerability-report/</guid><description>&lt;p&gt;&lt;div style="display: flex; align-items: flex-start; gap: 1.5rem; margin-bottom: 1rem; max-width: 80%;"&gt;
 &lt;img src="/logo/gitlab.svg" alt="GitLab logo"
 width="100"
 style="flex-shrink: 0;"&gt;
 &lt;div&gt;After analyzing your source code with [SAST], [SCA], and/or your application with [DAST],
you can check scan results in the &lt;strong&gt;Vulnerability report&lt;/strong&gt;, available at the &lt;strong&gt;group&lt;/strong&gt;
and &lt;strong&gt;project&lt;/strong&gt; level.&lt;/div&gt;
&lt;/div&gt;

To access, navigate to 


 

 

&lt;strong&gt;Secure&lt;/strong&gt; &amp;gt; &lt;strong&gt;Vulnerability report&lt;/strong&gt;
.&lt;/p&gt;

 &lt;div class="admonition tip"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 512"&gt;&lt;path d="M272 384c9.6-31.9 29.5-59.1 49.2-86.2c0 0 0 0 0 0c5.2-7.1 10.4-14.2 15.4-21.4c19.8-28.5 31.4-63 31.4-100.3C368 78.8 289.2 0 192 0S16 78.8 16 176c0 37.3 11.6 71.9 31.4 100.3c5 7.2 10.2 14.3 15.4 21.4c0 0 0 0 0 0c19.8 27.1 39.7 54.4 49.2 86.2l160 0zM192 512c44.2 0 80-35.8 80-80l0-16-160 0 0 16c0 44.2 35.8 80 80 80zM112 176c0 8.8-7.2 16-16 16s-16-7.2-16-16c0-61.9 50.1-112 112-112c8.8 0 16 7.2 16 16s-7.2 16-16 16c-44.2 0-80 35.8-80 80z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Tip&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;At the group level, in addition to the vulnerability report, there is a &lt;strong&gt;Security Dashboard&lt;/strong&gt;
that provides an overview of the group&amp;rsquo;s security posture.
To access it: in the left sidebar, select 


 

 

&lt;strong&gt;Secure&lt;/strong&gt; &amp;gt; &lt;strong&gt;Security Dashboard&lt;/strong&gt;
.&lt;/p&gt;</description></item></channel></rss>