GitLab

Rationale

GitLab is the platform we use for developing our software . It provides essential services like Git repositories , merge requests , development planning , CI/CD , among many others.

The main reasons why we chose GitLab over other alternatives are:

It is open source .
It is SaaS .
It is a DevOps Suite , meaning that all their technical efforts are focused on creating a workflow that facilitates getting high-quality code to production as securely and fast as possible. Such a vision is in harmony with our philosophical vision of software development and the current development cycle .
It has its own Continuous Integrator with built-in support, which is essential to our development cycle .
It has the GitLab for Open Source program, which gives unlimited, ultimate free seats to Open Source projects like ours .
It provides Development Planning with issues, milestones , roadmaps , among others. Such features are essential for task prioritization and resource assignment.
It has highly customizable permissions settings , allowing for giving permissions using a user-based, granular approach. Publishing specific sections of a project using a section-based granular approach is also possible.
It supports Two-factor Authentication .
It supports Merge Requests , allowing developers to open requests to get their changes to production.
It supports Merge Request Approvals , allowing the specification of a group of developers for reviewing and approving merge requests . In order to be able to reach production, developers need at least one approval from a user belonging to the approvers group. An approver cannot approve their own merge requests , everyone needs their work to be reviewed by someone else.
It has a very complete REST API that allows us to automate processes like reviewing merge requests , rotating AWS secrets and programmatically cloning repositories .
It has its own Container registry , allowing us to seamlessly store all our containers in the same place.
It supports CI/CD schedules , which allows us to easily run scheduled jobs .
It supports Environments for seamlessly accessing both development and production environments.
It supports built-in Analytics that provide issue insights , CI/CD analytics , merge request analytics , issue analytics , repository analytics , among others.
It supports many ChatOps integrations , allowing us to have an open, dedicated telemetry channel on our internal chat platform that receives all types of relevant information from GitLab . Developers just need to keep an eye on it in order to know what’s happening with merge requests , issues, failed jobs , etc.
It supports Repository Mirroring , allowing us to have a mirror of our repository on GitHub.
It supports Project Access Tokens , which greatly increase security and reliability on our integrations, as we use project-bounded instead of user-bounded tokens.
It supports SSH Signed Commits , allowing us to add an extra layer of security by ensuring that when someone pushes a new commit, that person is indeed who they claim they are.
It supports GitLab Pages , a very easy way of publishing static web pages .
It supports Protected Branches , an essential feature that assures that no one can push to the main production branch, thus forcing developers to reach production via merge requests .
It supports infrastructure integrations for Error Tracking , Tracing , Metrics, among others.
It supports Push Rules that allow further customization of what can and cannot be pushed to the repository. Some examples are branch naming , signed commits , secret pushing prevention , among others.

Alternatives

Azure DevOps : It did not exist at the time. It is not open source .
BitBucket : It is not a DevOps solution but a source code repository. It did not integrate with a CI/CD solution.
GitHub : It is not a DevOps solution but a source code repository. It did not integrate with a CI/CD solution.

Usage

We use GitLab for:

Hosting our universe repository
Hosting our issues
Hosting our milestones
Opening our merge requests
Hosting our containers
Visualizing jobs and pipelines

We do not use GitLab for:

Implementing it as code : We can partially implement GitLab as code using Terraform .
Security scans : We tried to implement this in the past, but were not able to due to low parameterization capabilities on the scans.
Operations : We currently do not use a stack that integrates with GitLab . Issues have been opened for this: Review Sentry , Review Jaeger , Review Elastic Stack .