[0:00]Welcome back to our second session where we build a DefSeg Ops GitLab pipeline.
[0:13]Hey Romano, can you give me a GitLab introduction first? Yeah, sure, let's have a look. So, when we log in into GitLab or go to the homepage of GitLab, we will see this screen here. So, the next step, what we need to do is log in into GitLab, which we do now. And you can see we are prompted here with the login screen. You can sign in with different accounts what you have. I will use here my account. On the next screen, we will see the projects and that I already have. You can see all of the projects that I currently have, all the test projects that I have. And of course, you also have the start projects, some other projects which you can see and you can filter and also search for projects in here. On the menu, we can again see all of the projects and we also can see groups which we have created, the milestones, some code snippets, activities, environments, operation and security. But for the overview, we will just go and create a quick new project. Here you can see all the possibilities which we have for creating a project. We can of course create a blank project, we can create a project directly from a template or import project or run a CICD from an external repository. For this introduction, we will just create directly from a template a project. Here we have now the list of all project templates that are out there. You can see, you can do or you can use different templates from different programming languages. Um for simplicity reasons, we will just use the .NET core template. As you can see, we selected the .NET core template. We can give that project a name. My dot net core, and we can pick here a project URL. Um we will choose here my own URL and then we have here the project slug, which is already pre-filled. We will choose here private. Of course, you can also do a public repository, but uh for for this uh small um project which we have here, we will choose private, and then we can create the project. So GitLab has now created the project template for me. You can see it here. And as you can see, we are here in the repository. We see all the files that have been created for me. As you can see, we already have a lot of files in our repository, which have been generated for us. We have the readme with a lot of information about that template and what we have in here. We of course have the program CS, which is the .NET Hello World console program which has already been generated for us. And of course, we also have the CS project for the .NET program. And what is very important and very interesting is this GitLab CI YAML file which we have a look at. In this YAML file, the whole continuous integration pipeline has already been defined for me or for this project. Oh, this looks pretty clean now to me. Looks like we have two stages, build and test for a start. They sound like we could even add our security tools directly there. Exactly. Um as you mentioned, we have these two stages here, build and test. And these are so-called jobs. You see here the job which is called build and you have a job which is called test. And you already have all the stuff which is needed now for the .NET build, and yes, absolutely, we can add here your security tests. Okay, now we have this file here, but what does GitLab do with this file? Oh, very good question. So, when we look over here, then we have CICD and we have the pipelines in here. And of course, you can also go into this editor where you can edit exactly that file. And here we can see, currently there are no pipelines running, and by clicking on run pipeline, I can run this pipeline already. As you can see, by clicking on run pipeline, the pipeline starts to run. And when we click here on running, then we see the different jobs which are executed. You can see that the build job is already has been executed successfully and the test job is still running. We can click on this test job and then you see the log outputs while the tests are running. And as you can see, now this pipeline has successfully been built. Uh the job is succeed. When we go back to the pipeline, then we see that everything has passed. Now, let's have a deep dive what just happened. For that, we go back to our repository, which we have, to files. And we go back to our GitLab CI YAML file. So, when we look at the GitLab version which we have here, which is the online version, then GitLab provides us with some runners, which execute our CICD pipeline. And here we can see the Docker image which we are using to execute these jobs here. Please be aware that by default each of this step runs in its own Docker image, so it's basically doing two times the same thing, actually. Once just compile and once compile and test. Exactly. Let's have a look how this all looks like in the pipeline. For that, we are going back to our pipeline. We have here the pipelines. And we are going into our past steps, and here into this job. So, here we now see the log file. Um we see that we have the GitLab runner, which gets executed. Um we see here the preparing of the Docker machine executor and the image which was used. This is the image that we have configured. Then the environment is prepared. Um and as you can see, we are getting the sources now from our Git repository, which we have. So, all of the sources are going now into this Docker image here, which gets executed. And then we are going to execute the scripts which we just saw, which is the .NET build. And as you can see, .NET build is successful. The artifacts are uploaded, and the whole job is successful. Oh, there's two things I want to stress and point out here. First of all, there's the .NET build command. You saw that already in the pipeline definition file before. And second, at the very beginning, we see that we actually fetch the latest Docker image. While that's the standard in from GitLab, we usually recommend here to use a dedicated version so that you have control over how your build environment actually looked like. Okay. Let's go back and have a look at the second job. For that we are going back here to pipelines, to our past pipeline step, and now we are going into test. And again, for this job, we also see that we are using the GitLab runner. We are using this image with the latest version, which is a bad thing and we should specify here. And we again see that we are getting the repository again here in this second job, and we are downloading all of the artifacts, and we are executing the command .NET test, which would execute the unit tests. But because we don't have any unit tests in this Hello World example, no nothing will happen, and the job is successful. So, as we clearly saw that we basically are doing the same things twice. This is one good place to optimize later on for advanced usage to reduce the overall time it takes to execute the pipeline. Make sure you reuse artifacts you built in a previous job. So, Patty, as you can see, um this was a small introduction into GitLab and you also see that there are a lot more options, which we will of course cover later in our video. And um I think let's go now and create this DevSec Ops pipeline which we need in the next video.
