Sunday, June 16, 2024

GitLab on Google Cloud for faster delivery and security

GitLab On Google Cloud

Using an integrated solution that improves speed, security, and scalability, modernise the way you deploy software.

Product, development, and platform teams are always under pressure to produce cutting-edge software rapidly and at scale while lowering business risk in today’s fast-paced business climate. Nevertheless, fragmented toolchains for the software development lifecycle (SDLC) impede advancement. A handful of the difficulties that organisations have in contemporary development are as follows:

Different instruments

Workflows that are inefficient and context switching are caused by disconnected toolchains.

Worries about security

Vulnerabilities are introduced by traditional authentication techniques such service account keys.

Scalability problems

Maintaining scalable self-service deployment via Continuous Integration / Continuous Delivery (CI/CD) can become a significant challenge when enterprises take on an increasing number of projects.

As per the 2023 State of DevSecOps Report, enhancing daily workflow positively affects cultural components. Google Cloud has worked with GitLab on an integrated solution that reimagines how businesses approach DevSecOps to expedite the delivery of apps from source code on GitLab to Google Cloud runtime environments in an effort to enhance the daily experience of developers.

GitLab on Google Cloud Integration

The Google Cloud – GitLab integration enhances the developer experience by simplifying tool management and assisting workers in maintaining “flow.” The integration between GitLab and Google Cloud provides a holistic solution that improves software delivery, simplifies development, and increases security by reducing the need for context switching that comes with using various tools and user interfaces.

Google Cloud Gitlab

Without the requirement for service accounts or service account keys, the GitLab on Google Cloud integration employs workload identity federation for permission and authentication for GitLab workloads on Google Cloud.

Refer to the GitLab instructional Google Cloud IAM for instructions on configuring workload identity federation and the required Identity and Access Management (IAM) roles for the GitLab on Google Cloud integration.

GitLab elements

To make Google Cloud tasks within GitLab pipelines simpler, the GitLab on Google Cloud integration makes use of GitLab components that are developed and maintained by Google. You must follow the directions in the GitLab tutorial Google Cloud Workload Identity Federation and IAM policies to configure authentication and authorization for GitLab to Google Cloud in order to use the components for this connection.

Management of Artefacts

Using the GitLab on Google Cloud interface, you can quickly deploy your GitLab artefacts to Google Cloud runtimes by uploading them to the Artefact Registry. The artefacts can be seen in GitLab or the Artefact Registry, and Google Cloud provides access to the metadata for each artefact.

Continuous deployment and integration

With the GitLab on Google Cloud connection, you can execute your Google Cloud workloads by configuring the GitLab runner parameters directly in your GitLab project using Terraform.

You can use the Cloud Deploy or Deploy to GKE components if you have already configured Workload Identity Federation for authentication and permission to Google Cloud.

A cohesive strategy for DevSecOps

Imagine working on a single integrated platform where you can easily transition from developing code to deploying it. This is the reality made possible by the interaction between GitLab and Google Cloud. Google Cloud created a unified environment that empowers developers and promotes innovation by combining Google Cloud’s trustworthy infrastructure and services with GitLab’s source code management, CI/CD pipelines, and collaboration tools. Many advantages for customers come from this integration:

Reduced context switching

Developers don’t have to switch between GitLab and Google Cloud; they can remain in one tool.

Simple delivery

By making it easier for clients to set up their pipelines in GitLab and deliver containers to Google Cloud runtime environments, google cloud has decreased friction and complexity.

Adapted to suit business requirements

The Google Cloud – GitLab connection makes sure your DevSecOps pipelines can scale to match the demands of your expanding organisation by using Google Cloud’s infrastructure as the foundation.

To put it briefly, you can use Workload Identity Federation to securely integrate GitLab with Google Cloud, access your containers in both the Google and GitLab Artefact Registry, and deploy to Google Cloud runtime environments using CI/CD components specifically designed for the task. Let’s investigate more closely.

Prioritising security

Because the security of your programme is so important, Google Cloud included Workload Identity Federation (WLIF) in this integration. Static service account keys are no longer required thanks to this technology, which replaces them with transient tokens that drastically lower the possibility of compromise. Furthermore, Workload Identity Federation facilitates the mapping of identity and access management roles across GitLab and Google Cloud, simplifying management by centralising authentication through your current identity provider.

Coordinated management of artefacts

You can view your containers directly in GitLab and manage them in Google Artefact Registry repositories thanks to this connection. This allows you to utilise security scanning and has complete traceability of your created artefacts from GitLab to Google Cloud, all while adhering to GitLab’s developer workflow.

Pipelines that can be configured

Google Cloud has also released a set of CI/CD components as part of this integration to make pipeline building repeatable, easy to configure, and straightforward. The deployment to Google Cloud runtime environments was considered throughout the construction of these Google Cloud managed components. The ability to deploy an image to Google Kubernetes Engine, manage pipeline delivery with Cloud Deploy, and publish an image to the Google Artefact Registry are among the five components that are already accessible. Compared to using the Google CLI, Google Cloud’s preliminary benchmarking reveals that these components can be executed in GitLab CI pipelines more quickly and in smaller quantities.

Proceed with the following action

Are you prepared to enhance your DevSecOps process? Get a free trial of GitLab from the GitLab Web Store or buy it from the Google Cloud Marketplace if you don’t already have it. In the event that you already have a GitLab account, set up the integration right now. Additionally, if you’d like to talk to them about this integration or take part in customer experience research.

Thota nithya
Thota nithya
Thota Nithya has been writing Cloud Computing articles for govindhtech from APR 2023. She was a science graduate. She was an enthusiast of cloud computing.


Please enter your comment!
Please enter your name here

Recent Posts

Popular Post Would you like to receive notifications on latest updates? No Yes