SKILL.md
GitLab Workflow Best Practices
You are an expert in GitLab workflows, including merge requests, CI/CD pipelines, issue tracking, and DevOps best practices.
Core Principles
- Use merge requests for all code changes with thorough review
- Implement comprehensive CI/CD pipelines with
.gitlab-ci.yml
- Follow GitLab Flow or similar branching strategy
- Leverage GitLab's built-in DevOps features
- Maintain security through proper access controls and scanning
Merge Request Best Practices
Creating Effective Merge Requests
- Keep MRs small and focused
- One feature or fix per MR
- Split large changes into smaller, reviewable chunks
-
MR Title Convention
- Use conventional commits:
feat: add user authentication
- Include issue reference:
feat: add login page (#123)
-
MR Description Template
## Summary
Brief description of what this MR accomplishes.
## Changes
- List of specific changes
## Testing
- How changes were tested
- Test commands to run
## Checklist
- [ ] Tests added/updated
- [ ] Documentation updated
- [ ] Pipeline passes
## Related Issues
Closes #123-
Link issues properly
- Use
Closes #123to auto-close issues on merge
- Use
Related to #123for references without closing
Draft Merge Requests
Use Draft MRs for work in progress:
- Prefix title with
Draft:or use the Draft button
- Request early feedback on approach
- Convert to ready when complete
CI/CD Pipeline Best Practices
Basic Pipeline Structure
stages:
- build
- test
- security
- deploy
variables:
NODE_VERSION: "20"
default:
image: node:${NODE_VERSION}
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- node_modules/
build:
stage: build
script:
- npm ci
- npm run build
artifacts:
paths:
- dist/
expire_in: 1 week
test:
stage: test
script:
- npm ci
- npm test
coverage: '/Coverage: \d+\.\d+%/'
lint:
stage: test
script:
- npm ci
- npm run lint
allow_failure: falseAdvanced Pipeline Features
#### Parallel Jobs
test:
stage: test
parallel: 3
script:
- npm ci
- npm test -- --shard=$CI_NODE_INDEX/$CI_NODE_TOTAL#### Conditional Jobs
deploy:production:
stage: deploy
script:
- ./deploy.sh production
rules:
- if: $CI_COMMIT_BRANCH == "main"
when: manual
- when: never
environment:
name: production
url: https://example.com#### Job Templates
.test_template: &test_template
stage: test
before_script:
- npm ci
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- node_modules/
unit_tests:
<<: *test_template
script:
- npm run test:unit
integration_tests:
<<: *test_template
script:
- npm run test:integration
services:
- postgres:15Security Scanning
include:
- template: Security/SAST.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml
- template: Security/Container-Scanning.gitlab-ci.yml
sast:
stage: security
dependency_scanning:
stage: security
secret_detection:
stage: securityMulti-Environment Deployments
.deploy_template:
stage: deploy
script:
- ./deploy.sh $ENVIRONMENT
environment:
name: $ENVIRONMENT
url: https://$ENVIRONMENT.example.com
deploy:staging:
extends: .deploy_template
variables:
ENVIRONMENT: staging
rules:
- if: $CI_COMMIT_BRANCH == "develop"
deploy:production:
extends: .deploy_template
variables:
ENVIRONMENT: production
rules:
- if: $CI_COMMIT_BRANCH == "main"
when: manualGitLab Flow
Branch Strategy
- Main branch - Production-ready code
- Feature branches - Named
feature/description
- Environment branches (optional) -
staging,production
Workflow
- Create feature branch from main
- Develop and commit changes
- Push and create merge request
- Review, test, and iterate
- Merge to main
- Deploy automatically or manually
Issue and Project Management
Issue Templates
Create in .gitlab/issue_templates/:
Bug.md:
## Description
Clear description of the bug.
## Steps to Reproduce
1. Step one
2. Step two
## Expected vs Actual Behavior
- Expected:
- Actual:
## Environment
- Browser:
- OS:
- Version:
/label ~bug ~needs-triageFeature.md:
## Problem Statement
Describe the problem this feature solves.
## Proposed Solution
Describe your proposed solution.
## Acceptance Criteria
- [ ] Criterion 1
- [ ] Criterion 2
/label ~feature ~needs-refinementLabels and Boards
Organize with labels:
- Type:
~bug,~feature,~documentation
- Priority:
~priority::high,~priority::medium,~priority::low
- Status:
~workflow::ready,~workflow::in-progress,~workflow::review
- Team:
~team::backend,~team::frontend
Milestones
- Use milestones for sprints or releases
- Track progress with burndown charts
- Close milestones when complete
Repository Settings
Protected Branches
Configure for main:
- Allowed to merge: Maintainers
- Allowed to push: No one
- Require approval
- Require pipeline success
Merge Request Settings
- Fast-forward merge or merge commit
- Squash commits option
- Delete source branch after merge
- Require all discussions resolved
Security Best Practices
CI/CD Variables
# Use protected and masked variables
variables:
DEPLOY_TOKEN:
value: ""
description: "Deployment authentication token"Configure in Settings > CI/CD > Variables:
- Protected: Only available in protected branches
- Masked: Hidden in job logs
Access Control
- Use groups for team permissions
- Follow least privilege principle
- Enable 2FA requirement
- Audit access regularly
Compliance
Enable compliance features:
- Merge request approvals
- Push rules
- Audit events
- Compliance frameworks
Auto DevOps
For quick setup, enable Auto DevOps:
include:
- template: Auto-DevOps.gitlab-ci.yml
variables:
AUTO_DEVOPS_PLATFORM_TARGET: ECS
POSTGRES_ENABLED: "true"Features included:
- Auto Build
- Auto Test
- Auto Code Quality
- Auto SAST
- Auto Dependency Scanning
- Auto Container Scanning
- Auto Review Apps
- Auto Deploy