This article outlines how to deploy GitLab Runners on Amazon EKS Auto Mode to enhance containerized CI/CD processes. It highlights the use of EC2 Spot Instances for cost savings and provides a step-by-step guide for setting up the environment.

This article outlines how attackers can exploit self-hosted GitLab environments, particularly through instance runners. It details the steps to gain access, including hijacking runners and extracting sensitive information from repositories. The post also offers defensive measures to mitigate these risks.

GitLab introduces enhancements to variable and artifact sharing in parent-child pipelines, allowing for more efficient management of pipeline data across different stages. This update simplifies the process of passing variables and artifacts, improving collaboration and CI/CD workflows for developers.

GitLab has released critical security updates for its DevSecOps platform to address multiple vulnerabilities, including account takeover and injection of malicious jobs in CI/CD pipelines. Users are urged to upgrade to the latest versions immediately to protect against these security flaws, which have been exploited in recent attacks on major companies.

CI/CD pipelines often contain sensitive information within their logs, making them a critical target for attackers. The article discusses how to implement automated scanning of GitLab CI logs using GitGuardian's tools to detect and manage exposed secrets, enhancing security across the DevOps lifecycle. This approach helps organizations catch runtime secrets and maintain compliance while integrating seamlessly into existing workflows.

GitLab 18 has been released, introducing significant enhancements aimed at improving the user experience and streamlining development workflows. Key features include improved performance metrics, enhanced security measures, and more integrated CI/CD tools designed to facilitate better collaboration among development teams.

GitLab has released version 18.1, introducing new features and enhancements aimed at improving user experience and performance. This update includes updates to the CI/CD pipelines, enhancements in security, and improved integration capabilities with other tools. Users can expect a more efficient workflow and streamlined collaboration with these advancements.

The article discusses the importance of secure and preferred methods for passing parameters to CI/CD pipelines in GitLab. It emphasizes best practices and strategies to enhance security while ensuring efficient parameter handling within the pipeline process.