Published in


Trying Gitlab CI

I start by importing a project from Bitbucket cloud.

One of my favorite UI design — tabbed based menu:

And, Gitlab totally understand and acknowledge that you could already have some code somewhere to start with:

select your projects:

this is rather impressive — when you are trying to add a CI yaml to your repo, it prompted with a rich number of templates.

a normal CI workflow

the pipeline syntax looks very O.O.P.

definition of sast
sast-analyzer extends ‘sast’
eslint-sast and node-js-sast extends ‘sast-analyzer’

job results:

what I like about the GitLab CI:

-- CI pipeline is built-in and managed in the page just like Azure DevOps and Bitbucket and GitHub Action.-- the pipeline is running the tests in the pipeline in parallel automatically even before I realize it!-- Pipeline syntax are rather intuitive.-- and it supports docker as CI environment out of box.-- the pipeline editor overall is still ok-- CI lint-- CI scheduler

what I don’t like about the pipeline editor

when you choose a template from the drop down, it overwrites everything in your editor, this is so different from Azure DevOps or GitHub actions. Not so user friendly to me.

Now let’s add one additional self defined SAST here:

read more:



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


I am a coder/engineer/application security specialist. I like to play around with language and tools; I have strong interest in efficiency improvement.