What is CircleCI? Founded in 2011 and headquartered in San Francisco, Ca., CircleCI provides a service that automates the Continuous Integration stage of the Software Development Life Cycle (SDLC). Their CI service offering can be hosted in the cloud or on a private server. CI jobs are built within four different environments: a Docker image, a Linux VM, Windows VM, or a MacOS VM. They demonstrate their support of the Open Source Community by providing organizations with free credits for Open Source builds.
CircleCI Orbs
CircleCI can provide automated services for other stages of the Software Development Life Cycle (SDLC) using third party plug-ins that they call “Orbs”. They define Orbs as reusable/sharable packages of YAML configurations that condenses repeated pieces of configs into a single line of code. In other words, think of Orbs as a pointer that is included in the YAML configuration file that activates a piece of code during the build process that performs a function. The Orbs are housed in an open source code library.
FEATURES | CircleCI |
|
---|---|---|
GitLab Self-monitoring
GitLab comes out of the box enabled for Prometheus monitoring with extensive instrumentation, making it easy to ensure your GitLab deployment is responsive and healthy. |
|
|
Project Level Value Stream Analytics
GitLab provides a dashboard that lets teams measure the time it takes to go from planning to monitoring. GitLab can provide this data because it has all the tools built-in: from the idea, to the CI, to code review, to deploy to production. |
|
|
Group Level Value Stream Analytics
GitLab provides a group dashboard that lets teams measure the time it takes to go from planning to monitoring. GitLab can provide this data because it has all the tools built-in: from the idea, to the CI, to code review, to deploy to production. |
|
|
Built-in Container Registry
GitLab Container Registry is a secure and private registry for Docker images. It allows for easy upload and download of images from GitLab CI. It is fully integrated with Git repository management. (Codefresh will be ending their support for private docker registries as of May 1, 2020 |
|
|
Preview your changes with Review Apps
With GitLab CI/CD you can create a new environment for each one of your branches, speeding up your development process. Spin up dynamic environments for your merge requests with the ability to preview your branch in a live environment. Review Apps support both static and dynamic URLs. |
|
|
Built for using containers and Docker
GitLab ships with its own Container Registry, Docker CI Runner, and is ready for a complete CI/CD container workflow. There is no need to install, configure, or maintain additional plugins. |
|
|
Cloud Native
GitLab and its CI/CD is Cloud Native, purpose built for the cloud model. GitLab can be easily deployed on Kubernetes and used to deploy your application to Kubernetes with support out of the box. |
|
|
Comprehensive pipeline graphs
Pipelines can be complex structures with many sequential and parallel jobs. To make it a little easier to see what is going on, you can view a graph of a single pipeline and its status. |
|
|
Browsable artifacts
With GitLab CI you can upload your job artifacts in GitLab itself without the need of an external service. Because of this, artifacts are also browsable through GitLab’s web interface. |
|
|
Latest artifacts locked to prevent deletion
The latest artifact of a successful job and pipeline on any active branch, MR, or tag is automatically locked to prevent being deleted. This makes it possible to set an aggressive expiration policy to clean up older artifacts, reduce disk space consumption, and ensure the latest artifact is always available. This default behavior is configurable at the project level and can be disabled in project settings. |
|
|
Scheduled triggering of pipelines
You can make your pipelines run on a schedule in a cron-like environment. |
|
|
Code Quality MR Widget
Code Quality reports are available in the merge request widget area, giving you early insights into how the change will affect the health of your code before deciding if you want to accept it. |
|
|
Code Quality Reports
Full Code Quality reports are available on the pipeline page, showing areas of the codebase that do not meet the organization’s preferred style or standards. |
|
|
Code Quality violation notices in MR diffs
Code Quality violations introduced in a merge request are annotated in the merge request diff view to detail how the code quality could decrease if merged. |
|
|
Multi-project pipeline graphs
Visualize how pipelines across projects are linked together, including cross project dependencies. |
|
|
Protected variables
You can mark a variable as “protected” to make it available only to jobs running on protected branches, therefore only authorized users can get access to it. |
|
|
Environments and deployments
GitLab CI is capable of not only testing or building your projects, but also deploying them in your infrastructure, with the added benefit of giving you a way to track your deployments. Environments are like tags for your CI jobs, describing where code gets deployed. |
|
|
Environments history
Environments history allows you to see what is currently being deployed on your servers, and to access a detailed view for all the past deployments. From this list you can also re-deploy the current version, or even rollback an old stable one in case something went wrong. |
|
|
Environment-specific variables
Limit the environment scope of a variable by defining which environments it can be available for. |
|
|
Group-level variables
Define variables at the group level and use them in any project in the group. |
|
|
Customizable path for CI/CD configuration
You can define a custom path into your repository for your CI/CD configuration file. |
|
|
Run CI/CD jobs on Windows
GitLab Runner supports Windows and can run jobs natively on this platform. You can automatically build, test, and deploy Windows-based projects by leveraging PowerShell or batch files. |
|
|
Run CI/CD jobs on macOS
GitLab Runner supports macOS and can run jobs natively on this platform. You can automatically build, test, and deploy for macOS based projects by leveraging shell scripts and command line tools. |
|
|
Run CI/CD jobs on Linux ARM
GitLab Runner supports Linux operating systems on ARM architectures and can run jobs natively on this platform. You can automatically build, test, and deploy for Linux ARM based projects by leveraging shell scripts and command line tools. |
|
|
Run CI/CD jobs on FreeBSD
GitLab Runner supports FreeBSD and can run jobs natively on this platform. You can automatically build, test, and deploy for FreeBSD-based projects by leveraging shell scripts and command line tools. |
|
|
Show code coverage rate for your pipelines
GitLab is able to parse job output logs and search, via a customizable regex, any information created by tools like SimpleCov to get code coverage. Data is automatically available in the UI and also as a badge you can embed in any HTML page or publish using GitLab Pages. Learn how to generate and show code coverage information in GitLab |
|
|
Details on duration for each command execution in GitLab CI/CD
Other CI systems show execution time for each single command run in CI jobs, not just the overall time. We’re reconsidering how job output logs are managed in order to add this feature as well. |
|
|
Auto DevOps
Auto DevOps brings DevOps best practices to your project by automatically configuring software development lifecycles by default. It automatically detects, builds, tests, deploys, and monitors applications. |
|
|
Protected Runners
Protected Runners allow you to protect your sensitive information, for example deployment credentials, by allowing only jobs running on protected branches to access them. |
|
|
GitLab Agent for Kubernetes
Manage the deployments and connection to your Kubernetes clusters in a secure and compliant way, driven by code. |
|
|
Fine-grained access controls for CI/CD based Kubernetes deployments
Restrict GitLab CI/CD deployment jobs using Kubernetes RBAC |
|
|
GitOps deployment management
Run GitOps-style deployments tightly integrated into GitLab |
|
|
Canary Deployments
GitLab Premium can monitor your Canary Deployments when
deploying your applications with Kubernetes. Canary Deployments can be configured directly through |
|
|
Automatic Retry for Failed CI Jobs
You can specify a retry keyword in your .gitlab-ci.yml file to make GitLab CI/CD retry a job for a specific number of times before marking it as failed. |
|
|
Pipelines security
The ability of running CI/CD pipelines on protected branches is checked against a set of security rules that defines if you’re allowed or not. It includes creating new pipelines, retrying jobs, and perform manual actions. |
|
|
Include external files in CI/CD pipeline definition
You can include external files in your pipeline definition file, using them as templates to reuse snippets for common jobs. |
|
|
Static Application Security Testing
GitLab allows easily running Static Application Security Testing (SAST) in CI/CD pipelines; checking for vulnerable source code or well known security bugs in the libraries that are included by the application. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default. |
|
|
Infrastructure as Code (IaC) Security Scanning
With Gitlab 14.5 we’re introducing security scanning for Infrastructure as Code (IaC) configuration files. |
|
|
Secret Detection
GitLab allows you to perform Secret Detection in CI/CD pipelines; checking for unintentionally committed secrets and credentials. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default. |
|
|
Dependency Scanning
Protect your application from vulnerabilities that affect dynamic dependencies by automatically detecting well-known security bugs in your included libraries. |
|
|
Dynamic Application Security Testing
Ensure you are not exposed to web application vulnerabilities like broken authentication, cross-site scripting, or SQL injection by dynamically investigating your running test applications in CI/CD pipelines. |
|
|
Interactive Application Security Testing
IAST combines elements of static and dynamic application security testing methods to improve the overall quality of the results. IAST typically uses an agent to instrument the application to monitor library calls and more. GitLab does not yet offer this feature. |
|
|
Container Scanning
Run a security scan to ensure the Docker images for your application do not have any known vulnerabilities in the environment where your code is shipped. |
|
|
Browser Performance Testing
Easily detect performance regressions for web apps and pages prior to merging into master. Browser Performance Testing is included in Auto DevOps, providing automatic performance analytics of the root page with zero configuration. |
|
|
Load Performance Testing
Easily detect performance regressions for APIs prior to merging into master. |
|
|
Automated Accessibility scanning of Review Apps
Performing accessibility testing is important in order to ensure you’re serving all the users who use your products. In GitLab you can generate Accessibility reports automatically prior to merging into master. |
|
|
Step folding for CI/CD logs
Collapse the job log output for each command. |
|
|
Windows Container Executor
With this feature you are able to use Docker containers on Windows directly, in much the same was as if they were on Linux hosts. This enables more advanced kinds of pipeline orchestration and management for users of Microsoft platforms. |
|
|
Comments in Review Apps
Shorten the feedback cycle and enable stakeholders to provide comments through a form in your review app - which is then automatically added to the related merge request . |
|
|
On-demand DAST
Identify vulnerabilities in your running application, independent of code changes or merge requests. |
|
|
Site and Scanner profiles for On-demand DAST scans
Reuse configuration profiles quickly with on-demand DAST scans, instead of reconfiguring scans every time you need to run one. Mix different scan profiles with site profiles to quickly conduct scans that cover different areas or depths of your application and API. |
|
|
DAST Configuration UI
Enabling DAST is now as simple as three clicks. This guided configuration experience makes it easier for non-CI experts to get started with GitLab DAST. The tool helps a user create a merge request to enable DAST scanning while leveraging best configuration practices like using the GitLab-managed |
|
|
Scheduling On-demand DAST scans
Set on-demand DAST scans to run on ad hoc or recurring schedules. |
|
|