GitLab GitOps: The Basics and a Quick Tutorial

Article Content

What Is GitLab?

GitLab is an all-in-one DevSecOps platform that provides source code management (SCM), continuous integration/continuous deployment (CI/CD), and security features within a single application. It enables teams to collaborate on software development, automate workflows, and manage infrastructure. 

GitLab supports cloud-native, multi-cloud, and on-premise deployments. With built-in Git-based version control, GitLab allows developers to track changes, manage branches, and review code. Its integrated CI/CD pipelines help automate testing and deployment. GitLab also offers security features such as vulnerability scanning, compliance management, and access controls.

Key Features of GitLab for GitOps

GitLab supports GitOps workflows by integrating version control, CI/CD, and infrastructure automation into a single platform. Some of its key features for GitOps include:

  • Git-based version control: GitLab allows teams to manage infrastructure as code (IaC) using familiar Git workflows. Configurations and policies are versioned, ensuring traceability and reproducibility. During incidents, teams can roll back to a stable state quickly.
  • Code review and collaboration: Merge requests enable structured code reviews with in-line comments, threaded discussions, and approval workflows, helping maintain high-quality infrastructure code.
  • CI/CD and GitOps workflows: GitLab’s built-in CI/CD pipelines automate infrastructure deployments and testing. It supports infrastructure as code (IaC) security scanning and integrates with Flux for pull-based GitOps workflows.
  • Protected branches and environments: Teams can enforce deployment policies by restricting access to specific branches and environments. This ensures controlled, secure changes to production infrastructure.
  • Terraform integration: GitLab stores Terraform state files and modules, displaying Terraform plan outputs directly in merge requests. This simplifies infrastructure automation and state management.

Multi-cloud and hybrid deployments: GitLab supports deployments across containers, virtual machines (VMs), and bare metal. It integrates with cloud providers like AWS, Azure, and Google Cloud.

Read our guide to GitLab CI/CD pipeline

Quick Tutorial: Getting Started with GitOps with GitLab

GitLab, combined with Flux, enables a GitOps workflow by integrating source control, CI/CD, and cluster management. This tutorial shows how to set up Flux with GitLab for GitOps, including bootstrapping a Git repository, configuring Flux, and deploying an example application. Instructions are adapted from the GitLab documentation.

Prerequisites

Before starting, ensure you have:

  • A Kubernetes cluster accessible via kubectl
  • Flux CLI installed and configured

A GitLab personal access token with the api scope

Step 1: Install and Configure Flux

Flux is a CNCF-backed tool that enables pull-based GitOps deployments:

  1. Install Flux CLI, as detailed in the Flux documentation.

Verify installation using flux -v.

Step 2: Bootstrap Flux in GitLab

Bootstrap Flux into an empty GitLab repository to enable automated deployments. Run:

flux bootstrap gitlab \
  --hostname=gitlab.example.org \
  --owner=example-group/optional-subgroup \
  --repository=example-repository \
  --branch=main \
  --path=clusters/testing \
  --deploy-token-auth

This initializes Flux, creates necessary configuration files, and commits them to the repository.

Step 3: Connect GitLab Agent for Kubernetes

To link GitLab with a Kubernetes cluster, install and configure the GitLab agent:

  1. Install the GitLab CLI (glab). Verify installation using glab version
  2. Run the following command to register the agent and configure an environment:
glab cluster agent bootstrap --manifest-path 
clusters/testing testing

This registers the agent, sets up cluster access, and configures a Kubernetes dashboard.

Step 4: Verify Deployment in the GitLab UI

  1. Navigate to Operate, then Environments in the GitLab project.
  2. Select the desired environment (e.g., flux-system/gitlab-agent).
  3. View the Kubernetes Overview tab for real-time cluster status.

Step 5: Secure the Deployment

  1. For better security, replace default access settings in
.gitlab/agents/testing/config.yaml:

user_access:
  access_as:
    user: {}
  1. Then, apply a ClusterRoleBinding to grant read access:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: gitlab-user-view
roleRef:
  kind: ClusterRole
  name: view
  apiGroup: rbac.authorization.k8s.io
subjects:
  - kind: Group
    name: gitlab:user
  1. After a few seconds, the GitLab dashboard should reflect the updated access policies.

Notable GitLab Limitations

GitLab is a popular platform, but it has some important limitations to be aware of. These limitations were reported by users on the G2 platform:

  • Uncertain project future: The company behind Flux shut down and Flux development has slowed down
  • No added value: Flux support in Gitlab doesn’t offer any additional features such as environment promotions, version management or artifact tagging
  • Extra configuration needed: For large enterprises there is no support for handling many applications (similar to Argo CD application sets)
  • Integration issues: Users have reported occasional errors when integrating GitLab with other tools, which can disrupt workflows.
  • Merge conflicts: Some GitLab commands, particularly those related to merging, can lead to conflicts that are difficult to resolve.
  • Lack of public repositories: Unlike other platforms, GitLab does not provide an easy way to create public repositories, limiting open-source collaboration.
  • Limited reporting features: Customization options for reports are restricted compared to tools like Jira, making it harder to track workflow changes.
  • Runner scheduling issues: GitLab runners sometimes fail to schedule jobs for extended durations, which can be frustrating for users.
  • Complex UI for beginners: The interface can feel cluttered and difficult to navigate, especially for new users.
  • High pricing for premium features: Advanced features come at a high cost, which may not be affordable for small teams or individual developers.
  • Limited code search: Searching for code snippets across multiple projects is not as efficient or intuitive as some users expect.
  • Self-hosting requirements: The GitLab Community Edition requires a self-hosted server with at least 4GB of memory and significant disk space, making it resource-intensive.
  • Occasional crashes: Users have reported occasional system crashes, which can disrupt development workflows.
  • Missing features compared to GitHub: Some users feel that GitLab lacks certain features available on GitHub, limiting its appeal.
  • Insufficient documentation: The provided documentation is not always detailed enough, making it harder to troubleshoot issues.
  • Slow support response: The support team’s response time can be slow, leading to delays in issue resolution.
  • Frequent UI changes: The interface undergoes frequent changes, sometimes making it harder for users to adapt.
  • No gist feature for code snippets: Unlike GitHub, GitLab does not offer a built-in gist feature for sharing small code snippets.

Combine GitLab with Codefresh to Support Advanced GitOps Workflows

GitLab is a powerful platform but it is focused mostly on CI and supports only basic GitOps workflows. Codefresh is created specifically for GitOps and Cloud native applications and includes native support for using GitLab as a Git provider.

This means that you can get the best of both worlds by keeping all your CI workflows in GitLab, while using Codefresh for advanced features such as:

  • Application dashboards
  • Git source managements
  • Configuration drift management
  • Kubernetes environment dashboards
  • Topology views

In case you are new to Codefresh – we have made it our mission since 2014 to help teams accelerate their pace of innovation. Codefresh recently released a completely rebuilt GitOps CI/CD toolset. Powered by Argo, Codefresh now combines the best of open source with an enterprise-grade runtime allowing you to fully tap the power of Argo Workflows, Events, CD, and Rollouts. It provides teams with a unified GitOps experience to build, test, deploy, and scale their applications.

Related GitLab CI articles