Customizing Auto DevOps (FREE)
While Auto DevOps provides great defaults to get you started, you can customize almost everything to fit your needs. Auto DevOps offers everything from custom buildpacks, to Dockerfiles, and Helm charts. You can even copy the complete CI/CD configuration into your project to enable staging and canary deployments, manage Auto DevOps with GitLab APIs, and more.
If the automatic buildpack detection fails for your project, or if you need more control over your build, you can customize the buildpacks used for the build.
Custom buildpacks with Cloud Native Buildpacks
Introduced in GitLab 12.10.
- The CI/CD variable
BUILDPACK_URLwith any of
pack's URI specification formats.
project.tomlproject descriptor with the buildpacks you would like to include.
Custom buildpacks with Herokuish
- The CI/CD variable
.buildpacksfile at the root of your project, containing one buildpack URL per line.
The buildpack URL can point to either a Git repository URL or a tarball URL.
For Git repositories, you can point to a specific Git reference (such as
commit SHA, tag name, or branch name) by appending
#<ref> to the Git repository URL.
- The tag
- The branch
- The commit SHA
Using multiple buildpacks is not fully supported by Auto DevOps, because Auto Test
can't use the
.buildpacks file. The buildpack
in the backend to parse the
.buildpacks file, does not provide the necessary commands
If your goal is to use only a single custom buildpack, you should provide the project CI/CD variable
DOCKERFILE_PATHwas introduced in GitLab 13.2
If your project has a
Dockerfile in the root of the project repository, Auto DevOps
builds a Docker image based on the Dockerfile, rather than using buildpacks.
This can be much faster and result in smaller images, especially if your
Dockerfile is based on Alpine.
If you set the
DOCKERFILE_PATH CI/CD variable, Auto Build looks for a Dockerfile there
Passing arguments to
Arguments can be passed to the
docker build command using the
AUTO_DEVOPS_BUILD_IMAGE_EXTRA_ARGS project CI/CD variable. For example, to build a
Docker image based on based on the
ruby:alpine instead of the default
Add the following to a custom
ARG RUBY_VERSION=latest FROM ruby:$RUBY_VERSION # ... put your stuff here
Use Base64 encoding if you need to pass complex values, such as newlines and spaces. Left unencoded, complex values like these can cause escaping issues due to how Auto DevOps uses the arguments.
WARNING: Avoid passing secrets as Docker build arguments if possible, as they may be persisted in your image. See this discussion of best practices with secrets for details.
Custom container image
|Entry||Default||Can be overridden by|
These variables also affect Auto Build and Auto Container Scanning. If you don't want to build and push an image to
Jobs/Deploy.gitlab-ci.yml, or disabling the
If you use Auto Container Scanning and set a value for
$CI_APPLICATION_REPOSITORY, then you should
$CS_DEFAULT_BRANCH_IMAGE. See Setting the default branch image
for more details.
Here is an example setup in your
variables: CI_APPLICATION_REPOSITORY: <your-image-repository> CI_APPLICATION_TAG: <the-tag>
Extend Auto DevOps with the API
You can extend and manage your Auto DevOps configuration with GitLab APIs:
Settings that can be accessed with API calls,
auto_devops_enabled, to enable Auto DevOps on projects by default.
- Creating a new project.
- Editing groups.
- Editing projects.
Forward CI/CD variables to the build environment
Introduced in GitLab 12.3, but available in GitLab 12.0 and later.
CI/CD variables can be forwarded into the build environment using the
AUTO_DEVOPS_BUILD_IMAGE_FORWARDED_CI_VARIABLES CI/CD variable.
The forwarded variables should be specified by name in a comma-separated
list. For example, to forward the variables
When using Buildpacks, the forwarded variables are available automatically as environment variables.
When using a
Dockerfile, the following additional steps are required:
Activate the experimental
Dockerfilesyntax by adding the following code to the top of the file:
# syntax = docker/dockerfile:experimental
To make secrets available in any
RUN $COMMANDin the
Dockerfile, mount the secret file and source it prior to running
RUN --mount=type=secret,id=auto-devops-build-secrets . /run/secrets/auto-devops-build-secrets && $COMMAND
AUTO_DEVOPS_BUILD_IMAGE_FORWARDED_CI_VARIABLES is set, Auto DevOps
enables the experimental Docker BuildKit
feature to use the
Custom Helm Chart
Auto DevOps uses Helm to deploy your application to Kubernetes. You can override the Helm chart used by bundling up a chart into your project repository or by specifying a project CI/CD variable:
Bundled chart - If your project has a
./chartdirectory with a
Chart.yamlfile in it, Auto DevOps detects the chart and uses it instead of the default chart, enabling you to control exactly how your application is deployed.
Project variable - Create a project CI/CD variable
AUTO_DEVOPS_CHARTwith the URL of a custom chart to use, or create two project variables:
AUTO_DEVOPS_CHART_REPOSITORYwith the URL of a custom chart repository, and
AUTO_DEVOPS_CHARTwith the path to the chart.
Customize values for Helm Chart
Introduced in GitLab 12.6,
.gitlab/auto-deploy-values.yamlis used by default for Helm upgrades.
You can override the default values in the
values.yaml file in the
default Helm chart by either:
- Adding a file named
.gitlab/auto-deploy-values.yamlto your repository, which is automatically used, if found.
- Adding a file with a different name or path to the repository, and setting the
HELM_UPGRADE_VALUES_FILECI/CD variable with the path and name.
Some values cannot be overridden with the options above. Settings like
replicaCount should instead be overridden with the
build and deployment CI/CD variable. Follow this issue for more information.
For GitLab 12.5 and earlier, use the
to override the default chart values by setting
helm upgrade command
You can customize the
helm upgrade command used in the auto-deploy-image
by passing options to the command with the
HELM_UPGRADE_EXTRA_ARGS CI/CD variable.
For example, set the value of
--no-hooks to disable
pre-upgrade and post-upgrade hooks when the command is executed.
See the official documentation for the full list of options.
Custom Helm chart per environment
You can specify the use of a custom Helm chart per environment by scoping the CI/CD variable to the desired environment. See Limit environment scope of CI/CD variables.
To modify the CI/CD pipeline used by Auto DevOps,
include the template, and customize
it as needed by adding a
.gitlab-ci.yml file to the root of your repository
containing the following:
include: - template: Auto-DevOps.gitlab-ci.yml
If you need to specifically remove a part of the file, you can also copy and paste the contents of the Auto DevOps template into your project and edit it as needed.
Use multiple Kubernetes clusters
Customizing the Kubernetes namespace
In GitLab 14.5 and earlier, you could use
to specify a namespace for the environment.
However, this feature was deprecated,
along with certificate-based integration.
You should now use the
KUBE_NAMESPACE environment variable and
limit the environments it is available for.
Using components of Auto DevOps
If you only require a subset of the features offered by Auto DevOps, you can include
individual Auto DevOps jobs into your own
.gitlab-ci.yml. Each component job relies
on a stage that should be defined in the
.gitlab-ci.yml that includes the template.
For example, to make use of Auto Build, you can add the following to
stages: - build include: - template: Jobs/Build.gitlab-ci.yml
See the Auto DevOps template for information on available jobs.
Auto DevOps templates using the
except syntax have switched
rules syntax, starting in
.gitlab-ci.yml extends these Auto DevOps templates and override the
except keywords, you must migrate your templates to use the
rules syntax after the
base template is migrated to use the
For users who cannot migrate just yet, you can alternatively pin your templates to
the GitLab 12.10 based templates.
Use images hosted in a local Docker registry
You can configure many Auto DevOps jobs to run in an offline environment:
Copy the required Auto DevOps Docker images from Docker Hub and
registry.gitlab.comto their local GitLab container registry.
After the images are hosted and available in a local registry, edit
.gitlab-ci.ymlto point to the locally-hosted images. For example:
include: - template: Auto-DevOps.gitlab-ci.yml variables: REGISTRY_URL: "registry.gitlab.example" build: image: "$REGISTRY_URL/docker/auto-build-image:v0.6.0" services: - name: "$REGISTRY_URL/greg/docker/docker:20.10.16-dind" command: ['--tls=false', '--host=tcp://0.0.0.0:2375']
PostgreSQL database support
To support applications requiring a database,
PostgreSQL is provisioned by default. The credentials to access
the database are preconfigured, but can be customized by setting the associated
CI/CD variables. You can use these credentials to define a
The CI/CD variable
AUTO_DEVOPS_POSTGRES_CHANNEL that controls default provisioned
PostgreSQL was changed to
2 in GitLab 13.0.
To keep using the old PostgreSQL, set the
AUTO_DEVOPS_POSTGRES_CHANNEL variable to
The version of the chart used to provision PostgreSQL:
- Is 8.2.1 in GitLab 13.0 and later, but can be set back to 0.7.1 if needed.
- Can be set to from 0.7.1 to 8.2.1 in GitLab 12.9 and 12.10.
- Is 0.7.1 in GitLab 12.8 and earlier.
GitLab encourages users to migrate their database to the newer PostgreSQL.
Customize values for PostgreSQL Helm Chart
Introduced in auto-deploy-image v2, in GitLab 13.8.
To set custom values, do one of the following:
- Add a file named
.gitlab/auto-deploy-postgres-values.yamlto your repository. If found, this file is used automatically. This file is used by default for PostgreSQL Helm upgrades.
- Add a file with a different name or path to the repository, and set the
POSTGRES_HELM_UPGRADE_VALUES_FILEenvironment variable with the path and name.
- Set the
Using external PostgreSQL database providers
While Auto DevOps provides out-of-the-box support for a PostgreSQL container for production environments, for some use cases, it may not be sufficiently secure or resilient, and you may want to use an external managed provider (such as AWS Relational Database Service) for PostgreSQL.
You must define environment-scoped CI/CD variables for
DATABASE_URL in your project's CI/CD settings:
Disable the built-in PostgreSQL installation for the required environments using environment-scoped CI/CD variables. For this use case, it's likely that only
productionmust be added to this list. The built-in PostgreSQL setup for Review Apps and staging is sufficient.
DATABASE_URLvariable as an environment-scoped variable that is available to your application. This should be a URL in the following format:
You must ensure that your Kubernetes cluster has network access to wherever PostgreSQL is hosted.
Auto DevOps banner
The following Auto DevOps banner displays for users with Maintainer or greater permissions on new projects when Auto DevOps is not enabled:
The banner can be disabled for:
- A user, when they dismiss it themselves.
- A project, by explicitly disabling Auto DevOps.
- An entire GitLab instance:
By an administrator running the following in a Rails console:
Through the REST API with an administrator access token:
curl --data "value=true" --header "PRIVATE-TOKEN: <personal_access_token>" "https://gitlab.example.com/api/v4/features/auto_devops_banner_disabled"