GitLab · Cross-Cutting Tools Deep Dive

Where It Fits

Why Pick GitLab Over GitHub

Self-managed by default. The Community Edition is open source; you can run it on your own VMs or Kubernetes. Banks, defense, government — anywhere data residency matters.
CI/CD is first-class, not bolted on. .gitlab-ci.yml has been there since the start, with concepts like stages, jobs, and pipelines that map cleanly to most build/test/deploy flows.
Built-in DevSecOps. SAST, DAST, container scanning, dependency scanning, secret detection — all included on the right tier, all surfaced in the merge request UI.
One product, one bill. Auto DevOps, Pages, Wiki, Registry — all in the same UI under the same login.

Concepts

Term	Meaning
Group / Subgroup	Org structure; settings, runners, and tokens cascade down.
Project	A repo plus its issues, MRs, pipelines, registry.
Merge Request (MR)	GitLab's term for a pull request.
Pipeline	A run of `.gitlab-ci.yml` made of stages of jobs.
Runner	The agent that executes jobs. Shared, group, or project-scoped; SaaS or self-hosted.
Environment	Named target (staging, prod) with deployment history and rollback.
Review App	Ephemeral environment spun up per MR for visual review.

Tradeoffs

Self-hosting has a tail. The "omnibus" install is easy; the upgrades, backups, runner fleet, and storage growth are not.
Tier gating. Premium and Ultimate features (security dashboards, compliance, advanced approvals) are paywalled — read the comparison table before you build a plan around them.
UI is dense. The everything-in-one-place strength is also a learning curve.
Smaller marketplace than GitHub Actions — you'll write more pipeline code yourself.

Continue