GitLab
vs
Travis CI
vs
Decision Kit
Decision Kit
Travis CI is a hosted, distributed continuous integration service used to build and test software projects hosted at GitHub. Travis CI also offers a self-hosted version called Travis CI Enterprise which requires either a GitHub Enterprise installation or account on GitHub.com. In contrast, GitLab.com and GitLab self-hosted versions offer both source code management, issue tracking, continuous integration, and many more DevOps tool chain requirements in a single application, while still also working with GitHub.
When Travis CI has been activated for a given repository, GitHub will notify it whenever new commits are pushed to that repository or a pull request is submitted. Travis CI will then check out the relevant branch and run the commands specified in .travis.yml, which usually build the software and run any automated tests. When that process has completed, Travis notifies the developer(s) in the way it has been configured to do so.
Although the Travis CI source is technically free software and available piecemeal on GitHub under permissive licenses, the company notes that it is unlikely that casual users could successfully integrate it on their own platforms. (ref: wikipedia). In contrast, GitLab is open source and open core and available for everyone to contribute.
Feature Comparison
| FEATURES |
|
|
|---|---|---|
|
Application performance monitoring
GitLab collects and displays performance metrics for deployed apps, leveraging Prometheus. Developers can determine the impact of a merge and keep an eye on their production systems, without leaving GitLab. |
|
|
|
Application performance alerts
GitLab allows engineers to seamlessly create service level indicator alerts and be notified of any desired events, all within the same workflow where they write their code. |
|
|
|
GitLab Self-monitoring
GitLab comes out of the box enabled for Prometheus monitoring with extensive instrumentation, making it easy to ensure your GitLab deployment is responsive and healthy. |
|
|
|
Project Level Value Stream Analytics
GitLab provides a dashboard that lets teams measure the time it takes to go from planning to monitoring. GitLab can provide this data because it has all the tools built-in: from the idea, to the CI, to code review, to deploy to production. |
|
|
|
Group Level Value Stream Analytics
GitLab provides a group dashboard that lets teams measure the time it takes to go from planning to monitoring. GitLab can provide this data because it has all the tools built-in: from the idea, to the CI, to code review, to deploy to production. |
|
|
|
Built-in Container Registry
GitLab Container Registry is a secure and private registry for Docker images. It allows for easy upload and download of images from GitLab CI. It is fully integrated with Git repository management. (Codefresh will be ending their support for private docker registries as of May 1, 2020 |
|
|
|
Preview your changes with Review Apps
With GitLab CI/CD you can create a new environment for each one of your branches, speeding up your development process. Spin up dynamic environments for your merge requests with the ability to preview your branch in a live environment. Review Apps support both static and dynamic URLs. |
|
|
|
Built for using containers and Docker
GitLab ships with its own Container Registry, Docker CI Runner, and is ready for a complete CI/CD container workflow. There is no need to install, configure, or maintain additional plugins. |
|
|
|
Cloud Native
GitLab and its CI/CD is Cloud Native, purpose built for the cloud model. GitLab can be easily deployed on Kubernetes and used to deploy your application to Kubernetes with support out of the box. |
|
|
|
Container debugging with an integrated web terminal
Easily debug your containers in any of your environments using the built-in GitLab Web Terminal. GitLab can open a terminal session directly from your environment if your application is deployed on Kubernetes. This is a very powerful feature where you can quickly debug issues without leaving the comfort of your web browser. |
|
|
|
Comprehensive pipeline graphs
Pipelines can be complex structures with many sequential and parallel jobs. To make it a little easier to see what is going on, you can view a graph of a single pipeline and its status. |
|
|
|
Browsable artifacts
With GitLab CI you can upload your job artifacts in GitLab itself without the need of an external service. Because of this, artifacts are also browsable through GitLab’s web interface. |
|
|
|
Latest artifacts locked to prevent deletion
The latest artifact of a successful job and pipeline on any active branch, MR, or tag is automatically locked to prevent being deleted. This makes it possible to set an aggressive expiration policy to clean up older artifacts, reduce disk space consumption, and ensure the latest artifact is always available. This default behavior is configurable at the project level and can be disabled in project settings. |
|
|
|
Scheduled triggering of pipelines
You can make your pipelines run on a schedule in a cron-like environment. |
|
|
|
Code Quality MR Widget
Code Quality reports are available in the merge request widget area, giving you early insights into how the change will affect the health of your code before deciding if you want to accept it. |
|
|
|
Code Quality Reports
Full Code Quality reports are available on the pipeline page, showing areas of the codebase that do not meet the organization’s preferred style or standards. |
|
|
|
Code Quality violation notices in MR diffs
Code Quality violations introduced in a merge request are annotated in the merge request diff view to detail how the code quality could decrease if merged. |
|
|
|
Multi-project pipeline graphs
With multi-project pipeline graphs you can see how upstream and downstream pipelines are linked together for projects that are linked to others via triggers as part of a more complex design, as it is for micro-services architecture. |
|
|
|
Protected variables
You can mark a variable as “protected” to make it available only to jobs running on protected branches, therefore only authorized users can get access to it. |
|
|
|
Environments and deployments
GitLab CI is capable of not only testing or building your projects, but also deploying them in your infrastructure, with the added benefit of giving you a way to track your deployments. Environments are like tags for your CI jobs, describing where code gets deployed. |
|
|
|
Environments history
Environments history allows you to see what is currently being deployed on your servers, and to access a detailed view for all the past deployments. From this list you can also re-deploy the current version, or even rollback an old stable one in case something went wrong. |
|
|
|
Environment-specific variables
Limit the environment scope of a variable by defining which environments it can be available for. |
|
|
|
Group-level variables
Define variables at the group level and use them in any project in the group. |
|
|
|
Customizable path for CI/CD configuration
You can define a custom path into your repository for your CI/CD configuration file. |
|
|
|
Run CI/CD jobs on Windows
GitLab Runner supports Windows and can run jobs natively on this platform. You can automatically build, test, and deploy Windows-based projects by leveraging PowerShell or batch files. |
|
|
|
Run CI/CD jobs on macOS
GitLab Runner supports macOS and can run jobs natively on this platform. You can automatically build, test, and deploy for macOS based projects by leveraging shell scripts and command line tools. |
|
|
|
Run CI/CD jobs on Linux ARM
GitLab Runner supports Linux operating systems on ARM architectures and can run jobs natively on this platform. You can automatically build, test, and deploy for Linux ARM based projects by leveraging shell scripts and command line tools. |
|
|
|
Run CI/CD jobs on FreeBSD
GitLab Runner supports FreeBSD and can run jobs natively on this platform. You can automatically build, test, and deploy for FreeBSD-based projects by leveraging shell scripts and command line tools. |
|
|
|
Show code coverage rate for your pipelines
GitLab is able to parse job output logs and search, via a customizable regex, any information created by tools like SimpleCov to get code coverage. Data is automatically available in the UI and also as a badge you can embed in any HTML page or publish using GitLab Pages. Learn how to generate and show code coverage information in GitLab |
|
|
|
Details on duration for each command execution in GitLab CI/CD
Other CI systems show execution time for each single command run in CI jobs, not just the overall time. We’re reconsidering how job output logs are managed in order to add this feature as well. |
|
|
|
Auto DevOps
Auto DevOps brings DevOps best practices to your project by automatically configuring software development lifecycles by default. It automatically detects, builds, tests, deploys, and monitors applications. |
|
|
|
Protected Runners
Protected Runners allow you to protect your sensitive information, for example deployment credentials, by allowing only jobs running on protected branches to access them. |
|
|
|
Easy integration of existing Kubernetes clusters
Add your existing Kubernetes cluster to your project, and easily access it from your CI/CD pipelines to host Review Apps and to deploy your application. |
|
|
|
GitLab Kubernetes Agent
Manage the deployments and connection to your Kubernetes clusters in a secure and compliant way, driven by code. |
|
|
|
Support for multiple Kubernetes clusters
Easily deploy different environments, like Staging and Production, to different Kubernetes clusters. This allows to enforce strict data separation. |
|
|
|
Integrated cluster cost management
Get a peek at the cost of running your applications in Kubernetes to help with your budgeting requirements. Read through the documentation on setting up cluster cost management |
|
|
|
Canary Deployments
GitLab Premium can monitor your Canary Deployments when
deploying your applications with Kubernetes. Canary Deployments can be configured directly through |
|
|
|
Automatic Retry for Failed CI Jobs
You can specify a retry keyword in your .gitlab-ci.yml file to make GitLab CI/CD retry a job for a specific number of times before marking it as failed. |
|
|
|
Pipelines security
The ability of running CI/CD pipelines on protected branches is checked against a set of security rules that defines if you’re allowed or not. It includes creating new pipelines, retrying jobs, and perform manual actions. |
|
|
|
Include external files in CI/CD pipeline definition
You can include external files in your pipeline definition file, using them as templates to reuse snippets for common jobs. |
|
|
|
Static Application Security Testing
GitLab allows easily running Static Application Security Testing (SAST) in CI/CD pipelines; checking for vulnerable source code or well known security bugs in the libraries that are included by the application. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default. |
|
|
|
Secret Detection
GitLab allows you to perform Secret Detection in CI/CD pipelines; checking for unintentionally committed secrets and credentials. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default. |
|
|
|
Dependency Scanning
GitLab automatically detects well known security bugs in the libraries that are included by the application, protecting your application from vulnerabilities that affect dependencies that are used dynamically. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default. |
|
|
|
Dynamic Application Security Testing
Once your application is online, GitLab allows running Dynamic Application Security Testing (DAST) in CI/CD pipelines; your application will be scanned to ensure threats like XSS or broken authentication flaws are not affecting it. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default. |
|
|
|
Interactive Application Security Testing
IAST combines elements of static and dynamic application security testing methods to improve the overall quality of the results. IAST typically uses an agent to instrument the application to monitor library calls and more. GitLab does not yet offer this feature. |
|
|
|
Container Scanning
When building a Docker image for your application, GitLab can run a security scan to ensure it does not have any known vulnerability in the environment where your code is shipped. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default. |
|
|
|
Browser Performance Testing
Easily detect performance regressions for web apps and pages prior to merging into master. Browser Performance Testing is included in Auto DevOps, providing automatic performance analytics of the root page with zero configuration. |
|
|
|
Load Performance Testing
Easily detect performance regressions for APIs prior to merging into master. |
|
|
|
Automated Accessibility scanning of Review Apps
Performing accessibility testing is important in order to ensure you’re serving all the users who use your products. In GitLab you can generate Accessibility reports automatically prior to merging into master. |
|
|
|
Step folding for CI/CD logs
Collapse the job log output for each command. |
|
|
|
View Kubernetes pod logs
The monitoring of servers, application, network and security devices via generated log files to identify errors and problems for analysis. GitLab makes it easy to view the logs of running pods in connected Kubernetes clusters. By displaying the logs directly in GitLab, developers can avoid having to manage console tools or jump to a different interface. |
|
|
|
Windows Container Executor
With this feature you are able to use Docker containers on Windows directly, in much the same was as if they were on Linux hosts. This enables more advanced kinds of pipeline orchestration and management for users of Microsoft platforms. |
|
|
|
Comments in Review Apps
Review Apps let a developer share their work in progress with their team or a broader audience quickly as they implement a change and request feedback. Being able to leave comments on the Merge Request from the Review app shortens the feedback cycle and creates a single source of truth to track change requests. This feature enables designers, Product Managers, and other stakeholders to comment on the changes to the look and feel / user experience of a change just as easily and quickly as developers working in the MR. |
|
|
|
On-demand Dynamic Application Security Testing
There’s no reason to wait for the next CI pipeline run to find out if your site if vulnerable or to reproduce a previously found vulnerability. GitLab offers scanning your running application with On-demand Dynamic Application Security Testing (DAST), independent of code changes or merge requests. |
|
|
|
Site and Scanner profiles for On-demand DAST scans
Reuse configuration profiles quickly with on-demand DAST scans, instead of reconfiguring scans every time you need to run one. Mix different scan profiles with site profiles to quickly conduct scans that cover different areas or depths of your application and API. |
|
|
|
DAST Configuration UI
Enabling DAST is now as simple as three clicks. This guided configuration experience makes it easier for non-CI experts to get started with GitLab DAST. The tool helps a user create a merge request to enable DAST scanning while leveraging best configuration practices like using the GitLab-managed |
|
|
Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license
