Skip to content

GitLab

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

Implement GitLab Pages deployment with Flask-Frozen

🎯 Overview

Deploy the DevSecOps demo application to GitLab Pages using Flask-Frozen for static site generation.

📋 Objectives

✅ Enable static site generation from Flask app
✅ Deploy to GitLab Pages for public demo access
✅ Provide review apps for merge requests
✅ Maintain existing functionality and security demonstrations

📚 Implementation Plan

Complete details in: /runBooks/GitLab-Pages-Implementation-Plan.md

✅ Tasks

Phase 1: Dependency Management (5 min)

Add Flask-Frozen==1.0.2 to requirements.txt
Install and verify in virtual environment

Phase 2: Static Site Generation (15 min)

Create freezer.py script
Configure FREEZER_IGNORE_ENDPOINTS for vulnerable routes
Test local static generation
Verify build/ directory contents

Phase 3: CI/CD Pipeline Integration (20 min)

Add build-static job to .gitlab-ci.yml
Add pages deployment job (main branch)
Add create-pages-review-app job (MRs)
Add stop_review_app job
Test pipeline execution

Phase 4: Documentation & Testing (15 min)

Update README.md with Pages deployment info
Update CLAUDE.md with Flask-Frozen details
Test end-to-end deployment
Verify production URL accessible
Test review app functionality

🎁 Benefits

Public Demo Access: Showcase running application without infrastructure
Review Apps: Preview changes in MRs with unique URLs
Zero Infrastructure Costs: GitLab Pages hosted for free
CI/CD Integration: Automated deployments on every commit
Feature Showcase: Adds GitLab Pages to actively demonstrated features (14/28)

🌐 Expected URLs

Production: https://gl-demo-ultimate-fsieverding.gitlab.io/devsecops-demo/devsecops-app/
Review Apps: https://gl-demo-ultimate-fsieverding.gitlab.io/devsecops-demo/devsecops-app/mr-/

⚠️ Known Limitations

Static site will NOT include (require Flask server):

❌ Admin login (command injection demo)
❌ Username check (SQL injection demo)
❌ File download (path traversal demo)
❌ Form submissions (POST operations)

For full functionality, use Flask dev server or container deployment.

📖 Reference

Based on: swag-shop successful Flask-Frozen implementation
Project ID: 60714849
Estimated Time: ~1 hour
Complexity: Low (proven pattern)
Risk Level: Low (additive only, non-breaking)

🔗 Related

v2.0.0 release
GitLab Features Showcase Recommendations

🤖 Generated with Claude Code

Assignee Loading

Time tracking Loading