Tests and reports in merge requests
GitLab has the ability to test the changes included in a feature branch and display reports or link to useful information directly from merge requests:
| Feature | Description |
|---|---|
| Accessibility Testing | Automatically report A11y violations for changed pages in merge requests. |
| Browser Performance Testing (PREMIUM) | Quickly determine the browser performance impact of pending code changes. |
| Load Performance Testing (PREMIUM) | Quickly determine the server performance impact of pending code changes. |
| Code Quality | Analyze your source code quality using the Code Climate analyzer and show the Code Climate report right in the merge request widget area. |
| Display arbitrary job artifacts | Configure CI pipelines with the artifacts:expose_as parameter to directly link to selected artifacts in merge requests. |
| GitLab CI/CD | Build, test, and deploy your code in a per-branch basis with built-in CI/CD. |
| Unit test reports | Configure your CI jobs to use Unit test reports, and let GitLab display a report on the merge request so that it's easier and faster to identify the failure without having to check the entire job log. |
| License Compliance (ULTIMATE) | Manage the licenses of your dependencies. |
| Metrics Reports (PREMIUM) | Display the Metrics Report on the merge request so that it's fast and easy to identify changes to important metrics. |
| Multi-Project pipelines (PREMIUM) | When you set up GitLab CI/CD across multiple projects, you can visualize the entire pipeline, including all cross-project interdependencies. |
| Pipelines for merge requests | Customize a specific pipeline structure for merge requests in order to speed the cycle up by running only important jobs. |
| Pipeline Graphs | View the status of pipelines within the merge request, including the deployment process. |
| Test Coverage visualization | See test coverage results for merge requests, within the file diff. |
Security Reports (ULTIMATE)
In addition to the reports listed above, GitLab can do many types of Security reports, generated by scanning and reporting any vulnerabilities found in your project:
| Feature | Description |
|---|---|
| Container Scanning | Analyze your Docker images for known vulnerabilities. |
| Dynamic Application Security Testing (DAST) | Analyze your running web applications for known vulnerabilities. |
| Dependency Scanning | Analyze your dependencies for known vulnerabilities. |
| Static Application Security Testing (SAST) | Analyze your source code for known vulnerabilities. |