CoursesSecure CI/CD with GitLabSecuring the pipeline itself

Threat-model your pipeline

Poisoned deps, leaked runners, tampered artifacts.

Intermediate12 min · lesson 4 of 17

The core idea of this whole section: your pipeline is production. It holds credentials to your registry and cloud, it can deploy to production, and it runs code on every push — so it is exactly as valuable a target as the servers it deploys to, and often less defended. Before hardening individual pieces, it helps to see the attack surface as a whole, because the controls that follow each close one of these paths.

The pipeline attack surface
poison the inputs
dependency confusion / typosquat
malicious package pulled in
compromised base image
backdoor in the build
abuse the pipeline
malicious MR / fork
runs on your runner, reads secrets
leaked CI variable
token in a log or fork
tampered artifact
swapped between build and deploy
Each later lesson closes one arrow: isolated runners, scoped secrets, scanning inputs, signing artifacts, gated deploys.

The highest-leverage risks

Three stand out in practice. A malicious merge request that runs on a runner holding production secrets — because CI runs contributor code. A leaked CI/CD variable — a token printed to a log, or exposed to a fork pipeline. And a tampered artifact — the thing you built is not the thing you deployed, because nothing verified it in between. Notice these are not exotic exploits; they are configuration and trust failures, which is exactly why they are preventable.

Assume breach, limit blast radius

You cannot make CI perfectly safe — it runs code, by definition — so the goal is to limit what a compromised job can reach. Least-privilege everywhere: scoped, short-lived tokens instead of standing admin credentials; isolated runners so a bad job cannot touch production ones; protected branches/environments so only reviewed changes deploy; and signed artifacts so a swap is detectable. Every subsequent lesson is one layer of that blast-radius reduction.

CI credentials are the crown jewels
The single most damaging pipeline compromise is a leaked long-lived credential with broad rights — a cloud admin key or a registry write token that never expires. Attackers target CI precisely because that is where such credentials live. The mitigations (scoped/short-lived tokens, masking, protected runners) all exist to shrink the value and reach of that credential.