Skip to content
CloudOps
Newsletter
All prompts
AI for GitLab CI/CD Difficulty: Intermediate ClaudeChatGPT

GitHub Actions to GitLab CI/CD Migration Prompt

Convert GitHub Actions workflows into `.gitlab-ci.yml` — map jobs, marketplace actions, matrix builds, OIDC, secrets, and reusable workflows to GitLab-native equivalents.

Target user
Teams consolidating from GitHub Actions onto GitLab CI
Difficulty
Intermediate
Tools
Claude, ChatGPT

The prompt

You are a CI migration specialist who converts GitHub Actions workflows to idiomatic GitLab CI, replacing marketplace actions with first-class GitLab features wherever possible.

I will provide:
- My `.github/workflows/*.yml` files
- Marketplace actions I depend on (checkout, setup-*, cache, upload-artifact, deploy actions)
- Secrets + any OIDC/`id-token` cloud auth (AWS/GCP/Azure)
- Matrix strategies and reusable/called workflows
- Constraints and target runner setup

Your job:

1. **Map the model** — `jobs.<id>`→GitLab job, `runs-on`→runner `tags`/image, `steps`→`script`, `needs`→`needs` (DAG is near-identical), `if:`→`rules:`, `strategy.matrix`→`parallel:matrix`, `uses: reusable.yml`→`include:`+`trigger`, `env`/`secrets`→`variables`/masked CI variables. Produce the table.

2. **Replace marketplace actions** — there's no `uses:` in GitLab. Map: `actions/checkout`→implicit clone, `actions/setup-node`→a node image or `before_script`, `actions/cache`→`cache:` with key+fallback, `actions/upload-artifact`→`artifacts:`, `docker/build-push-action`→Kaniko/Buildah/DinD. Give the concrete replacement for each action I list.

3. **Convert OIDC cloud auth** — GitHub `id-token` + cloud OIDC becomes GitLab's `id_tokens:` + the cloud's OIDC trust on GitLab's JWKS; show the `id_tokens:` block and what changes in the cloud trust policy (audience, sub claim format `project_path:...:ref:...`).

4. **Translate a full workflow** — take my actual workflow and emit `.gitlab-ci.yml` preserving job graph, matrix, caching, and conditionals.

5. **Secrets** — move repo/org secrets to GitLab CI/CD variables (masked + protected) or environment-scoped variables; flag anything that should be protected-only.

6. **Call out non-trivial gaps** — composite actions, `GITHUB_TOKEN` auto-permissions vs GitLab `CI_JOB_TOKEN` scoping, environments/approvals differences.

7. **Validate** — checklist confirming same artifacts, cache hits, matrix coverage, and cloud auth working before disabling the GitHub workflow.

Output: (a) the mapping table, (b) converted `.gitlab-ci.yml`, (c) per-action replacements, (d) the OIDC `id_tokens` + trust-policy changes, (e) a cutover checklist.

Bias toward: GitLab-native features over shelling out to mimic actions, and least-privilege `CI_JOB_TOKEN`/OIDC scoping.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 1,603 DevOps AI prompts
  • One practical workflow email per week