Clever Geek Handbook

GitLab 13.9 Released with Security Dashboard and Maintenance Mode

A picture to attract attention







GitLab 13.9 — DevSecOps, , , , DORA, , . 60 .







DevSecOps



- — , . , , . JavaScript Python - , . .







GitLab . , . Gitaly, , .







DevOps , DORA , . - - ( GitLab « »), -.









DevOps , , « , » « », . DevOps — , — , .







. 13.9 , , CI/CD ( GitLab « »), .







. , . , .









GPU GitLab , , ; MVP , Andreas Gravgaard Andersen, 10- .







Marshall Cottrell @marshall007 NASA GitLab Kubernetes Agent , . Marshall , , -.







GitLab! Roger Meier @bufferoverflow Siemens, , GitLab Open Source InnerSource.







Kev @KevSlashNull SiegeGG , . GitLab, , , @KevSlashNull .







GitLab — DevOps- , GitLab — , 13.9 299 , . MVP ; .







!



13.9 :









— , , , 13.10.







, GitLab , . Bronze/Starter , .







The Total Economic Impact of GitLab ( ).







GitLab MVP badge







MVPAndreas Gravgaard Andersen



13.9 Andreas (GPU) GitLab. , . . - - 13.9, , 10 . , Andreas!







GitLab 13.9





(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Protect







! . , , . > > , > > .







Security Alert Dashboard for Container Network Policy Alerts







.









(self-managed: PREMIUM, ULTIMATE)







GitLab, . . , - . , , . GitLab 13.8 , GitLab .







C GitLab 13.9 , . , GitLab « » , ; - , . GitLab, « », git clone



git pull



. , , , .







, GitLab , .







Maintenance Mode







.









(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Release







13.9 , , . , . DORA 4 .







Release Analytics at the group level







.







JavaScript Python -



(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Secure







- Python JavaScript! , - .







- , , , . ; GitLab , - .







JavaScript and Python support for coverage-guided fuzz testing







.







Gitaly



(self-managed: PREMIUM, ULTIMATE) DevOps: Create







Gitaly . Gitaly GitLab . , 500 50 25 . Gitaly , , .







GitLab 13.9 , , , . , , . . . Gitaly.







Override Gitaly Cluster replication factor for specific repositories







.







-



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify







- , , , .







-. , , -, .







Easily see repeat failed tests in Unit Test Reports







- .







CI/CD



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify







, , : YAML, , extends



.







YAML !reference



, , CI/CD , .







Select CI / CD configuration from any job and reuse it







reference .







CI/CD



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify







, include



extends



. , . , . .







include



extends



, . , .









.









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release







, . , . , , . resource_group



.







Resource Group for multi-project and parent-child pipelines







.









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Manage







GitLab . , . . , , (Followed Users).







GitLab 13.9 Roger Meier Siemens 3 .







Follow user activity







.







Jira



(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Secure







Jira . GitLab SCM CI/CD - Jira. Jira . , Jira , , .







Jira . Jira; Jira. Jira. , GitLab , Jira .







Create Jira issues from Vulnerabilities







.







Markdown



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release







Markdown- (feature flags). [feature_flag:<IID>]



. . .







Markdown links for Feature Flags







Markdown- GitLab .









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release







GitLab 12.0 . - , , , . , , , , . , , , . , .







Allow Deploy Keys to push to protected branches







.









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create







- . , , . .







, -. To-Do email, , .







Request a follow-up review from a Reviewer







.







GitLab.com Jira Cloud



(SaaS: FREE, PREMIUM, ULTIMATE) DevOps: Create







Jira Cloud GitLab, GitLab.com Jira Cloud, Atlassian Marketplace. , , -, Jira. , , GitLab.







, , GitLab -. , Atlassian Marketplace.







Improvements to the GitLab.com for Jira Cloud Application







GitLab Jira .







GitLab 13.9



Email- PAT / SSH



(self-managed: ULTIMATE) DevOps: Manage







, . (Personal Access Tokens), . , . SSH — Credential Inventory.







email-, SSH . , , .







Email notifications when PAT / SSH Keys are revoked







Credentials Inventory .







SAML



(SaaS: PREMIUM, ULTIMATE) DevOps: Manage







SAML GitLab.com , , . GitLab , , . SAML SAML .







SAML .







API



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Manage







GitLab 13.9 API . API , .







API .







-



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Manage







GitLab 13.8 , , . Assignee -.







User Busy status in issue and MR sidebar







.









(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Plan







( GitLab « ») ( GitLab «») . , .







, . !







Filter roadmaps by confidentiality







.









(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Plan







. - , , . .







, .







Show epic comments on user activity feeds







.







GitLab CI VS Code



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create







GitLab CI — , , .gitlab-ci.yml



. GitLab CI , 3.11.0, GitLab Workflow .gitlab-ci.yml



.







, , GitLab . CI.







@KevSlashNull !







Autocomplete GitLab CI Variables in VS Code







CI .







-



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create







-, , , . , -.







- (Viewed). , , .







Mark changes as viewed in merge requests







- .







VS Code



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create







GitLab Workflow VS Code - VS Code. - — .







GitLab Workflow3.10.0 — - . - , VS Code GitLab.







VS Code. .







View code review comments in VS Code







- .







GitLab



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify







, , . GitLab, Docker, --gpu



. Docker Machine GitLab, . .







Google Compute Engine .









(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Verify







GitLab . GitLab. , , .







Group code coverage data graph







.









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify







, . , , , , .







Instance configuration to control latest artifacts storage







.









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Package







Docker Hub. GitLab CI/CD, DOCKER_AUTH_CONFIG



docker login



. , , , .gitlab-ci.yml



, , GitLab .







GitLab, , .







Docker Hub .









.







sbt 1.3.0



(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Secure







Scala, sbt



1.3 , . 1.2 .







.







SAST Android



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure







GitLab 13.5 SAST MobSF. 2.5, Android. : OWASP MSTG , API 29 (Android 10), xapk Android.







SAST CI SAST_EXPERIMENTAL_FEATURES



. GitLab.







MobSF .







SAST .NET



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure







GitLab . , GitLab. SAST .NET ; SAST .NET (.sln) .NET , . SAST .NET.







SAST .









(SaaS: FREE, PREMIUM; self-managed: FREE, PREMIUM) DevOps: Secure







SAST GitLab, . - Ultimate, . , , . - SAST; .







Security Configuration page for all users







.







URL CI/CD



(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Release







13.8 CI/CD. URL , .







.







PRIVATE-TOKEN Release-CLI



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release







13.9 release-cli PRIVATE-TOKEN



, API. , , PRIVATE-TOKEN



PRIVATE-TOKEN



-.







API .







Vault JWT GitLab.



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Configure







HashiCorp Vault GitLab Vault JWT (- JSON). JWT. : , .







Vault JWT . environment



, , ref_type



.







HashiCorp Vault .







GitLab Kubernetes GitLab Pages



(self-managed: FREE, PREMIUM, ULTIMATE)







GitLab 13.8 GitLab Pages GitLab Kubernetes, -.







GitLab 13.9 Kubernetes- Pages, . , GitLab Helm chart GitLab Pages.







GitLab Pages .







Puma



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE)







Puma, -, GitLab, . GitLab, .







. GitLab Puma , 250 .







Puma .







Puma .







-



(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Manage







GitLab - . - . API, GitLab.







- .









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Manage







, . , , , !







Improved user experience for the projects member list







.







-:



(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Manage







, (MTTM), - . MTTM — - . , , , , .







New merge request metric: mean time to merge







-: .









(SaaS: PREMIUM, ULTIMATE; FREE, PREMIUM, ULTIMATE) DevOps: Plan







, , , .







.









(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Plan







. , .







GitLab 13.7, .







Filter roadmaps by milestones







.









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create







- , . , , .







- -, .







. . , .







Apply a suggestion with a custom commit message







.







GitLab API



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create







GitLab . - , changelog-, . , API, . , .







.







- HEAD



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create







- git diff target...source



, HEAD



target



source



. , , .







-, - <default branch> (HEAD)



. .







- .







-



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify







- - . , , . -, , .







- .







GitLab 13.9



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify







13.9 GitLab 13.9! GitLab — , , GitLab. GitLab CI/CD, , GitLab.







:









:









CHANGELOG GitLab.







GitLab.







GitLab



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify







GitLab.com, GitLab CI GitLab . , — GitLab CI. GitLab. , , GitLab.







Install GitLab Runner more easily with in-product help







GitLab .







Maven



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Package







GitLab Java Maven Gradle. . .







, , . , , Maven Gradle. , .







API GitLab , > (Settings > Packages & Registries). . !







.







npm



(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Secure







Node.js, 2 npm 7. : [FATA] [Gemnasium] [2020-10-29T19:02:20Z] Wrong file format version



.







.







Ruby SAST-



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure







. (SAST) , . Ruby on Rails SAST (Brakeman) (v5), Ruby, Rails. Ruby . SAST.gitlab-ci.yml



brakeman GitLab SAST, CI, .







Expanded support for Ruby in SAST scans







SAST .









(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Secure







. GitLab Secure. , , , . .gitlab-ci.yml



, , needs: []



. , needs: []



.







needs:



YAML .







SAST .NET 5



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure







.NET 5.0 Microsoft — .NET Core, , .NET Core .NET Framework. SAST .NET, Security Code Scan, , [ SAST](https: //docs.gitlab.com/ee/user/application_security/sast/#supported-languages-and-frameworks), GitLab SAST .NET 5. @shaun.burns .







SAST .









(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Secure







. . , , , . «» (“Activity”) , , , . !







. , , , , , . , , .







Vulnerability Report Activity filter







.







GitLab GitLab Next



(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release







GitLab GitLab Next. g



x



, GitLab, GitLab GitLab Next. Yogi !







.







nConfigMap Kubernetes



(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Configure







Kubernetes (Kubernetes Agent Server, KAS) . , , , . GitLab KAS helm chart , , .







helm chart .









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Monitor







(severity). , , , , . , ( GitLab « »).







.







GitLab exporter



(self-managed: FREE, PREMIUM, ULTIMATE)







GitLab exporter Redis . 60% (~67-71 ) .







GitLab exporter .







GitLab exporter, .









(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE)







; 13.9 - .







Advanced search documentation and original ticket .









You can find the full release text and update / installation instructions in the original English post: GitLab 13.9 released with a Security Alert Dashboard and Maintenance Mode .







We worked on the translation from English cattidourden, maryartkey, ainoneko and rishavant...







More articles:


All Articles