🤳🏽 🦆 👩‍⚖️ GitLab 13.11 Released with Agent for Kubernetes and Pipeline Configuration for Compliance 🧝🏿 🖇️ 🎖️

A picture to attract attention

. DevOps-, . GitLab Kubernetes Agent GitLab.com, GitLab, GitLab.com . ( GitLab « »), , . , , , . 50 !

, . GitLab Kubernetes Agent GitLab Kubernetes, GitLab.com. GitLab, . , Kubernetes. , RBAC .

- , , . , , PCI, HIPPA . GitLab, . GitLab . , , .

, — , , .

. . . CI/CD, DORA 4, ; , . , DevOps , , DevOps GitLab.

Semgrep , GitLab SAST. . , SAML Git-. , , GitLab , . , DevOps.

, ! , , 13.12.

GitLab MVP badge

MVP — Yogi

Yogi GitLab , , . Yogi , , , . , . vue.js, GitLab.

Yogi MVP — 13.8 30 -, , UX . , Yogi!

GitLab 13.11

GitLab Kubernetes Agent GitLab.com

(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Configure

GitLab Kubernetes Agent - GitLab.com! , GitLab, GitLab.com . GitLab Kubernetes Agent — GitLab Kubernetes. pull-, , push-.

Kubernetes , GitLab RBAC- GitLab .

→ GitLab Kubernetes Agent .

(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Manage

, , .

, , , . , , . , , , .

, , , , , . , .

— , .

, !

→ .

(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Manage

GitLab , GDPR, HIPAA, PCI-DSS, SOC 2 SOX, . . , .

Create custom compliance framework labels

→ .

(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Monitor

. . - , ( ), .

. , . GitLab . , GitLab HTTP, .

→ .

(self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Manage

GitLab , . , , ; , , . , .

Diego Louzán Siemens. Diego. !

Re-authenticate for GitLab administration with Admin Mode

→ .

(self-managed: PREMIUM, ULTIMATE) DevOps: Manage

, , . GitLab API, .

export

GitLab, CSV-, , , , . .

Export a user access report

→ .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify

GitLab CI/CD , . , . . , .

Use multiple caches in the same job

→ .

DORA 4:

(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Release

— DevOps . API , . — , -.

Track DORA 4 lead time for changes metric

→ .

GitLab + Semgrep: SAST

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure

SAST (Static application security testing, ) GitLab . . . , , , , .

GitLab . Semgrep, r2c. . Semgrep , : .

Semgrep , GitLab SAST. Semgrep 1000 , .

lint- SAST Semgrep. , GitLab Semgrep , . r2c Semgrep. Semgrep Semgrep JavaScript, TypeScript Python.

, SAST GitLab Semgrep. GitLab Semgrep, , .

GitLab + Semgrep: upgrading SAST for the future

→ GitLab SAST .

CA release CLI

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release

, GitLab , release CLI , . GitLab 13.11 (Certificate authority, CA) ADDITIONAL_CA_CERT_BUNDLE

--additional-ca-cert-bundle

. , INSECURE_HTTPS

--insecure-https

, , SSL-, .

Support for custom CA certificates when using the release CLI

→ CA .

-

(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Plan

, , . , - ( GitLab « »). .gitlab

, , . , .

Instance and group description templates for issues and merge requests

→ .

needs optional DAG-

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify

(Directed acyclic graph, DAG) GitLab CI/CD needs

, . rules

, only

except

, , . , needs

, , .

optional

needs

DAG-. , , needs

. , needs

, . , rules

, only

except

.

Optional DAG ('needs:') jobs in CI / CD pipelines

→ optional needs .

(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Configure

, . , . .

. ( GitLab «») , .

Environment-specific variables at the group level

→ CI/CD .

CVE ID GitLab

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure

GitLab , . 2020 GitLab CVE Numbering Authority (CNA) IT- CVE GitLab, , GitLab.com.

GitLab 13.11 CVE GitLab . , GitLab.com, CVE « CVE» . GitLab CVE, .

, , . , GitLab.com. , .

Request a CVE ID from the GitLab UI

→ ID CVE .

GitLab OpenShift Kubernetes GitLab (-)

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE)

GitLab , OpenShift. MVP GitLab Operator, GitLab Kubernetes OpenShift. - . ; GitLab Kubernetes OpenShift, GitLab Helm chart - . GitLab Operator .

Deploy GitLab on OpenShift and Kubernetes with the GitLab Operator (beta)

→ GitLab .

GitLab 13.11

Developer+

(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Manage

— , , . , , , . , . , , .

> (Security & Compliance > Audit Events) . , . , , , . .

→ .

GPG

(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Manage

GPG . , GitLab, , , GitLab.

. , , . .

GPG keys available in the admin Credential Inventory

→ GPG .

OAuth

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Manage

OAuth . OAuth . OAuth.

13.11 Jonas Wälter Siemens!

→ .

(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Plan

( GitLab « ») . ( GitLab «») , « ».

Add iteration lists in Boards

→ .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create

GitLab 30 , , .

, , , .

Active integrations now display separately

→ GitLab .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create

GitLab 13.11, , (cherry-pick) - . (Pick into project) , , > (Options > Cherry-pick) .

, .patch

, .

Cherry pick commits from fork to parent

→ .

force push

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create

force push

Git, . force push

, , .

GitLab 13.11 force push , « » (Allowed to push) force push

.

Force push option for protected branches

→ force push .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create

GitLab . , , .

, , , . , .

Search within a settings page

→ .

GitLab Workflow VS Code

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create

GitLab Workflow Visual Studio Code (VS Code), GitLab. , , , .

GitLab Workflow VS Code , . , GitLab.

Welcome view for GitLab Workflow in VS Code

→ VS Code .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify

— CI/CD. , .gitlab-ci.yml

. , .

Create initial configuration file from the pipeline editor

→ .

CI/CD

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify

, CI/CD, API . CI/CD CI_COMMIT_AUTHOR

.

Craig Andrews !

→ CI/CD .

SemVer

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Package

GitLab . , , GitLab CI/CD .

GitLab 13.11 GitLab (SemVer). , SemVer .

GitLab 13.11 , SemVer . , .

→ .

Composer v2 GitLab

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Package

Composer , PHP- GitLab. Composer (v2) , , runtime-. .

, GitLab Composer v2. , - GitLab. MVC metadata-URL

. GET group/:id/-/packages/composer/p2/:package_name

, . Composer , %package_name%

, URL.

, providers-api

list-api

. .

→ Composer v2 .

Composer

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Package

Composer: source

dist

. Composer dist

zip

-. . --prefer-source

, Composer Git, zip

. , Git- .

Composer prefer-source

preferred-install

. - GitLab Composer.

, Composer . , prefer-source

, : composer update --prefer-source

.

→ Composer .

OpenShift SAST

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure

13.3 GitLab Red Hat OpenShift. GitLab . 13.11 GitLab SAST OpenShift. .gitlab-ci.yml

SAST , . , OpenShift. , , .

→ SAST .

Kotlin SAST

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure

13.5 SAST GitLab , Android, Kotlin. Kotlin . GitLab 13.11 GitLab Core Hannes Rosenögger (@haynes), Java- Spotbugs Kotlin. Kotlin Java , GitLab SAST .

→ GitLab SAST .

Semgrep Python, JavaScript TypeScript

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure

Semgrep GitLab SAST -, Semgrep Python, JavaScript TypeScript. Python, JavaScript TypeScript, , .

Semgrep Python Bandit, Python. , , .
Semgrep JavaScript TypeScript ESLint. ESLint, Semgrep.

, , SAST 'gitlab-ci.yml ', Semgrep SAST. , , . . .

→ GitLab SAST .

SAST

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure

SAST ( ) GitLab , GitLab . , 13.11. , .

ESLint 7.23.0: -, .
MobSF 3.4.0: -, .
njsscan 0.2.3: -, . : njsscan 25 5 ; Sequelize.
gitleaks 0.2.3: -, . : PyPI GitHub.

GitLab SAST (SAST.gitlab-ci.yml), , . , CI, CI.

→ SAST .

Prometheus, GitLab — Kubernetes

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Configure

GitLab, GitLab, , Prometheus . , GitLab, .

Prometheus Kubernetes GitLab , . . - , GitLab, Prometheus, GitLab.

→ Prometheus .

Geo

(self-managed: PREMIUM, ULTIMATE)

Geo . , . Geo , .

, .

Geo Geo, .

→ Geo .

DevOps

(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Manage

DevOps , GitLab DevOps . , . DevOps , , DevOps GitLab.

DevOps Adoption metrics available at the group level

→ DevOps .

SAML Git

(SaaS: PREMIUM, ULTIMATE) DevOps: Manage

GitLab , SAML Git. , , , GitLab SAML. SAML GitLab. Git CLI SSO SAML. , Git Group SAML SSO , - SAML Git .

→ SAML .

SSH

(self-managed: ULTIMATE) DevOps: Manage

SSH, , , .

GitLab , - . , , .

→ SSH GitLab .

(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Plan

, , . , !

CI/CD, .

Filter requirements based on status

→ .

-

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create

, -, . GitLab , , .

. -.

Lee Tickett !

Add standalone comments to merge request reviews

→ .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create

, . , .

, #L

URL . , . , Web IDE !

, URL , #L87-98

, () .

Deep link directly to lines of code

→ .

Jira Connect

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create

GitLab.com Jira , , .

Improvements to Jira Connect application configuration

→ Jira Connect .

-

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Create

- . GitLab , - - . , , -.

GitLab -, -. , -, .

Set default target project for merge requests in forks

→ - .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify

. - , , .

-, , , .

Code Quality violations sorted by severity

→ .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Package

GitLab . GitLab, , , .

GitLab 13.11 , . . , - .

GitLab 13.11 , URL- . , .

→ .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release

GitLab 13.2 CI/CD . , . ; GitLab 13.11 . , .

Update a deploy freeze period in the UI

→ .

Geo

(self-managed: PREMIUM, ULTIMATE)

Geo , Geo, . Geo . , . Geo , .

→ Geo .

(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE)

UI Polish . , , .

GitLab 13.11 , , ( GitLab «») ! GitLab 13.11:

, «» «» .
, .
.
UX / "CI/CD".
.
.
"CI Lint" .

GitLab 13.11.

/ : GitLab 13.11 released with Kubernetes Agent and Pipeline Compliance.

cattidourden, maryartkey, ainoneko rishavant.

GitLab 13.11 Released with Agent for Kubernetes and Pipeline Configuration for Compliance

MVP — Yogi

GitLab 13.11

GitLab Kubernetes Agent GitLab.com

DORA 4:

GitLab + Semgrep: SAST

CA release CLI

-

needs optional DAG-

CVE ID GitLab

GitLab OpenShift Kubernetes GitLab (-)

GitLab 13.11

Developer+

GPG

OAuth

force push

GitLab Workflow VS Code

CI/CD

SemVer

Composer v2 GitLab

Composer

OpenShift SAST

Kotlin SAST

Semgrep Python, JavaScript TypeScript

SAST

Prometheus, GitLab — Kubernetes

Geo

DevOps

SAML Git

SSH

-

Jira Connect

-

Geo

More articles: