GitLab is evolving, where constant research are carried out to improve GitLab into powerful DevOps platform of the future. June-22, 2022 GitLab is moving forward and running on their journey towards the future of DevOps. Thereafter, GitLab announces the release of GitLab 15. Excited and obligated, E-SPIN dedicated this ‘ GitLab 15 Releases and Updates’ post to provide end users with the latest improvements added into GitLab 15.
GitLab introduces their improvements on the platform every month. In regards to this monthly release practice, E-SPIN will continuously reach the end users through this post for each GitLab 15 releases and updates. The details of the latest release and updates are presented in the manner where the latest release is shown at the top of the post and then followed with the previous releases. Feel free to visit this post for the updates and please do not hesitate to contact E-SPIN regarding product and related matter (if any).
Last year, the announcement of the release of GitLab 14 marked their first step in establishing future of DevOps. Now, GitLab made it again! Meet GitLab 15 with various of improvements, breakthroughs and new changes, it is a release that represents GitLab commitment in delivering a one true future of DevOps solution. they officially launched GitLab 15. This release
Features in GitLab 15:
- WYSIWYG for Wiki for edit codes, blocks and media inline
- Container scanning in all tiers
- Internal notes
- Better links to external organisations and contacts
- Advanced Search compatibility with Opensearch
- Automate iteration cadence for planning issue
- Nested CI/CD variables with environments in pipeline configuration
Improvements
- Audit changes to group IP allowlist
- Migration support for project releases milestones
- Revoke a personal access token without PAT ID
- Reorganize issue description list items with drag and drop
- Configure wiki visibility for groups
- Display usage of shared runners in user namespaces
- Project-level Secure Files in open beta
- View more details about each runner
- Dependency scanning support for poetry.lock files
- Semgrep-based SAST scanning available for early adoption
- Access and Verify actions for environments
- Automatically create release notes from annotated tags
- Release API endpoint for groups
- Cluster support for Kubernetes 1.22
- Terraform CI/CD template authenticates to Terraform module registry
- GitLab advisory data included in container scanning results
- Advanced Search is compatible with Elasticsearch 8
- GitLab chart improvements
- Follow or unfollow someone from the user popup
- New audit events for merge settings
- Support for failed status checks
- Users with the Reporter role can manage iterations and milestones
- Multiple account support for GitLab Workflow in VS Code
- GitLab Runner 15.0
- Show instance CI/CD limits in /help
- Dependency path information
- Secure and Protect analyzer major version update
- Static Analysis analyzer updates
- Approve deployments from the Environments detail page
- Multiple on_stop jobs for an environment
- Set Environment tier through API
- REST API for the agent for Kubernetes
- The agent server for Kubernetes enabled by default in the Helm chart
- Scan result policies listed under MR approval settings
- Geo’s initial Git repository replication is 27% faster
- Omnibus improvements
- Bug fixes
GitLab 15.2 release (2022-Jul-22)
GitLab 15.2 is packed with more than 40 improvement in its release. Some of the highlights are Live preview diagrams in the wiki WYSIWYG editor, Incident timelines, Group and subgroup scan execution policies and Change failure rate chart for visualizing software stability
Key improvements:
1. Live preview diagrams in the wiki WYSIWYG editor
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – In GitLab 15.2, wiki’s WYSIWYG editor is included with live rendered preview of your diagram. This allow detect the diagram type and display a preview icon during diagram writing.
2. Merge request reports redesign
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities -In this release, the report widgets completely follow design guidelines for layout, hierarchy, and content sections. These improvements make them more consistent, scannable, and utilitarian thus you can find actionable information in each report easily.
3. Enforce IP address restrictions for Git over SSH
Availability – in SaaS GitLab Premium and Ultimate
Capabilities – GitLab 15.2 SaaS Premium and Ultimate are now with SSH that support limiting access to requests from a trusted set of IP addresses.
4. Change failure rate chart for visualizing software stability
Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Capabilities – This new releases is included with new trend chart for the DORA Change failure rate metric which display percentage of deployments that cause an incident in a production environment. With this addition, now GitLab added the fourth DORA chart available that give insights into value stream velocity and reliability trends.
5. Group and subgroup scan execution policies
Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Capabilities – This release enable security and compliance teams to apply policies uniformly to all projects by scanning execution policies at the group and subgroup level. This feature is especially helpful to organisations with large numbers of projects.
Get started by asking your group owner to link a security policy project to your group on the Security & Compliance > Policies page.
6. Incident timeline
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – Incident timeline feature provided in this release will help make information capture during an incident, or post incident, easy and efficient. This incident timeline allows you to manually add new timeline events, delete a timeline event, and view the incident timeline in a dedicated tab within an incident issue.
7. Set the image pull policy in pipeline configuration
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – This release allows you to pull policies at the pipeline level which previously only applicable at runner level. You can also choose or select different pull policies for how a GitLab Runner downloads Docker images in CI/CD jobs.
Other improvements:
- Audit events for group-level merge request settings
- Audit events when two-factor authentication is disabled
- Disable user 2FA using API
- Streaming audit events for Git operations
- Custom HTTP headers for streaming audit events
- Streaming audit events for project forks
- Improvements to users’ contribution calendar for private contributions
- Improved and faster file browsing as well as syntax highlighting
- Streaming audit events for merge request creation
- Filter jobs by status on the jobs page
- Verification token displayed in UI
- Predefined CI/CD variable for project description
- Persist last used Wiki editor
- Faster Secret Detection
- GitLab Runner 15.2
- Programmatically delete duplicate package assets
- Static Analysis analyzer updates
- License compliance support for Gradle
implementation
directive - Edit protected environment approvals in project settings
- Fetch secrets based on deployment tier
- Group-level UI for protected environment settings
- API to retrieve agent server (KAS) metadata
- Updated cluster version support, including Kubernetes 1.23 and 1.24
- Enforce per-plan webhook rate limits
- Omnibus improvements
- Geo supports BuildKit cache images
- GitLab chart improvements
- Bug fixes
- Performance improvements
- Usability improvements
GitLab 15.1 release (2022-Jun-22)
GitLab 15.1 carries more than 30 improvements upon its release. Among the significant improvements are SAML Group Sync, SLSA level 2 build artifact attestation, links to included CI/CD configuration and enhanced visibility into value stream with DORA metrics.
Key improvements:
1. Compliance report for individual violation reporting
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities
Users can now map a group into their identity provider to a self-managed GitLab group through SAML group links which was previously a privilege features for Gitlab.com. This feature reduces workload for GitLab administrator and allows easier onboarding, the reducing members’ onboarding time.
2. Increased visibility into Value Stream with DORA metrics
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities
With the four DORA metrics tiles being added to the Value Stream Analytics dashboard, GitLab 15 users are given the ability to track team performance and value flow from ideation to customer delivery.
Furthermore, the new trend chart for the DORA Time to restore service metric to give insights into software stability and reliability trends. This improvement offers information on the time taken by organisation to recover from production failure.
3. SLSA level 2 build artifact attestation
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities
SLSA which stands for Supply-chain Levels for Software Artifacts refers to a security framework to ensure the security and integrity of users’ software supply chain. In this recent release, GitLab Runner, is capable in generating and producing SLSA-2 compliant attestation metadata for build artifacts by default.
The new attestation in GitLab 15 allows users to verify whether the build artifacts have not been altered more easily. The only step needed is to set RUNNER_GENERATE_ARTIFACTS_METADATA = "true"
in the .gitlab-ci.yml
file.
4. Link to included CI/CD configuration from the pipeline editor
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities
GitLab 15 is added with links to all included configuration files and templates to the pipeline editor, enabling the users to easily manage large and complex pipelines as they can access and view all the CI/CD configuration used in the pipeline.
Other improvements:
API includes additional detail about who added members
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Improved insights discovery in Value Stream Analytics
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Retrieve PAT by ID using API
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
GitLab.com sign-in for GitLab Workflow for VS Code
- Available in SaaS GitLab Premium and Ultimate
GitLab Runner 15.1
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
View shared runner usage per project in a group
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
FIPS-enabled Red Hat UBI Dependency Scanning image
- Available in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Static Analysis analyzer updates
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Create annotated Tags with the GraphQL Release API
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Deploy keys by user API
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Agent server for Kubernetes enabled by default in the Helm chart
- Available in self-managed GitLab Premium and Ultimate
More kubectl
calls for the agent CI/CD workflow
- Available in self-managed GitLab Premium and Ultimate
Geo improves observability with links to replication views
- Available in self-managed GitLab Premium and Ultimate
Geo supports OCI container images
- Available in self-managed GitLab Premium and Ultimate
Omnibus improvements
- Available in self-managed GitLab Premium and Ultimate
Improved SAML Group Link robustness on GitLab.com
- Available in SaaS GitLab Premium and Ultimate
Prevent users from using known insecure public keys
- Available in SaaS GitLab Premium and Ultimate
Block Git access protocols at group level
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Rendered images in Python notebook MRs
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Retry a downstream pipeline from the pipeline graph
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
View your runners’ upgrade status
- Available in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Optionally ignore scanning NPM development dependencies
- Available in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Allow CI_JOB_TOKEN
authentication for Release Links API
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Create annotated tags with the Releases API
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Force stop an environment option
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
GitLab agent for Kubernetes supports proxied connections
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Container Scanning analyzer updates
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Geo proxying support for site-specific URLs
- Available in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Native Geo support for Object Storage replication is Generally Available
- Available in self-managed GitLab Premium and Ultimate
Bug fixes