GitLab is evolving, where constant research are carried out to improve GitLab into powerful DevOps platform of the future. June-22, 2022 GitLab is moving forward and running on their journey towards the future of DevOps. Thereafter, GitLab announces the release of GitLab 15. Excited and obligated, E-SPIN dedicated this ‘ GitLab 15 Releases and Updates’ post to provide end users with the latest improvements added into GitLab 15.
GitLab introduces their improvements on the platform every month. In regards to this monthly release practice, E-SPIN will continuously reach the end users through this post for each GitLab 15 releases and updates. The details of the latest release and updates are presented in the manner where the latest release is shown at the top of the post and then followed with the previous releases. Feel free to visit this post for the updates and please do not hesitate to contact E-SPIN regarding product and related matter (if any).
Last year, the announcement of the release of GitLab 14 marked their first step in establishing future of DevOps. Now, GitLab made it again! Meet GitLab 15 with various of improvements, breakthroughs and new changes, it is a release that represents GitLab commitment in delivering a one true future of DevOps solution. they officially launched GitLab 15. This release
Features in GitLab 15:
GitLab 15.6 release (2022-Nov-22)
GitLab 15.6 release offers multiple improvements including Git abuse rate limiting, support for special characters in CI/CD variables, group and subgroup-level scan result policies, DAST API analyzer for on-demand DAST API scans and many more.
1. Group and subgroup-level scan result policies
Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Capabilities – This release includes policies that can be automatically flow down and use to every project inside the group. With this feature, users from large organisations with large sum of projects can easily and uniformly enforce those policies.
2. Git abuse rate limiting
Availability – in self-managed GitLab Ultimate
Capabilities – Enabling Git abuse rate limiting feature will let GitLab 15.6 automatically notify administrators on downloads or clones that exceed the number of repositories allowed in a group or its subgroups within a specific period of time.
Gitlab 15.6 also let administrator to ban users who exceed the rate limit by declining access to the main group as well as any of its non-public subgroups.
Bans are permanent by default however administrator can remove ban if needed.
3. DAST API analyzer for on-demand DAST API scans
Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Capabilities – For GitLab 15.6 DAST API analyzer is used for on-demand DAST API scans. The DAST API analyzer also bring new functionalities which include GraphQL scans, support for authentication tokens that expire, scans using Postman collections, and scans using HAR files. With this change, not only user can use an OpenAPI specification in the site profile to define an API test, you can also applies a Postman collection or HAR file to ensure that your test gets the expected API coverage.
4. Support for special characters in CI/CD variables
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – $ character in a CI/CD variable lead to the introduction of the variable: expand: keyword that enables you to mark a variable as “raw”.
5. CI/CD variable support in rules:exists configuration
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – GitLab 15.6 offers support for CI/CD variables with the rules: exists keyword which simplify the complexity .gitlab-ci.yml configuration by letting users to use variables for paths or filenames.
GitLab 15.5 release (2022-Oct-22)
GitLab 15.5 release involves more than 50 improvements which includes GitLab Cloud Seed, Autocomplete suggestions in the Content Editor, Error Tracking Open Beta, Operational Container Scanning and more.
1.GitLab Cloud Seed for deploy apps to Google Cloud
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – Cloud Seed is built into the GitLab web UI and leverages the capabilities of CI/CD pipeline. It is designed to offer a frictionless developer experience when using Google Cloud services, supporting Service Accounts, Cloud Run, and Cloud SQL. GitLab Cloud Seed enables GitLab and Google Cloud customers to easily migrate to the cloud using a single platform as it simplifies, automates and accelerates cloud resource provisioning, deployment automation and configuration.
2. Autocomplete suggestions in the Content Editor
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – Now, just like the GitLab Flavored Markdown, you can access to the similar autocomplete suggestions or shortcut. For instance, users can type #35266 to link to that issue or :thumb to see a list of thumb emojis.
3. Rule Mode for Scan Execution Policies
Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Capabilities – This release support editing scan execution policies through the UI in Rule Mode in addition to the Yaml Mode which let users (both technical and non-technical) to easily construct a policy.
4. Email Notification for incorrect OTP incident
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – GitLab 15.5 having improved security as users will receive email notification instant when incorrect OTP is entered. 
5. Error Tracking Open Beta
Availability – in SaaS GitLab Premium and Ultimate
Capabilities – This release brings back GitLab integrated error tracking for GitLab.com in Open Beta but with improved architecture where it applies new Observability backend, leveraging the ClickHouse database as a unified data store.
6. Search by environment name in the Environments overview page
Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Capabilities -With GitLab 15.5 release, users can search the list of environments in the Environments page through name.
7. Operational container scanning
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – GitLab supports vulnerability scanning of container images in operational or production Kubernetes environments is now official. Users can set up scanning through:
extern_uid with APIkubectl calls for the agent CI/CD workflowGitLab 15.4 release (2022-Sep-22)
The release of GitLab 15.4 includes more than 60 improvements, and most significantly the GitLab’s first machine learning powered feature such as Suggested Reviewers open beta, improved CI/CD integration in VS Code, Pages Pipeline Wizard, email validation bypass for verified domains and many more.
1. Suggested Reviewers open beta
Availability – in SaaS GitLab Ultimate
Capabilities – GitLab’s suggested review which is powered by machine learning allows it to recommend suitable reviewers to users. Currently, this feature is in beta behind a feature flag.
2. Limit the maximum number of custom domains per project
Availability – in Self-managed GitLab Premium and Ultimate
Capabilities – GitLab lets user limit in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate, dismissing slow response times from the Pages API thus improves reliability of the service.
3. Easy start with GitLab pages
Availability –in SaaS GitLab Premium and Ultimate and Self-managed GitLab Premium and Ultimate
Capabilities – This release enables users to use GitLab UI to interactively build GitLab Page. The step only involves answering questions from GitLab on how your app is built, then GitLab will build your .gitlab-ci.yml file to get started.
4. Improved CI/CD integration in VS Code
Availability –in Self-managed GitLab Premium and Ultimate
Capabilities – More over, GitLab 3.5 Workflow offers CI/CD pipeline interactions that help avoid context-switching such as:
5. Sortable, filterable data-driven tables in Markdown
Availability –in SaaS GitLab Premium and Ultimate and Self-managed GitLab Premium and Ultimate
Capabilities – GitLab 15.4 enables users to insert data-driven tables using JSON syntax as in below:
json:table.Whereas in rendered table, users can enable;
"sortable": true"filter" : trueThese capabilities allows you to re-sort that 100-row table with one click and find that one issue reference which is nearly identical URL to abundance of other URL as easy as using web search.
6. Users on verified domains can bypass email validation
Availability –in SaaS GitLab Premium and Ultimate
Capabilities – SAML and SCIM that belong to verified domain reduce less account activation friction, individual verification no longer happen upon creation of new users.
7. Add linked resources to incident issues
Availability –in SaaS GitLab Premium and Ultimate and Self-managed GitLab Premium and Ultimate
Capabilities -This release allows users to surface the incident Slack channel, Zoom meeting space, or links to any relevant resource for resolving incidents easier.
8. More powerful Linux machine types for GitLab SaaS runners
Running jobs on GitLab SaaS Linux runners lets users to have access to more powerful machine types for both medium and large. making you to have bigger choices for your GitLab SaaS CI/CD jobs. Additionally, 100% job isolation on an ephemeral virtual machine, and security and autoscaling fully managed by GitLab enables users to can confidently run critical CI/CD jobs on GitLab SaaS.
GitLab 15.3 release (2022-Aug-22)
GitLab 15.3 release involves 63 improvements, most importantly tasks in issues, free GitOps features, SAML group link API maintenance and advanced password complexity requirements.
1. Create tasks in issues
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – Users are now able to create tasks within issues from the Child Items widget. Subsequently, this allows users directly open task within the issue to quickly update the title, set the weight, or add a description.
2. Free GitOps features
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – GitLab agent for Kubernetes that has been supporting GitOps workflows since its first release. Now, GitLab had made it functionality -pull-based deployment support available in every GitLab tier.
3. Submit merge request review with summary comment
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – This release lets you perform common tasks quicker and easier, for example submitting review can be done by adding a summary comment along with any quick actions like /approve.
4. Add approval rules for all protected branches
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – This release allows users to create an MR approval rule and apply it to only protected branches in their project. With this improvement, users can more selectively apply compliance controls with enhanced granularity.
Additionally, create MR approval rules for protected branches let users ensure that the sensitive branches you depend on will be applied with proper workflows applied and at the same time not slowing down development on other branches that do not need the same level of control.
5. UI for custom HTTP headers on streaming audit events
Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate.
Capabilities – In this release, users can directly remove custom HTTP headers for streaming audit events in the GitLab user interface.
6. Define password complexity requirements
Availability – in self-managed GitLab Premium and Ultimate
Capabilities – In addition to the ability to set minimum password length, GitLab administrators can now define password complexity requirements which includes:
7. DORA custom reporting for data-driven software development improvements
8. Simulate default branch pipeline in the Pipeline Editor
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities -This release enables users to simulate a pipeline to the pipeline editor. Users can directly simulate a new pipeline creation on the default branch with your changes also identify logic problems before making a commit.
release:tag_message keywordGitLab 15.2 release (2022-Jul-22)
GitLab 15.2 is packed with more than 40 improvement in its release. Some of the highlights are Live preview diagrams in the wiki WYSIWYG editor, Incident timelines, Group and subgroup scan execution policies and Change failure rate chart for visualizing software stability.
1. Live preview diagrams in the wiki WYSIWYG editor
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – In GitLab 15.2, wiki’s WYSIWYG editor is included with live rendered preview of your diagram. This allow detect the diagram type and display a preview icon during diagram writing.
2. Merge request reports redesign
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities -In this release, the report widgets completely follow design guidelines for layout, hierarchy, and content sections. These improvements make them more consistent, scannable, and utilitarian thus you can find actionable information in each report easily.
3. Enforce IP address restrictions for Git over SSH
Availability – in SaaS GitLab Premium and Ultimate
Capabilities – GitLab 15.2 SaaS Premium and Ultimate are now with SSH that support limiting access to requests from a trusted set of IP addresses.
4. Change failure rate chart for visualizing software stability
Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Capabilities – This new releases is included with new trend chart for the DORA Change failure rate metric which display percentage of deployments that cause an incident in a production environment. With this addition, now GitLab added the fourth DORA chart available that give insights into value stream velocity and reliability trends.
5. Group and subgroup scan execution policies
Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate
Capabilities – This release enable security and compliance teams to apply policies uniformly to all projects by scanning execution policies at the group and subgroup level. This feature is especially helpful to organisations with large numbers of projects.
Get started by asking your group owner to link a security policy project to your group on the Security & Compliance > Policies page.
6. Incident timeline
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – Incident timeline feature provided in this release will help make information capture during an incident, or post incident, easy and efficient. This incident timeline allows you to manually add new timeline events, delete a timeline event, and view the incident timeline in a dedicated tab within an incident issue.
7. Set the image pull policy in pipeline configuration
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities – This release allows you to pull policies at the pipeline level which previously only applicable at runner level. You can also choose or select different pull policies for how a GitLab Runner downloads Docker images in CI/CD jobs.
implementation directiveGitLab 15.1 release (2022-Jun-22)
GitLab 15.1 carries more than 30 improvements upon its release. Among the significant improvements are SAML Group Sync, SLSA level 2 build artifact attestation, links to included CI/CD configuration and enhanced visibility into value stream with DORA metrics.
1. Compliance report for individual violation reporting
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities
Users can now map a group into their identity provider to a self-managed GitLab group through SAML group links which was previously a privilege features for Gitlab.com. This feature reduces workload for GitLab administrator and allows easier onboarding, the reducing members’ onboarding time.
2. Increased visibility into Value Stream with DORA metrics
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities
With the four DORA metrics tiles being added to the Value Stream Analytics dashboard, GitLab 15 users are given the ability to track team performance and value flow from ideation to customer delivery.
Furthermore, the new trend chart for the DORA Time to restore service metric to give insights into software stability and reliability trends. This improvement offers information on the time taken by organisation to recover from production failure.
3. SLSA level 2 build artifact attestation
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities
SLSA which stands for Supply-chain Levels for Software Artifacts refers to a security framework to ensure the security and integrity of users’ software supply chain. In this recent release, GitLab Runner, is capable in generating and producing SLSA-2 compliant attestation metadata for build artifacts by default.
The new attestation in GitLab 15 allows users to verify whether the build artifacts have not been altered more easily. The only step needed is to set RUNNER_GENERATE_ARTIFACTS_METADATA = "true" in the .gitlab-ci.yml file.
4. Link to included CI/CD configuration from the pipeline editor
Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate
Capabilities
GitLab 15 is added with links to all included configuration files and templates to the pipeline editor, enabling the users to easily manage large and complex pipelines as they can access and view all the CI/CD configuration used in the pipeline.
API includes additional detail about who added members
Improved insights discovery in Value Stream Analytics
Retrieve PAT by ID using API
GitLab.com sign-in for GitLab Workflow for VS Code
GitLab Runner 15.1
View shared runner usage per project in a group
FIPS-enabled Red Hat UBI Dependency Scanning image
Static Analysis analyzer updates
Create annotated Tags with the GraphQL Release API
Deploy keys by user API
Agent server for Kubernetes enabled by default in the Helm chart
More kubectl calls for the agent CI/CD workflow
Geo improves observability with links to replication views
Geo supports OCI container images
Omnibus improvements
Improved SAML Group Link robustness on GitLab.com
Prevent users from using known insecure public keys
Block Git access protocols at group level
Rendered images in Python notebook MRs
Retry a downstream pipeline from the pipeline graph
View your runners’ upgrade status
Optionally ignore scanning NPM development dependencies
Allow CI_JOB_TOKEN authentication for Release Links API
Create annotated tags with the Releases API
Force stop an environment option
GitLab agent for Kubernetes supports proxied connections
Container Scanning analyzer updates
Geo proxying support for site-specific URLs
Native Geo support for Object Storage replication is Generally Available
Bug fixes
