GitLab 10.6 released: CI / CD for GitHub and in-depth integration with Kubernetes

Continuous integration, delivery and deployment are the fundamental principles of DevOps. GitLab includes CI / CD functionality, which is enjoyed by both developers and analysts , and companies in general.

However, there was one omission - previously you could not use GitLab CI / CD with GitHub. In this release we fixed it.

Introducing GitLab CI / CD for GitHub

Despite the fact that GitLab shows itself best as a single application for the entire development cycle , we are committed to productive interaction with other applications . Therefore, starting with this release, we are adding CI / CD integration with GitHub , as well as the ability to integrate CI / CD with any other external repositories , such as BitBucket. This innovation is aimed at four main user groups.

Open Source Projects

Now, if you have a public open source project on GitHub, you can use the free CI / CD on GitLab.com. We provide public projects with GitLab CI / CD of the highest level (Gold) for free, as part of our support for open source. While other CI / CD providers only allow a small number of simultaneous operations, GitLab.com allows open source projects to run hundreds of simultaneous operations from 50,000 free minutes for CI pipelines per month.

Large companies

From communication with our largest customers, we know that in large businesses, many teams often use many different tools. Our customers want to standardize CI / CD on GitLab, but the code can be stored simultaneously in GitLab, GitHub and other repositories. Starting with this release, companies will be able to use common CI / CD pipelines for all repositories. This is a key user group for us, so we made the CI / CD for GitHub part of our Premium plan.

Anyone at GitHub.com

Although GitLab is designed to use SCM and CI / CD in a single application, we understand why some users want to use GitLab CI / CD with GitHub version control. Therefore, over the course of the year, GitLab CI / CD for GitHub will be part of the Free GitLab.com plan. This means that all users of GitHub, from personal projects and startups to small and medium businesses, will be able to use GitLab CI / CD for free. In this version, 2000 free minutes of CI conveyors are initially available, with the possibility of adding your own Runners and plan upgrades.

Gemnasium users

As you may recall, we recently purchased Gemnasium . We are very pleased with this replenishment of our ranks, however, we also do not forget about the users who used Gemnasium before: we want to provide them with a simple and painless way to switch to a new platform. We already deliver Gemnasium functionality as part of our built-in security system, and now Gemnasium users who use it in conjunction with GitHub will be able to use GitLab CI / CD for security checks without having to transfer code.

Kubernetes Improvements for GitLab

We continue to integrate containerization into GitLab. In version 10.4, we shared the integration with the Kubernetes and GKE clusters . In version 10.6, we make it even easier to use Kubernetes with GitLab. Now you can deploy GitLab Runner to a connected Kubernetes cluster in one click. You can also monitor your Kubernetes cluster and find out the IP address of the Ingress controller connected to it , without leaving GitLab.

We invite to our meetings!

( MVP ) of this month - Takuya Noguchi

Takuya redesigned the branches page and added the division of branches into active and inactive, which made it easier to find the ones you need, especially in large projects.

Thanks, takuya! As a sign of gratitude, we sent Takuya branded handmade sweaters, socks and tanuki with GitLab symbols.

GitLab CI / CD for external repositories (PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

In 2011, GitLab was launched exclusively as a code repository. Since then, it has become a DevOps lifecycle management application that provides testing, security, packaging, deployment, and monitoring capabilities. At the same time all the code of your application is still stored on the external repository.

To use GitLab CI / CD with a GitHub repository, create a new GitLab project and select GitHub on the CI / CD for external repo tab. After you add the .gitlab-ci.yml to your repository (or connect Auto DevOps), GitLab will automatically launch pipelines and update commit status in GitHub.

You can also connect to any Git repository by URL and set up status webbooks manually. For example, if you use Bitbucket, here you can read how to manually configure GitLab CI / CD for it.

In honor of the launch of this functionality, we provide it for free, as part of the GitLab.com Free plan, for a year - until March 2019.

CI / CD documentation for external repositories

Rapid deployment of GitLab Runner to Kubernetes cluster (LIBRE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

With GitLab, you can interact with Kubernetes clusters, as well as easily install applications that your project can use.

In GitLab 10.6, we add the ability to deploy GitLab Runner in one click directly to your cluster, after which it can automatically start the work of your project without any additional configuration.

Runner installation documentation for Kubernetes

Monitoring Kubernetes Clusters (ULTIMATE, GOLD)

Kubernetes provides developers with the ability to easily deploy and manage applications without being distracted by questions about how and from where their code runs. However, it is necessary to monitor the total capacity of the clusters and balance between efficient memory use and leaving room for growth.

GitLab 10.6 simplifies this task: both the currently used and all available computing resources of the connected cluster are now displayed directly. For example, if the deployment boards are displayed under, which cannot start, users can now check the cluster metrics and see if all its resources have been spent.

Kubernetes Cluster Monitoring Documentation

IP address Ingress on the Kubernetes cluster page (LIBRE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

In GitLab 10.2, we added the ability to install Ingress on a Kubernetes cluster. After installation, Ingress provides a public IP address that can be used for external access to deployed applications.

In GitLab 10.6, this address is displayed directly on the Kubernetes page, so you can use it when setting up a domain to access your applications from the Internet.

Documentation on IP address Ingress for Kubernetes clusters

Accompanying source project can push in fork (LIBRE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

Workflow distribution by fork is a frequent occurrence in open source projects such as GitLab; at the same time, merge requests are sent from the fork to the original project.

Now maintainers of the original project can directly make small fixes and relocate before merge, without wasting time on unnecessary confirmation requests, as before. Of course, no one limits the size of fixes, and you can add more commits too.

Previously, this was not possible because the maintainers of the original project did not receive automatic permissions to write to the forks. Now, if the author of a merge-request has access to write to the original branch, he can issue to the maintainer the right to write to the branch of the merge-request, selecting Allow edits from maintainers on his page. After enabling this option, users with permission to merge branches of the original project will be able to push to the merge-requester branch. By default, this option is disabled.

Access rights documentation for maintainers

Single task board for a group in Libre and Free (LIBRE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

GitLab group task boards provide a single interface for managing the tasks of all projects in the same group. All tasks of all project groups are displayed in one place, and you can move them between stages of the workflow.

Previously, this functionality was available only for Premium and Ultimate plans, and users with such subscriptions highly appreciated its capabilities. Libre users have also expressed interest in a single task board, so in this release we add it for them too. In Libre and Starter instances, there is now a single task board for each group, while single task boards for many groups remain the Premium and Ultimate privilege. We think that this innovation will increase the attractiveness of the plans of Libre and GitLab.com Free, and we hope to receive feedback on this functionality from an even greater number of users.

Task Board Documentation

Other GitLab 10.6 Improvements

SAST security reports on pipeline pages (ULTIMATE, GOLD)

A few months ago, we added static application security testing (SAST) . This system automatically searches for vulnerabilities in all code changes in merge requester, so you can fix them before merge and prevent them from entering the master and the final release.

Starting with this release, the full SAST work report is displayed on the CI / CD> Pipelines page, which makes it even easier to track security risks in pipelines for developers, engineers, and other interested parties.

SAST Security Reporting Documentation on Pipelines

SAST for Java-Maven applications (ULTIMATE, GOLD)

GitLab has previously added support for popular programming languages ​​such as Ruby, Python, and JavaScript, as part of the Static Application Security Testing System (SAST).

In GitLab 10.6, we add support for Maven, a fairly well-known automation tool for Java. If you already use SAST, you do not need to change anything and reconfigure - new checks will appear automatically.

Full list of supported languages ​​and frameworks can be found here .

SAST documentation

External authorization control (PREMIUM, ULTIMATE, SILVER, GOLD)

In some managed environments, project classification systems are used to control access to them. Now they can be used in GitLab.

When this feature is enabled, administrators will be able to configure each project in such a way that, in addition to access control of GitLab itself, access to the project will require additional confirmation from an external service with its authorization.

External Authorization Control Documentation

Authentication support in DAST (ULTIMATE, GOLD)

A few releases ago, we released Dynamic Application Security Testing (DAST) Dynamic Application Security Testing . DAST allows you to dynamically and automatically check applications for security vulnerabilities in the development process using the Review App - up to the merge code in the master and release.

Previously, this functionality was only available for public pages. In this release, you can define credentials that DAST will use to identify your web application to simulate an attacker who has access to sections that are accessible only to authorized users.

Identification Support Documentation in DAST

External CI / CD settings in Starter and Bronze (STARTER, PREMIUM, ULTIMATE, BRONZE, SILVER, GOLD)

In GitLab 10.5, we introduced the ability to add external CI / CD configuration files to the main .gitlab-ci.yml your project. This feature was available only to Premium users in Gitlab on their own server and to Silver users on GitLab.com.

We received a lot of feedback from users: many asked to add this feature to other subscriptions. We have met and are pleased to announce that this functionality is now available to Starter users on their own server and Bronze on GitLab.com. The ability to centrally control the configuration of the pipeline and reuse the same definition in several projects is very valuable for both large corporations and smaller businesses.

Note that according to our open source policy, public projects on Free GitLab.com have features equivalent to a Gold subscription. Therefore, this functionality will also be available for these projects.

Documentation on the inclusion of additional CI / CD configuration files

Branch overview (LIBRE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

Projects and teams are growing, there are more and more branches. With the new functionality of the branch overview and filtering of the lists of branches, it has become much easier to find the right one. If in the last 3 months someone has committed a commit to a branch, it will be considered active.

Thank you, Takuya Noguchi , for your contribution !

Branch Documentation

Transition to external task tracker (LIBRE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

Some teams use GitLab along with an external task tracker. For example, the integration of Jira tasks with GitLab Merge Requests is a very popular topic for many teams. In this case, the tasks in GitLab are still functioning normally, and the teams can use them if they at some point need to do something completely in GitLab.

To simplify this integration, we added a new link to the project navigation. If you already have a configured external tracker (Redmine, Jira, Bugzilla or Own Customized Tracker), there will be a separate link in the project navigation that you can quickly navigate to this external system. The link to the task in GitLab remains where it was, so if you wish, you can use both trackers at the same time.

External task tracker documentation

Project Import / Export API (LIBRE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

Projects are a very important part of GitLab, as they contain all the valuable work (including the Git repository) and data on the organization of the team’s work (including tasks and merge requests). With the help of existing exports and imports of GitLab projects, you can easily transfer projects between and within instances.

Until now, this had to be done manually. In this release, exporting and importing projects has become part of the GitLab API: when you need to move projects within or between instances, you can create more flexible workflows and automate them.

For this feature, thanks to Travis Miller !

API Project Export and Import Documentation

GitLab ChatOps (alpha) (ULTIMATE, GOLD)

In many organizations, much of the communication, including workflows and emergency discussions, is moved to chat rooms. Also, teams often have a specific set of commands to check the state of the environment or to perform routine actions.

In GitLab 10.6, we wanted to simplify the automation of these routine actions, and also add them directly to Slack. First you need to add work to YML GitLab CI and connect the integration with Slack slash commands. Users will then be able to write slash commands, the title of the CI job and the necessary arguments - the job will run on the runner, and the result will return to Slack.

GitLab ChatOps Documentation

Labels in the epic (ULTIMATE, GOLD)

In this release, we have added a new, effective interface feature: GitLab tasks and merge requesters now support tags. Due to this, it becomes easier to manage them: you can customize management precisely to the needs of your project.

You can assign group tags in the sidebar of the epic - just as for tasks and Merge-Requests. In addition, you can sort the list of epic groups by tags (again, by analogy with the tasks and merge-requests - experienced users of GitLab will quickly recognize this functionality). This makes it easy to mix and match epic with different categories offered in the search and filter menu.

Epic Documentation

Epic API (ULTIMATE, GOLD)

Along with the support for the tags mentioned above , we added support for the epic API. You can get a list of epic items by specific search parameters and filtering in the search box on the epic page in the web interface. This includes searching for an epic by name or description, filtering by author and tags, as well as by date of creation or date of update.

EPIC API Documentation

Merge Requests Approval API (STARTER, PREMIUM, ULTIMATE, BRONZE, SILVER, GOLD)

Prior to this release, the capabilities of the Merge-Requests Approval API were limited to the approval or non-approval of the Merge-Request. In this release, it is possible to fully customize approval at the project level or at the level of a merge-request. Functionally, the same thing happened as in the GitLab web interface.

Using the claims API, teams will be able to perform more detailed code reviews and customize approval processes based on their needs. You can use the API to determine which processes will occur in the GitLab web interface, and which will be outside of it.

Merge Requests Approval API Documentation

Discussion API (LIBRE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

In this release, we added API support to discussions of tasks, snippets, and epics. This means that all comments and task discussions are now available through the API. Teams can use the API to get more flexible, customizable, and specific workflows that are not commonly used in the main GitLab web interface.

API support for comments and discussions of Merge Requests will be released in the next release .

Discussion API Documentation

Filipino, Indonesian and Turkish language support (LIBRE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)

We continue to work on the localization of GitLab: in this release we added support for the Philippine, Indonesian and Turkish languages.

We also externalized the lines to the Repository Locked Files for the Premium version and higher: now our translators will be able to add more languages ​​to more lines in GitLab.

If you also want to participate in GitLab translation, join our translation community .

GitLab localization documentation

Detailed release notes and upgrade / installation instructions can be found in the original English post: GitLab 10.6 released with CI / CD for GitHub and deeper Kubernetes integration .

Rishavant and sgnl_05 worked on translation from English.