GitLab 11.8 released with SAST for JavaScript, GitLab Pages for subgroups and bug tracking
SAST JavaScript support
With Static Application Security Testing (SAST), GitLab scans code and helps detect potential vulnerabilities still in the pipeline. In release 11.8, we add JavaScript to the SAST supported list , based on existing support for node.js. Now you can scan any JavaScript files, static scripts and HTML. An important practice in DevSecOps now is to scan for changes at every commit, and with this SAST update we cover one of the most popular web languages, helping users to detect risks in JavaScript code earlier.
GitLab Pages for subgroups and page templates
GitLab Pages in this release has become much better, thanks to the following two improvements. First, we added support for GitLab Pages for projects in subgroups : now such projects can easily publish their content to the network. Secondly, GitLab 11.8 now includes the most popular templates for Pages , so now you can start working with Pages with one click.
Bug Tracking With Sentry
Errors provide an opportunity to assess the status of your application and can detect problems before they are reported by users. GitLab 11.8 can now show recent errors in a project, making it easier to find and fix.
And many more cool features!
There are so many good innovations in this release that we want to highlight a few more:
- Merge Requests Confirmation Rules (in the Russian localization of GitLab “merge requests”). Now you can easily set the rule for who will confirm the changes - specific users, group or role. Soon this feature will appear on GitLab.com, and in user instances GitLab can already be connected by the administrator.
- Pluggable features for environments . Earlier, plug-in features acted for all of your environments at once, but now they can be used within specific environments. This functionality is already running on GitLab.com, and can be enabled by the administrator for user instances.
- Improved merging messages to commits when they are combined (squash) . If you are trying to create good commit messages, it is a pity to lose them when combining commits. In release 11.8, when merging commits from all commits, the first multi-line message is automatically taken. And you can also set the message manually.
This month's MVP - Aaron Walker
Walkafwalka added two new features for Auto DevOps in this release: support for custom domains and redeployment when updating application keys and secrets . Thank you for these great improvements!
The main features of the release of GitLab 11.8
SAST JavaScript support
(ULTIMATE, GOLD)
Static Application Security Testing (SAST) allows you to find vulnerabilities in your code every time you send changes to the repository. With this information, available in merge-request, you will be able to take care of the security first and detect problems even before they are added to a stable branch.
With release 11.8, we add JavaScript to the list of languages ​​supported by SAST. You don’t have to change anything in your pipelines; JavaScript projects are automatically detected and analyzed for security vulnerabilities. This is also part of Auto DevOps .
SAST documentation and original ticket .
Bug Tracking With Sentry
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Tracking the errors that your application generates helps you create and maintain a high-quality user experience and detect problems before users notice them. And at the same time accelerates the solution of emerging problems.
GitLab 11.8 makes bug tracking more comprehensible and efficient by integrating the popular open source tracker Sentry and displaying the latest bugs right in your GitLab project.
Sentry has recently improved its integration with GitLab , adding detection of problem commits, tracking commits and releases, and more. Through mutual integration, you can easily work in Sentry through GitLab and vice versa, and solve problems within your context in your workflow.
Error tracking documentation and original ticket .
Creating websites with one click using templates
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
GitLab 11.8 now includes the most popular templates for Pages, so now you can create pages immediately when you create a new project, rather than inheriting the template repository, as before.
Check out our blog post on using GitLab Pages templates .
GitLab Pages documentation and original ticket .
Pages support for subgroups
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Also now you can create sites using Pages for projects in subgroups. Sites created in this way will have a URL in the format toplevel-group.gitlab.io/subgroup/project . Now for all of your projects, even those belonging to subgroups, you can create documentation or other pages necessary for the release of your software.
GitLab Pages administration documentation and original ticket .
Merchant Requests Confirmation Rules
(PREMIUM, ULTIMATE, SILVER, GOLD)
Cod-review is the fundamental practice of any successful project, but it is not always clear who exactly should conduct reviews of changes. Often there is a need for several reviewers that are responsible for different aspects - for example, for development, safety, usability and the product itself.
In the release of GitLab 11.8, we present the rules for confirmation of merge-requests, which makes it possible to determine the necessary confirmatory and the minimum number of confirmations. Confirmation rules are shown in the Merge-Requests widget, so the next reviewer is very easy to assign.
In GitLab 11.3, we introduced the role of code owners ( original article , translation ) to determine who is responsible for the different parts of the code. Code owners are already taken into account in the confirmation rules, so finding the right people for a review of changes will be easy.
By default, confirmation rules are disabled, the instance administrator can connect them with the Feature.enable(:approval_rules) command in the rails console. On GitLab.com, confirmation rules are temporarily disabled, we plan to reconnect them with the release of GitLab 11.8.1. Follow this ticket for updates.
Documentation on the rules of confirmation of merge-requests and the original ticket .
Improved interproject pipeline triggers
(PREMIUM, ULTIMATE, SILVER, GOLD)
In the release of GitLab 9.3 (the original article , translation ), the ability to create inter-project pipelines was added by launching the next pipeline by calling the GitLab API in your work. In release 11.8, we improve the launch of these pipelines thanks to the keyword trigger: which can be added to the merging pipelines and will automatically start the next pipeline when the current pipeline is successfully completed.
Documentation on the keyword trigger and original ticket .
Improved merging messages to commits
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
When a story consists of small commits to correct unit tests or solve problems from feedback, it is difficult to create a readable and useful Git history in the future. Combining commits collects such changes into one commit, while removing all descriptions.
GitLab now puts the first multi-line message in the thread of this feature as a message of a combined commit. Alternatively, you can manually enter this message and self-reflect all important changes.
Documentation on merged commits and original ticket .
Auto DevOps support for custom domain dependent domains
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Auto DevOps allows you to quickly start working on a project when you specify the "base domain" of the project. When your application is ready for deployment to production, you may want to use another domain as a FQDN .
Now you can use the ADDITIONAL_HOSTS environment variable to define one or more domains for your application. Moreover, you can configure it for a specific environment by adding the environment name to the variable, for example: <ENVIRONMENT>_ADDITIONAL_HOSTS .
Thanks Aaron Walker for this feature!
Documentation of environment variables and original ticket .
Knative function scale
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
When deploying features using a serverless architecture through GitLab, you can take full advantage of Knative, including scaling your serverless deployments.
Now for each application or function deployed in your Knative instance, you can see the scale of your serverless deployments. The scale shows the number of Kubernetes pods currently in use.
Documentation on the deployment of functions and the original ticket .
Other improvements in GitLab 11.8
Setting the first day of the week
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Previously, the calendars in GitLab automatically assumed that the week starts on Sunday. Now users in the settings can choose Monday on the first day of the week, which will be reflected when using calendars to select dates and on development contribution charts.
Thanks to Fabian Schneider for this feature!
Customization documentation and original ticket .
Scrolling the roadmap forward to the future and back to the past
(ULTIMATE, GOLD)
When you first upload a roadmap, GitLab pre-selects a time period for you with the ability to select weekly, monthly or quarterly intervals. However, earlier the roadmap view remained fixed, and the epic outside the current period were hidden.
Starting with this release, you can scroll the roadmap forward into the future and back into the past. The epics that fall into these extended intervals will automatically appear on the chart, no need to additionally refresh the page. This will allow you to view even more epic on such a time interval that you need.
Roadmap documentation and original ticket .
LDAP smart card authentication
(PREMIUM, ULTIMATE, SILVER, GOLD)
Organizations that use smart cards as authorization tokens often use LDAP for centralized account management. Version 11.6 introduced authentication using smart cards . At 11.8, we make another addition to it, adding support for using data from smart cards for authentication via an LDAP server.
In GitLab, we use an approach that complies with RFC4523 standards using the certificateExactMatch rule.
Authentication documentation using smart cards and original ticket .
Pluggable features for different environments
(PREMIUM, ULTIMATE, SILVER, GOLD)
Starting with this release, it becomes possible to independently switch features depending on the environment. The behavior of your features can be controlled using a set of rules based on matching the environment name. By default, the rule ( * ) always works, but you can also set other rules by adding new environmental specifications (for example, review/* ).
In version 11.8.0, in order for this feature to work, you will need to enable it by executing the Feature.enable(:feature_flags_environment_scope) command in the rails console.
Documentation on environmental specifications and original ticket .
Update GitLab Runner through Kubernetes integration
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
If you deploy your applications in the latest version of Kubernetes, you can be sure that you have all the new features and your security meets all the requirements.
GitLab 11.8 allows you to update GitLab Rinner in Kubernetes with one click. In future releases, we will add this feature for other applications.
Documentation for installing applications and the original ticket .
Display the time of creation and user activity in the admin panel
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Administrators need using simple actions to obtain information about user activity. To help with this task, we added a display of the date the user was created and the date of his last activity in the Users area in the admin panel ( /admin/users ).
Here you can read more about actions that GitLab recognizes as activities.
User API documentation for administrators and original ticket .
Ability to search for the latest actions of users
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
GitLab has the user attribute last_activity_on , which helps administrators more easily determine when the last activity of a user occurred. This is very convenient for finding active and inactive users.
To be sure that we are capturing read-only activities, we have extended the last_activity_on attribute so that it is updated when we visit pages related to activity panels, projects, tasks, and merge requests.
Documentation statistics in the instance and the original ticket .
Topics of projects instead of tags
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Project tags are a convenient way to organize related projects, but the term “tag” is the same as tags in GitLab. To solve this problem, we renamed the project tags to topics and improved their display on the project view page.
We are happy to continue to make topics more useful for searching by projects and are going to add filtering by topics on the activity panel in version 11.9.
Documentation on the project settings and the original ticket .
Search for repository tags in a project via API
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Now you can search for the repository tags in the project through the tags API . This will allow you to search for a specific tag in the project directly. If you are looking for projects that match the tag of a particular version, now you can easily find what you need.
Thanks to Robert Schilling for this feature!
Documentation on tags and original ticket .
Improved view of the list of projects with greater information density
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
We took into account user feedback on the first improvement of the list of projects and increased the density of information on this page, adding another column and reducing the number of empty places.
Project documentation and original ticket .
Improved group view page
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
In version 11.8 we updated the look of the group view page so that more information was displayed on it. We have reduced the number of empty spaces on this page and redesigned it so that it is consistent with the new look of the project's viewing page .
This is the first step in improving the group view page, and we’ll be happy to continue working on it.
Documentation of the groups and the original ticket .
API for managing nested epics
(ULTIMATE, GOLD)
In the previous release, we added nested epics , that is, the ability to add epics to epics. Starting with this release, you will be able to manage the connections between these epics, including through the API. So now you can manage individual workflow schedules for your team, including using automation features.
API documentation for links between epic and original ticket .
Merge requisitions and tickets brought to one type
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
We updated the merge-requisitions section in a ticket to give them visual consistency with related tickets and bring beauty.
In the future release, we will add more metadata for each line in this section, so that users can see the relevant information about the merge request immediately in context.
Documentation on the mention of tickets in merge-requests and the original ticket .
Moved the Auto DevOps domain field from CI / CD settings to cluster settings
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Specifying the base domain for Auto DevOps allows you to take advantage of powerful features such as Auto-Review Apps and Auto-Deploy. Now we have simplified the indication of the base domain by transferring it directly to the cluster settings. This will make it easy to determine the base domain when creating a cluster, as well as to define different domains for different clusters.
Documentation on setting up a basic domain for Auto DevOps and the original ticket .
Managing group labels via API
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Now you can manage group labels via the API in the same way as project labels, which helps to further support custom workflows of planning and execution in your teams.
Thanks to Robert Schilling for this feature!
API documentation for group tags and original ticket .
.html extensions are now automatically resolved for GitLab Pages sites
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
The /sub-page.html file on your GitLab Pages site is now also available as /sub-page , which gives you more options on how to show your site to users.
GitLab Pages documentation and original ticket .
Predefined Pages Variables in CI
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
The CI_PAGES and CI_PAGES_URL variables have been added to the Pages conveyors, giving you the opportunity to see the domain name and URL of the page. This provides more flexibility when working with Pages located in different places.
GitLab Pages documentation and original ticket .
Adding toleration to the Kubernetes executor
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Kubernetes provides a wonderful opportunity to separate equipment from the place where our developments are carried out. However, some tasks require specialized equipment, including work that may require more resources than others.
Kubernetes supports this by adding taint and toleration to the nodes to take these considerations into account when scheduling pods. We added native taint and toleration support to the Kubernetes executor in GitLab Runner to support these types of workflows.
Documentation for Kubernetes executor and original ticket .
TLS support in Gitaly
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Gitaly now supports TLS, which means that all communication between GitLab and Gitaly will be encrypted when TLS is enabled. Previously, the connection between GitLab and Gitaly was not encrypted by itself, but depended on the network security settings.
Documentation on TLS support in Gitaly and original ticket
Elitalsearch support in Gitaly
(STARTER, PREMIUM, ULTIMATE)
Previously, using Elasticsearch could not do without NFS to communicate with Git in the file system. Starting with this release, you can use Gitaly instead of NFS, which will speed up access to Git.
Documentation on the integration of Elasticsearch and the original ticket .
Quick jump to file in differential request
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
The review of big merge-requests is a complicated process, especially when you have to switch from one file to another. A new way to define a file based on fuzzy logic (fuzzy file finder) provides a smooth transition from one file to another, so that you can quickly navigate through the diff using the keyboard.
Documentation on the navigation diff and original ticket .
Displays the number of confirmations in the list of Merge Requests
(STARTER, PREMIUM, ULTIMATE, BRONZE, SILVER, GOLD)
Merge requests, which are confirmed and ready to merge, can now be easily found in the list of merge requests. The number of required and received confirmations is now displayed in the list of Merge Requests.
Thanks to Andy Steele for this feature!
Documentation on the confirmation of merge-requests and the original ticket .
Receive alerts from manually configured Prometheus instances
(ULTIMATE, GOLD)
GitLab 11.3 introduced support for setting up alerts ( original article , translation ), but it was limited to Prometheus instances deployed via GitLab integration with Kubernetes .
With GitLab 11.8, manually configured Prometheus servers can now also notify GitLab about alerts if you add GitLab as a recipient for a web hook in the alert manager. After receiving the notification, GitLab will send an email to the maintainers and project owners.
Documentation for integrating external Prometheus instances and the original ticket .
Removing unused tags from the container registry using the API
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
Many organizations create containers for each commit in order to simplify the verification of code changes as well as the final deployment. This can lead to a large number of container tags that are needed only for a short period of time.
GitLab 11.8 now allows end users to clean up their container registers through our API, removing tags individually or in groups using regular expressions.
Documentation on the removal of tags in the registry of the container and the original ticket .
Ticket Confidentiality for Security Vulnerabilities
(ULTIMATE, GOLD)
Users can create new tickets to eliminate security vulnerabilities when viewing security reports in Merge-Request, pipeline pages and security panels. This information contains sensitive data that may disclose details that should not be disclosed before the fix is ​​made available and released.
Starting from GitLab 11.8, vulnerability tickets are marked as confidential by default, but users can disable this flag if disclosure is allowed.
Security Requests Documentation and Original Ticket .
Forced redeployment when updating application keys / secrets in Auto DevOps
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
When you set up an application key secret for Auto DevOps using the syntax of the variable K8S_SECRET_ , the corresponding key secret Kubernetes will be created for your application.
- , Auto DevOps -.
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
(Serverless) , Knative, , .
, .
Auto DevOps
(CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD)
HTTPS Auto DevOps. URL, Let's Encrypt (64 ), .
release notes / : GitLab 11.8 released with SAST for JavaScript, Pages for subgroups, and Error Tracking .
')
Source: https://habr.com/ru/post/443322/
All Articles