Contributing features, reviewing changes, and deploying code is a day in the life of a developer. Today we are making these tasks easier and more efficient with an amazing Web IDE, more flexible pipelines, additional security testing, and so much more.
At GitLab, we want everyone to be able to contribute, whether you are working on a stack of changes. Setting up a local development environment, or needing to stash changes and switch branches locally, can add a friction to the development process. Using the Web IDE you can change multiple files, preview Markdown, review the changes and commit all from a browser. You can open the request and get a side-by-side view of the changes. The Web IDE is generally available in 10.7 and is now open source so everyone can benefit.
For any organization working with containers their registry is a key component in their infrastructure. It serves as a versioned repository, providing an easy and secure way or interacting with your container images. A common use for the registry is Kubernetes . It is important for Kubernetes to have access on an ongoing basis. For example, Kubernetes will pull an image on initial deployment, any time a pod restarts, or when scaling additional pods.
Previously there were two ways to grant access to the registry and repository. One way is the CI job token which provides temporary access to the job, after which it expires. Personal Access Tokens provide long term access but are tied to a specific user. When using the CI Job Token, Kubernetes loses access once the CI has completed, so ongoing events like pod restarts and scaling fail. Using Personal Access Tokens is also undesirable, because access has to be shared with a user, or a separate service account must be created which takes up a license.
To address these needs more cleanly we have added Deploy Tokens providing long lived read-only authentication. With a Deploy Token, Kubernetes can now get the images it needs, when it needs them, without being associated with a particular user or […]
CI / CD flow control based on variables
A company’s CI / CD service is the engine of their software engineering process, performing a wide variety of roles from building and testing software, deploying it to production and more creative tasks as well. With such a varied and open-ended set of uses, it is important to run specific jobs only when they need to. GitLab CI / CD already provides managing flow control but there were some use cases like a nightly build that were not easy to address. In 10.7 jobs can now be based on the value of specific variables enabling new use cases such as specific jobs pipeline schedule or API trigger .  SAST for Go and C / C ++ languages
As part of Complete DevOps we are providing a great set of security tools out of the box. Static Application Security Testing (SAST) analyzes your source code for known vulnerabilities, and requests for easy review. In order to analyze your code however, SAST needs to have support for your language. For this reason we have been broadening the scope of SAST, and now support Go and C / C ++ .