GitLab gets secure, works on visbility in 12.9 release

By Team Devclass
-
GitLab gets secure, works on visbility in 12.9 release
Gitlab Logo

GitLab promised enhanced security and better visibility with v12.9 of its Dev-X-Ops platform which shipped yesterday.

The latest rev of the platform includes a lengthy list of changes and updates, but the vendor led its announcement with a raft of security changes.

These include giving users the ability to use HashiCorp Vault to “securely manage keys, tokens, and other secrets at the project level by installing it as a managed application within a Kubernetes Cluster.” If you already use HashiCorp Vault, there is a “Bring Your Own” integration for the Vault.

Sticking with security, the platform will now suggest solutions for vulnerabilities picked up during container scanning – typically upgrading to the next version of the packaging question. Users also get the ability to select multiple vulnerability findings and dismiss them all at a stroke.

When it comes to visibility, you can now look at things from a Value Stream Analytics perspective, not just through “DevOps loop” goggles, which GitLab concedes, “may not be suitable for everyone, as some teams may follow a different workflow.”

So, users now have “more control to customize the stages to reflect the right metrics for your business. Each new stage can have specific trigger events that define the entry or exit of the stage, allowing you to focus on improvements based on your defined key performance indicators.” The company has pledged more work here in future editions. You can see more on that – and GitLab’s take on its competitors – here. ht

The vendor has also introduced a Full Code Quality Report, which goes beyond the previous Code Quality feature in merge requests. The new report “summarizes the quality issues across the project”.

Other changes include new controls for managing Web Applications Firewalls, which can now be turned on or off globally across a project. Users also get WAS Statistics Reporting, showing total and blocked traffic.

Access to other features has been broadened. For example, group level Roadmaps are now available to Premium Users, as well as Ultimate customers.

Also, as part of this release, the vendor has shipped GitLab Runner 12.0. Key changes include the ability to create a network per build to link containers, and Fedora 30 support, as well as a raft of other features and fixes.

AWS combines "building block" blueprints with CodeCatalyst for rapid project creation including DevO...
Cloudflare updates Workers platform with Python support, event notifications, and improved local dev...
Atlassian takes another step toward full DevOps automation
Podman 5.0 released with native Mac hypervisor support, new features and breaking changes
GitHub autofix progresses to public beta: insecure code corrected with AI, but only for enterprise
Secret leakage in public GitHub repositories increasing, claims new report
Test launch of TEA open source reward project clouded by repository spam attack 
From Docker to Dagger: Solomon Hykes on modernisation of the DevOps pipeline
Docker introduces Build Cloud for accelerated local development
Enterprises struggle with Agile methodology, reports long-standing survey of practitioners
Spotlight on GitHub self-hosted runners again as researcher demonstrates attack on PyTorch code
PyPy moves from Mercurial, says 'open source has become synonymous with GitHub'