GitLab gets secure, works on visbility in 12.9 release

GitLab gets secure, works on visbility in 12.9 release
Gitlab Logo

GitLab promised enhanced security and better visibility with v12.9 of its Dev-X-Ops platform which shipped yesterday.

The latest rev of the platform includes a lengthy list of changes and updates, but the vendor led its announcement with a raft of security changes.

These include giving users the ability to use HashiCorp Vault to “securely manage keys, tokens, and other secrets at the project level by installing it as a managed application within a Kubernetes Cluster.” If you already use HashiCorp Vault, there is a “Bring Your Own” integration for the Vault.

Sticking with security, the platform will now suggest solutions for vulnerabilities picked up during container scanning – typically upgrading to the next version of the packaging question. Users also get the ability to select multiple vulnerability findings and dismiss them all at a stroke.

When it comes to visibility, you can now look at things from a Value Stream Analytics perspective, not just through “DevOps loop” goggles, which GitLab concedes, “may not be suitable for everyone, as some teams may follow a different workflow.”

So, users now have “more control to customize the stages to reflect the right metrics for your business. Each new stage can have specific trigger events that define the entry or exit of the stage, allowing you to focus on improvements based on your defined key performance indicators.” The company has pledged more work here in future editions. You can see more on that – and GitLab’s take on its competitors – here. ht

The vendor has also introduced a Full Code Quality Report, which goes beyond the previous Code Quality feature in merge requests. The new report “summarizes the quality issues across the project”.

Other changes include new controls for managing Web Applications Firewalls, which can now be turned on or off globally across a project. Users also get WAS Statistics Reporting, showing total and blocked traffic.

Access to other features has been broadened. For example, group level Roadmaps are now available to Premium Users, as well as Ultimate customers.

Also, as part of this release, the vendor has shipped GitLab Runner 12.0. Key changes include the ability to create a network per build to link containers, and Fedora 30 support, as well as a raft of other features and fixes.