This year’s major GitLab release has been pushed out, fitting the DevOps platform with what every user of its web IDE has been craving for – a dark theme. Not what you’ve been looking for? Well, there are still automatic deployments to ECS, better Terraform support, improved handling of large files, and high availability Git storage without NFS.
With the 13.0 release, GitLab acknowledges AWS’ status as one of the major deployment targets in the cloud, and extends its Auto DevOps feature. Teams who have it enabled can have their code automatically built and deployed to Amazon’s cloud platform, once a couple of AWS related variables have been set, which should pose less of a challenge then the process would have needed previously.
Under the hood there have been works to support highly available Git storage without NFS. The result uses Gitaly Cluster and a new router and transaction manager called Praefect. According to the announcement “requests for Git data are routed through one of multiple Praefect nodes to a Gitaly node” which means “there are always multiple warm replicas ready to take over if an outage occurs”.
Another set of improvements concerns the use of infrastructure as code tool Terraform. For one, users can now review a summary of terraform plan in their merge requests, should they use the template provided by GitLab. However, the platform can now also be used as a HTTP backend for Terraform, offering encryption at rest, locking, object storage, and multiple name state files per project. The functionality is meant to prevent operation engineers and co from having to set up state storage with every new project.
Other than that, users can now set up dashboards using variables instead of fixed data sources, so that it’s easier to switch to a different kind of metric if needed, and enjoy versioning for their code snippets which is meant to up collaboration on those items.
If a Git version supporting partial clones (2.22 and above) is used, GitLab 13 is able to skip files too large to download during clone and fetch processes. Should this indeed turn out to be critical for the project and therefore missing at a later point, the file will be downloaded on demand.
As usual, some of the more business-oriented features are reserved for ultimate/gold users – at least until they’re found out to be of general interest. This time, these include a way to expand parent epics in a roadmap, to get a better overview of its child epics, and a new vulnerability object model. The latter provides unique URLs for each vulnerability occurrence so that they can be easily shared, and bring the practice of overwriting previous findings to an end, reducing duplication and improving vulnerability tracking in the process.
Other additions in the ultimate/gold users-only category are dynamic application security testing scans for REST APIs, static app security testing scans for .NET projects that go beyond the core. A freeze period API to specify a time period in which no production releases are allowed, exportable vulnerability lists, and emoji rendering in issue titles, descriptions, and comments for issues published as status pages also come as part of the GitLab 13.0 release.
Quite a lot to check out and of course the roadmap for the next couple of months being pretty fleshed out already, giving GitLab not much time to breathe before the next release. Upcoming features include visual helpers to identify bottlenecks, A/B testing capabilities, policy management, and API fuzzing support. More details can be found in the release announcement.