At the Google Cloud Next event in San Francisco and online this week, Google and Gitlab introduced an “extended partnership,” which adds Google Cloud Platform (GCP) features to the GitLab DevSecOps platform as well as a new option in the GCP console to create a GitLab project.
David DeSanto, GitLab Chief Product Officer, spoke yesterday at the event, explaining that “This will give Google Cloud customers the ability to easily set up secure pipelines in GitLab that automatically connect and deploy to Google Cloud with full regionalisation and compliance.” There were also warm words from Gabe Monroy, Google VP Developer Experience, who said that the integration is “going to make end to end software supply chain [management] easier and more accessible than ever before.”
Specifically, GitLab will connect to GCP to register and configure runners – continuous integration/delivery (CI/CD) job processes – and use templates to deploy to GCP components such as Cloud Run and Google Kubernetes Engine (GKE).
A key feature is integration with GCP enabling both GitLab’s vulnerability reports and GCP security scanning and binary authorization policies on deployed code. Packages can be prevented from running if they do not satisfy these requirements, according to GitLab’s post on the subject.
The integration is not available yet, but developers are invited to sign up for a preview. DeSanto said that “we’re looking to launch later in the year.”
It is understandable that GitLab tends to look first to GCP for cloud integration. Azure is operated by Microsoft, owner of GitLab’s competitor GitHub; and AWS has its own tools such as CodeCommit, CodePipeline, CodeBuild and CodeDeploy – even though these fall far short of GitHub or GitLab in terms of both capabilities and usage.
GCP also has DevOps services, including basic git repository hosting, Cloud Deploy, Cloud Build service, Artifact Registry, Jenkins on Google Cloud, and a Cloud Shell Editor based on Eclipse Theia, which shares some of the same technology as Visual Studio Code but is fully open source. GCP lacks a full-featured DevOps platform like GitHub or GitLab though, so pointing customers towards GitLab helps to plug an important gap – though as a partnership it is rather unequal and the Cloud Next bio described DeSanto as a “customer”.
At Cloud Next, Google also enthused about its Duet AI and Codey services for developers, its answer to GitHub Copilot for coding assistance. Google’s AI for developers is built on PaLM 2, a Google AI large language model (LLM). Attendees saw Duet AI working in Cloud Shell Editor for generating code from comments, and responding to chat questions. These services are currently in preview, but will support many popular IDEs via Cloud Tools, including VS Code and JetBrains IDEs, and over 20 programming languages.