GitLab 10.7 Released with Open Source Web IDE and Extended SAST Support
The latest GitLab release is a real treasure. The number of features added in GitLab 10.7 will make any developer using the popular tool very excited. Thanks to GitLabs’s downtimeless upgrade feature and the few deprecations that come with the latest release, updating should be swift and painless.
GitLab is Git made easy whether you are a newbie just pushing your first commit or pro user stashing changes and switching branches. Those who are just starting the road in development should know that GitLab is a web-based Git-repository manager, available both as a self-hosted and as a cloud-hosted SaaS, with additional features including an issue tracker and a wiki. The tool is available under an MIT License for the Community Edition and a Commercial license for the enterprise offering.
Web IDE is Now Open Source
Introduced in GitLab Ultimate 10.4, the Web IDE allows developers to speed up the development process by streamlining workflows. Using the Web IDE, developers can change multiple files, preview markdown, review and commit changes straight from the browser. The Web IDE can be accessed from the repository, from a file and even directly from a merge request.
The Web IDE is available with an open source license, so anyone can contribute and benefit from the project.
For containerized environments, the registry is a vital component of the infrastructure. Up until now, to provide long-lived read-only access to the repository or container images was achieved via Personal Access Tokens or CI tokens. Both methods worked, however, PAT is associated with a specific user account and also share their access. For C1 job tokens, one a C1 job was completed, an orchestrator would lose access.
Deploy Tokens solve these shortcomings by providing a permanent token that is unique to the project. Deploy tokens will allow developers to enable repository or container registry access, revoke the token or set an expiration date.
CI/CD Flow Control Based on Variables
The Continuous Integration, Continuous Delivery principle is the core of the software engineering process and is the key to delivering modern and viable products. However, this mantra implies a lot of scenarios starting with building and testing software, deploying it in production and, of course, expanding beyond stable releases. GitLab CI/CD is up to the task, but version 10.7 addresses even more use cases. For example, jobs can be targeted around specific variable values, including a particular pipeline schedule or API triggers.
SAST for Go and C/C++
Developers writing projects in Go or C/C++ will be able to test for security vulnerabilities. The security testing tools, Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) introduced in GitLab 10.4 were available only for Java, Ruby and Python.
Support for additional programming languages is coming in future releases.
The GitLab release adds many usability tweaks including comments in epics, additional custom text for all emails, subgroup issues in Group Issue Board, filtering by subgroup labels, project badges and more. Other notable additions are:
- HTTP(s) Git protocol always available for CI/CD jobs
- Support for JSON Web Token OmniAuth
- Automatic background verification of Geo replicas
- Project exports include LFS objects
- Runner-specific job timeout
- Improved verbose for failure reasons for CI/CD jobs
- Ubuntu 18.04 Bionic support
- GitLab Pages automatic HTTPS redirect
- Automatic renewal of GitLab Let’s Encrypt certificate
- Cloud native GitLab chart available for Core (alpha)
Of course, as expected, GitLab 10.7 adds various performance tweaks including:
- Improvements to the environment metrics dashboard
- Omnibus enhancements
- Performance improvements
- Improvements to restoring GitLab backups
The are no breaking changes in GitLab 10.7, but developers still running Debian 7 Wheezy should prepare to migrate, as GitLab 11.0 will be the last version that will support the aging distro.
For teams using Mattermost, the open source alternative for Slack, GitLab 11.0 will limit the configuration options supported within gitlab.rb. While the core configuration settings necessary to run Mattermost will remain supported, other configuration settings will have to be configured from within the Mattermost console or passed as environment variables.
Getting Started with GitLab 10.7
For new instances, get the tool from this page. If you are updating GitLab, check out our update page. First-time users should also check the documentation. And definitely, don’t forget to check the GitLab blog. It seems like the team working on GitLab 11.0 is under pressure because 10.7 set the standard so high.