GitLab Direction

1. You are here:
2. GitLab Direction

On this page

• Vision
  • Background and history
  • DevOps stages
    • Manage
    • Plan
    • Create
    • CI/CD
      • Verify
      • Package
      • Release
    • Configure
    • Monitor
    • Secure
    • Defend
  • Enablement Groups
    • Geo
    • Fulfillment
• Strategy & Plan
  • Depth
  • Breadth
  • Personas
  • Use Cases
  • Company Initiatives
  • Enterprise editions
• Maturity
• Quarterly Objectives and Key Results (OKRs)
• Your contributions
• How we plan releases
• Previous releases
• Upcoming releases
• Moonshots
• Paid tiers
  • Starter
  • Premium
  • Ultimate

Vision

Our vision is to replace disparate DevOps toolchains with a single application that is pre-configured to work by default across the entire DevOps lifecycle.

We aim to make it faster and easier for groups of contributors to deliver value to their users, and we achieve this by enabling:

• Faster cycle time, driving an improved time to innovation
• Easier workflows, driving increased collaboration and productivity

Our solution plays well with others, works for teams of any size and composition and for any kind of project, and provides ongoing actionable feedback for continuous improvement.

You can read more about the principles that guide our prioritization process in our product handbook.

Background and history

• The Product Vision Backstory
• The 2018 Product Vision
• The 2019 and Beyond Product Vision

DevOps stages

DevOps is a broad space with a lot of complexity. To manage this within GitLab, we break down the DevOps lifecycle into a few different stages, each with its own direction page you can review:

Manage

Overall visibility and insight into what's happening within GitLab

Plan

Planning capabilities to keep your team synchronized and moving in the right direction

Create

Create, view, and manage code and project data through powerful tooling

CI/CD

Verify

Keep strict quality standards for production code with automatic testing and reporting

Package

Manages the packages you build and depend on in your software delivery process

Release

Continuous delivery and orchestration of your releases to your users

Configure

Automation to configure your applications and infrastructure

Monitor

Monitor system behavior to understand the impact of changes on your system

Secure

Security capabilities, directly integrated into your development lifecycle

Defend

Defend your apps and infrastructure from security intrusions

Enablement Groups

Supporting the stages in the DevOps lifecycle, there are additional Enablement groups, again with their own direction pages:

Geo

Fulfillment

Strategy & Plan

Our strategy and FY20 plan for the product are comprised of a few key concepts:

• Depth
• Breadth
• Personas
• Use Cases
• Company Initiatives

Depth

We aim for market leadership in every category we compete in. We're already there with:

• Source Code Management
• Continuous Integration

For FY20, and we'll build best-in-class, lovable features in:

• Project Management
• Release Automation
• Application Security Testing
• Value Stream Management

Breadth

We wouldn't be true to our ambition if we stopped with our current product categories. Across our existing DevOps stages we'll continue to rapidly expand with new categories.

Personas

GitLab enables everyone to contribute. Our platform can be used by all people contributing to digital content.

We've already built great workflows and dashboards for:

• Developers
• Project Managers

We are investing in our relatively new roles:

• Release Managers
• Security
• Operations

We plan to expand to more roles in FY2020:

• Designers
• Product Managers
• Executives

Other candidates:

• Marketing
• Legal
• QA
• Data Scientists

Use Cases

Use cases represent content types (web applications, static websites) and collaboration workflows (idea to production, publishing). Gitlab continues to deliver and replace the disparate DevOps toolchain for both static content and traditional web applications. These are two examples of use cases. We're actively investing in more robust support for new use cases such as cloud native and mobile apps, but we aren't done there. GitLab will expand to enable collaboration on new use cases.

In FY20, we're targetting:

• Mobile apps (including iOS builds on MacOS shared runners on GitLab.com)
• Serverless apps and functions
• Systems of microservices
• Monorepos of related services
• Versioned dependencies (e.g. rubygems)

Future use cases:

• Data science
• ML/AI
• Security research
• Gaming (LFS / Monorepo with many binaries)

Company Initiatives

We are also tracking big initatives for the entire company or for the application at a holistic level that impact the product. These items have their own planning and goals, and typically bridge several (and in some cases even all) of the stages in the product. Some have formal working groups. There are other formal working groups that are not mentioned here as this list focuses on efforts that Product is directly involved with.

• Move to a single CE/EE Codebase
• GitLab.com costs
• Internationalization
• Elastic Search on GitLab.com
• GitLab.com using CD
• GraphQL
• Design system
• Dogfood microservices

In addition, there are broad efforts to "level up" the Product org:

• Embrace dogfooding
• Become more customer driven
• Become data-informed
• Become ROI and Revenue driven
• Shift ratio of breadth/depth more towards depth
• Improve latency without degrading bandwidth

Enterprise editions

GitLab comes in 4 editions:

• Core: This edition is aimed at solo developers or teams that do not need advanced enterprise features. It contains a complete stack with all the tools developers need to ship software.
• Starter: This edition contains features that are more relevant for organizations that have more than 100 potential users. For example:
  • features for managers (reports, management tools at the group level,…),
  • features targeted at developers that have to work in multi-disciplinary teams (merge request approvals,…),
  • integrations with external tools.
• Premium: This edition contains features that are more relevant for organizations that have more than 750 potential users. For example:
  • features for instance administrators
  • features for managers at the instance level (reporting, management tools, roles,…)
  • features to help teams that are spread around the world
  • features for people other than developers that help ship software (support, QA, legal,…)
• Ultimate: This edition contains features that are more relevant for organizations that have more than 5000 potential users. For example:
  • compliances and certifications,
  • change management.

Maturity

As we add new categories and stages to GitLab, some areas of the product will be deeper and more mature than others. We publish a list of the categories, what we think their maturity levels are, and our plans to improve on our maturity page.

Quarterly Objectives and Key Results (OKRs)

To make sure our goals are clearly defined and aligned throughout the organization, we make use of OKR's (Objective Key Results). Our quarterly Objectives and Key Results are publicly viewable.

Your contributions

GitLab's direction is determined by GitLab the company, and the code that is sent by our contributors. We continually merge code to be released in the next version. Contributing is the best way to get a feature you want included.

On our issue tracker for CE and EE, many requests are made for features and changes to GitLab. Issues with the Accepting Merge Requests label are pre-approved as something we're willing to add to GitLab. Of course, before any code is merged it still has to meet our contribution acceptance criteria.

How we plan releases

At GitLab, we strive to be ambitious, maintain a strong sense of urgency, and set aspirational targets with every release. The direction items we highlight in our kickoff are a reflection of this ambitious planning. When it comes to execution we aim for velocity over predictability. This way we optimize our planning time to focus on the top of the queue and deliver things fast. We schedule 100% of what we can accomplish based on past throughput and availability factors (vacation, contribute, etc.).

See our product handbook on how we prioritize.

Previous releases

On our releases page you can find an overview of the most important features of recent releases and links to the blog posts for each release.

Upcoming releases

GitLab releases a new version every single month on the 22nd. You can find the major planned features for upcoming releases on our upcoming releases page.

Note that we often move things around, do things that are not listed, and cancel things that are listed.

Moonshots

Moonshots are big hairy audacious goals that may take a long time to deliver.

• META: Internationalization / add translations
• Implement cross-server (federated) merge requests
• Real-time editing of issue and merge request title
• Make native applications for iOS and Android with Turbolinks
• Run tests in the cloud, pre-commit from a client
• Copy-on-write fuse filesystem
• Autocommit using auto-assigned approvers
• Suggest edits to fix common errors detected by CI
• Use machine learning to automatically classify issues/MRs
• Visual editor for .gitlab-ci.yml
• IDE / editor with a local editor via mirroring / sync
• Render like BigPipe for better perceived performance
• Real-time editing of issue and merge request description
• Machine learning to predict and offer next label to apply
• Rebuild/update all containers Premium
• Allow pushing to multiple servers
• Code to issue audit
• Clone MR
• Failure Injection Testing (FIT) or Chaos as part of operations features Premium
• See visual diff in review app
• PeopleOps tool - Talent management (recruiting in particular)

Paid tiers

Starter

Starter features are available to anyone with an Enterprise Edition subscription (Starter, Premium, Ultimate).

• Visual Review App MVC 11.11
• Copy LFS objects when a repository is pull mirrored 11.11
• Add ability to take screenshot in Visual Review Tool 12.0
• Add full screen annotations to Visual Review tool 12.1
• Automatic testing parallelization MVC FY20 Q3
• Graph history of pipeline durations FY20 Q3
• Actionable analytics MVC FY20 Q3
• Visualize jobs duration given a pipeline (chart, graph) FY20 Q4
• Constant Deployment FY20 Q4
• Honor "fixup!" commits when doing rebases in Merge Requests Backlog
• Restrict group approvers to groups that have share access to the project Backlog
• Make Runner automatically upload artifacts to Object Storage
• Pipeline timing graphs
• Show fuller code quality notices inside the MR widget Backlog
• Auto Coverage Backlog
• Continue code quality: show result when Pipeline runs Backlog
• CI View for Code Quality Backlog
• Connect to GitHub Enterprise at group level Backlog
• Pin (star) boards you care about Backlog
• Switch from flat group runner minutes to X per-member Backlog

Premium

Premium features are only available to Premium (and Ultimate) subscribers.

• Cross-project environments dashboard MVC 11.11
• Only allow non-admins to archive projects, not delete them 11.11
• Allow restricting group members by a domain whitelist 11.11
• Dependency proxy for container registries 11.11
• Add feature flag permissions 11.11
• Cross-project upstream: dependency MVC 11.11
• Specify that an MR must be merged after another MR 11.11
• Merge trains MVC (one at a time) 11.11
• Vault proof-of-concept 11.11
• Template that automatically builds and pushes to the NPM registry 11.11
• Template that automatically builds and pushes to the Maven repository 11.11
• Scoped labels restyled 11.11
• [FE] Allow restricting group members by a domain whitelist 11.11
• Require a job for every pipeline (required include:) 12.0
• Manual backlog grooming and prioritization 12.0
• Merge coordinated merge requests with a single click 12.0
• Add point of interest discussions to designs 12.0
• Optimistic/parallel merge trains 12.0
• CI View for Selenium MVC 12.1
• Approval jobs in CI pipelines 12.1
• Dependency proxy for GitLab Maven package repositories 12.1
• Automated a11y scanning of Review Apps FY20 Q3
• Implement inline code coverage remarks inside merge request changes tab file diffs FY20 Q3
• Graph testing results over time MVC FY20 Q3
• Merge request pipelines for forks FY20 Q3
• Button to auto-provision required files for Maven integration FY20 Q3
• Automatic multi-cloud validation MVC FY20 Q3
• Post-deployment monitoring (continuous verification) MVC FY20 Q3
• Add % rollout to Feature Flags FY20 Q3
• GitLab pipeline creating change request ticket in ServiceNow FY20 Q3
• Integrate Artillery.io for Integrated Testing FY20 Q3
• Public pipeline status FY20 Q3
• Code analytics FY20 Q4
• Advanced deploys (Blue/green, Canary, Traffic vectoring) FY20 Q4
• Environment-specific variables for Group-level variables FY20 Q4
• Create an alert in Audit Events FY20 Q4
• Continuous Verification Post-MVC FY20 Q4
• PyPi Artifact Repository MVC FY20 Q4
• Measure usage of Integrated Load Testing FY20 Q4
• Better than Atlassian Jira integration Backlog
• Add Support for Helm chart registry (Kubernetes Package manager) Backlog
• Graph that shows code coverage on default branch over time Backlog
• Approvers based on code Git blame Backlog
• View the history of changes to an issue/mr/epic description Backlog
• Rebuild/update all containers
• Verified and reproducible builds
• Block merge request with a negative approval signal Next 7-13 releases
• Turnstile security: self learning and location dependent
• Watermarking of downloaded binaries
• Advanced compliance reporting (on access rights)
• [meta] Disaster Recovery Next 3-4 releases
• Auto-rebase when merging merge request Next 4-7 releases
• Group-level named label sets Backlog
• Automatic CDN configuration for Pages Backlog
• Import JIRA project issues into GitLab project issues Backlog
• Feature monitoring Backlog
• Add "Jira integration" to multiple projects at once Backlog
• Group level integration with JIRA Backlog
• Block deploy/promote/merge if degrade performance too much
• Distributed Systems / Microservices Backlog
• More control over manual action permissions
• Controllable permissions for CI tokens
• Operator role
• Multiple Performance Dashboards Backlog
• Automatically assign SLA time for Service Desk issues
• Automatically assign Service Desk issues to users
• Blocking issues Backlog
• Using not in issue/mr/epic list views and boards Backlog
• Automatically Load-balance tests Backlog
• Show code quality notices on diffs/MRs Backlog
• Create GitLab branch from Jira issue dev panel Backlog
• Create GitLab merge request in JIRA issue in development panel Backlog
• View GitLab merge request approvals information in associated JIRA issue Backlog
• Service Desk Analytics Backlog
• Real-time updates in Jira dev panel Backlog
• Automatic flaky test minimization Backlog
• Scale deployments directly from the environment page
• Autoscaling apps
• Application idling / scale to zero Backlog
• Detect and report on flaky tests Backlog
• META: Code review flow which doesn't rely on manual assignment
• Multiple milestones per issue or merge request Backlog
• Control incremental rollouts in the UI Backlog
• Increase visibility of incremental rollouts in deploy boards Backlog
• Add Debian support to our Artifact Repository (MVC)
• Add RPM support to our Artifact Repository (MVC)
• Compliance features Backlog
• Burndown chart in issue boards Backlog
• Using or in issue/mr/epic list views and boards Backlog
• Make timed incremental rollout move forward only Backlog
• Failure Injection Testing (FIT) or Chaos as part of operations features Backlog
• Support Conan packages for C/C++
• Dependency proxy for GitLab NPM package repositories Backlog
• Add support for npm tags Backlog
• CI View for detailed site speed metrics Backlog
• Add link to detailed sitespeed report from Merge Request Backlog
• Add integrated load testing to Auto DevOps Backlog
• Add support for .HAR file to integrated load testing Backlog
• Extend metrics to allow for groups of metrics Backlog
• Allow multiple jobs to specify metrics Backlog
• Expose previous stages metrics to the current job Backlog
• [Meta] GitLab HA improvements post GA Next 7-13 releases

Ultimate

Ultimate is for organizations that have a need to build secure, compliant software and that want to gain visibility of - and be able to influence - their entire organization from a high level. Ultimate features are only be available to Ultimate subscribers.

• Mirror changes from Web IDE to CI runner 11.11
• Option to set Security Dashboard as default view for groups 11.11
• Enable active scan for DAST 11.11
• Create child epic from epic 11.11
• Add Severity level to Gemnasium vulnerabilities 11.11
• Security reports API 11.11
• Add optional reason when dismissing vulnerabilities 11.11
• View epic tree in epic 11.11
• Live preview (server side evaluation) application in Web IDE 12.0
• Binary Authorization MVC 12.0
• Option to enable Binary Authorization in new GKE clusters 12.0
• Executable Runbooks for Releases MVC 12.0
• Security gates for merge requests 12.0
• Bill Of Materials view 12.0
• Value stream analytics - Two label events for cycle time 12.0
• Disallow merge if a blacklisted license is found 12.1
• Import HackerOne reports into GitLab 12.1
• Show the detailed status of security testing in the merge request 12.1
• SAST for APEX 12.1
• Enable ModSecurity Web Application Firewall on cluster ingress controller 12.2
• Collect ModSecurity information and show them to users 12.2
• Release Orchestration Dashboard MVC FY20 Q3
• Security Dashboard as an option for default dashboard FY20 Q3
• Instance level Security Dashboard MVC FY20 Q3
• Group License Management FY20 Q3
• Calendar showing issues on issue due dates Backlog
• Access issue custom fields from project level Backlog
• Auto Remediate dependency security vulnerabilities Next 7-13 releases
• Ops view of monitoring and deploy board Backlog
• Custom workflows - Group configuration Backlog
• Web Terminal with persistent disk Next 7-13 releases
• Defect management
• Pipeline analyses to find transient failure
• Show current status of pods in deploy board Backlog
• Disable deleting issues and merge requests instance wide Backlog
• Lock issue title and description forever Backlog
• Change control
• Custom fields with required validation Backlog
• Configure group-level issue custom field Backlog
• Configure project-level issue custom field with enumerated (dropdown) field type Backlog
• Application logging (aggregated) Next 7-13 releases
• GitLab Tracing Next 7-13 releases
• Internal Ops Dashboard
• Production scripted testing Next 3-4 releases
• Anomaly alerts Next 3-4 releases
• Application Log Alerts Next 4-7 releases
• Risk management Next 7-13 releases
• What-if scenario planning
• Show Security Testing results on the environments page Next 4-7 releases
• Add epics to global search Backlog
• Detect & Alert on manual changes to Kubernetes configuration
• Email notification for security reports Next 4-7 releases
• Logging
• Execute linter in Web IDE runner and render linter output in the Web IDE Next 4-7 releases
• Add Pod Logs to Operations tab Next 3-4 releases
• Monitor device-plugin resources in Kubernetes
• Pod View
• Node View
• Node and Pod summary views
• Create a repository of includes for security features Next 4-7 releases
• Burndown chart with stacked lines in boards Backlog
• Value stream analytics in board
• Show Security Dashboard as the default project overview content Next 4-7 releases
• Time analytics line chart Backlog
• Burndown chart in issue boards Backlog
• Scroll vertically in roadmap view Backlog
• Dependency Scanning for Go Next 4-7 releases
• Security Control Panel for security testing
• Bar chart for VSM workflow analytics Backlog
• Epic swimlanes in board Backlog
• Use both fixed and inherited dates in epics to track delays Backlog
• Add mean remediation time in the Security Dashboard Next 4-7 releases
• Cumulative flow diagram in board Backlog
• Discussion thread in board Backlog
• Test run object (or issue verification object generally) Backlog
• Benefit-weight ratio (WSJF in SAFe) visualization Backlog
• Epic cost, benefit, ROI fields Backlog
• Planning epics with WSJF in SAFe (benefit-weight ratio) Backlog
• Include fuzzy testing in DAST Next 4-7 releases
• Group Security Dashboard API Next 4-7 releases
• Custom rules for Web Application Firewall
• Site-specific configuration for Web Application Firewall
• Allow blocking mode for Web Application Firewall
• Blocking epics
• Filter issue list by epic Backlog
• Inline vulnerability management for the Group Security Dashboard Backlog
• Update HackerOne reports based on remediation flow in GitLab Backlog