GitLab Direction

1. You are here:
2. GitLab Direction

On this page

• Vision
  • Background and history
  • DevOps Stages
  • Possible future stages
• 3-year Strategy
  • Depth
  • Breadth
  • Personas
  • Application Types
  • Themes
    • Trend Towards Consolidation
• 1-year Plan
• Maturity
• Scope
• Quarterly Objectives and Key Results (OKRs)
• Your contributions
• How we plan releases
• Previous releases
• Upcoming releases
• Moonshots
  • Actionable feedback
    • Business feedback
    • Application feedback
    • System feedback
    • Execution feedback & Cycle Analytics
  • ML/AI at GitLab
    • Signal / noise separation
    • Recommendation engines
    • Smart behavior
    • Code quality
    • Code navigation
    • Audit events

This page introduces the GitLab product vision, where we're headed over the next few years, and our plan to deliver over the next year.

Vision

Our vision is to replace disparate DevOps toolchains with a single application that is pre-configured to work by default across the entire DevOps lifecycle.

We aim to make it faster and easier for groups of contributors to deliver value to their users, and we achieve this by enabling:

• Faster cycle time, driving an improved time to innovation
• Easier workflows, driving increased collaboration and productivity

Our solution plays well with others, works for teams of any size and composition and for any kind of project, and provides ongoing actionable feedback for continuous improvement.

You can read more about the principles that guide our prioritization process in our product handbook. You can also read our GitLab as a Product section which describes the principles that are used to guide GitLab itself forward.

Background and history

• Product Vision, Strategy, and 2020 Plan slides
• The Product Vision Backstory
• The 2019 and Beyond Product Vision
• Product Vision, Strategy, and 2019 Plan slides
• GitLab's 2018 Product Vision: Prototype demo
• Beyond CI/CD: GitLab's DevOps vision (circa 2017)

DevOps Stages

Image source

DevOps is a broad space with a lot of complexity. To manage this within GitLab, we break down the DevOps lifecycle into a few different sections, each with its own direction page you can review.

• Dev Section Direction - Includes the Manage, Plan, and Create stages
• Ops Section Direction - Includes the Verify, Package, Release, Configure, and Monitor stages
• Secure & Defend Section Direction - Includes the Secure and Defend stages
• Growth Section Direction - Includes the Growth stage, which includes the Acquisition, Conversion, Expansion, Retention, Fulfillment, and Telemetry groups
• Enablement Section Direction - Includes the Enablement stage, which includes the Distribution, Geo, Memory, Global Search, and Database groups

We are investing in the following manner across each stage:

• Planning spreadsheet with PM analysis of competition, Headcount with stage revenue, Headcount by category
• Product categories
• Maturity page
• Backend hiring priorities
• Rolling 4 Quarters GitLab Hiring Plan (internal only)
• Finding headcount outside of your stage

Possible future stages

Possible future stages that are being considered can be found on our Product stages, groups, and categories page

3-year Strategy

Product uses a few key concepts to talk about how we work:

• Depth
• Breadth
• Personas
• Application Types
• Themes

Depth

We aim for product leadership in almost every area we compete in. We're already there with:

• Source Code Management
• Continuous Integration

The next three we'll build up to best-in-class, lovable features are:

• Project Management
• CD/Release Automation
• Application Security Testing

Depth is about taking everything that's already viable and getting it through to complete, and eventualy to lovable.

Breadth

We wouldn't be true to our ambition if we stopped with our current product categories. For breadth, we’re taking all the brand new, planned categories, as well as the existing, but minimal categories, and making them all viable.

Personas

Personas are the people we design for. We’ve started down the path of having developers, security professionals, and operations professionals as first-class citizens; letting each person have a unique experience tailored to their needs. We want GitLab to be the main interface for all of these people. Show up at work, start your day, and load up GitLab. And that’s already happening.

But there are a ton of people involved with the development and delivery of software. That is the ultimate GitLab goal - where everyone involved with software development and delivery uses a single application so they are on the same page with the rest of their team. We’ve recently launched the first features for Designers and soon we’ll have more for Product Managers. We’ll be expanding to the business side, with Executives visibility and reporting. Maybe even Legal gets involved in license review. While we’re still calling it DevOps, we’re really expanding the definition of DevOps, and delivering it all as a single application.

Current Personas:

Application Types

The last prong is application types. There’s a bunch of things we’re great for, like cloud native web apps. And our customers have projects today that we could support better, like mobile apps. And then there’s a ton of stuff in the future to consider, like data science and ML.

Application types represent both different application types (web applications, mobile apps) and architectures (monorepos, microservices). Gitlab continues to deliver and replace the disparate DevOps toolchain for both static sites and traditional web applications. These are two examples of application types. We're actively investing in more robust support for new application types such as cloud native and mobile apps, but we aren't done there. GitLab will expand to enable collaboration on new application types. See the handbook for more details or the current maturity levels.

Current Application Types:

Future application types:

• Data science
• ML/AI
• Security research
• Gaming (LFS / Monorepo with many binaries)

Themes

Trend Towards Consolidation

Continuing apace in 2019 after Microsoft's 2018 acquisition of GitHub, the trend to consolidate DevOps companies seems here to stay. In January 2019, Travis CI was acquired by Idera, and in February 2019 we saw Shippable acquired by JFrog. Atlassian and GitHub now both bundle CI/CD with SCM, alongside their ever-growing related suite of products. In January 2020, CollabNet acquired XebiaLabs to build out their version of a comprehensive DevOps solution.

It's natural for technology markets go through stages as they mature: when a young technology is first becoming popular, there is an explosion of tools to support it. New technologies have rough edges that make them difficult to use, and early tools tend to center around adoption of the new paradigm. Once the technology matures, consolidation is a natural part of the life cycle. GitLab is in a fantastic position to be ahead of the curve on consolidation, but it's a position we need to actively defend as competitors start to bring more legitimately integrated products to market.

1-year Plan

For 2020, we have 5 key product themes we are focused on:

1. Enterprise Readiness: Make it easy for large enterprise customers to rapidly adopt and get value from GitLab. Relevant product direction themes include:
   • Enterprise ready GitLab management features
   • High availability Git and large repo support
   • GitLab is easy to deploy and operate
   • Consistently great user experience regardless of location or scale
   • Achieve enterprise compliance needs
2. Double down on strengths: Ensure our core product experience around Source Code Management and Continuous Integration remains best in class. Relevant product direction themes include:
   • Enhanced code review and realtime merge requests
   • Git availability and performance and large repo support
   • Speedy, reliable pipelines
   • Multi-platform support
   • Single application CI/CD
   • Do powerful things easily
3. World-Class Security for DevSecOps: Deliver fully integrated security experience, allowing customers to adapt security testing and processes to developers (and not the other way around). Relevant product direction themes include:
   • Security is a team effort
   • Shift left. No, more left than that
   • Shift right. Yes, right into operations
   • Provide actionable intelligence to ensure data-driven decisions
   • Bring your own security tools
4. Compete in Planning: Enable DevOps teams to rely solely on GitLab for all project and portfolio management needs. Relevant product direction themes include:
   • Improved Jira import, Kanban boards, roadmaps, requirements management, strategic planning, and reporting
5. Compete in Ops: Enable today's modern best-practices in operations without the burden of specialized teams, multiple tools and heavy workflows. Relevant product direction themes include:
   • Infrastructure and Observability as Code
   • Smart feedback loop
   • Operations for all
   • No-Ops

Maturity

As we add new categories and stages to GitLab, some areas of the product will be deeper and more mature than others. We publish a list of the categories, what we think their maturity levels are, and our plans to improve on our maturity page.

Scope

We try to prevent maintaining functionality that is language or platform specific because they slow down our ability to get results. Examples of how we handle it instead are:

1. We don't make native mobile clients, we make sure our mobile web pages are great.
2. We don't make native clients for desktop operating systems, people can use Tower and for example GitLab was the first to have merge conflict resolution in our web applications.
3. For language translations we rely on the wider community.
4. For Static Application Security Testing we rely on open source security scanners.
5. For code navigation we're hesitant to introduce navigation improvements that only work for a subset of languages.
6. For code quality we reuse Codeclimate Engines.
7. For building and testing with Auto DevOps we use Heroku Buildpacks.

Outside our scope are Kubernetes and everything it depends on:

1. Network (fabric) Flannel, Openflow, VMware NSX, Cisco ACI
2. Proxy (layer 7) Envoy, nginx, HAProxy, traefik
3. Ingress (north/south) Contour, Ambassador,
4. Service mesh (east/west) Istio, Linkerd
5. Container Scheduler we mainly focus on Kubernetes, other container schedulers are: CloudFoundry, OpenStack, OpenShift, Mesos DCOS, Docker Swarm, Atlas/Terraform, Nomad, Deis, Convox, Flynn, Tutum, GiantSwarm, Rancher
6. Package manager Helm, ksonnet
7. Operating System Ubuntu, CentOS, RHEL, CoreOS, Alpine Linux

During a presentation of Kubernetes Brendan Burns talks about the 4 Ops layers at the 2:00 mark:

1. Application Ops
2. Cluster Ops
3. Kernel/OS Ops
4. Hardware Ops

GitLab helps you mainly with application ops. And where needed we also allow you to monitor clusters and link them to application environments. But we intend to use vanilla Kubernetes instead of something specific to GitLab.

Also outside our scope are products that are not specific to developing, securing, or operating applications and digital products.

1. Identity management: Okta and Duo, you use this mainly with SaaS applications you don't develop, secure, or operate.
2. SaaS integration: Zapier and IFTTT
3. Ecommerce: Shopify

In scope are things that are not mainly for SaaS applications:

1. Network security, since it overlaps with application security to some extent.
2. Security information and event management (SIEM), since that measures applications and network.
3. Office productivity applications, since "We believe that all digital products should be open to contributions, from legal documents to movie scripts and from websites to chip designs"

Quarterly Objectives and Key Results (OKRs)

To make sure our goals are clearly defined and aligned throughout the organization, we make use of OKR's (Objective Key Results). Our quarterly Objectives and Key Results are publicly viewable.

Your contributions

GitLab's direction is determined by GitLab the company, and the code that is sent by our contributors. We continually merge code to be released in the next version. Contributing is the best way to get a feature you want included.

On our issue tracker for CE and EE, many requests are made for features and changes to GitLab. Issues with the Accepting Merge Requests label are pre-approved as something we're willing to add to GitLab. Of course, before any code is merged it still has to meet our contribution acceptance criteria.

How we plan releases

At GitLab, we strive to be ambitious, maintain a strong sense of urgency, and set aspirational targets with every release. The direction items we highlight in our kickoff are a reflection of this ambitious planning. When it comes to execution we aim for velocity over predictability. This way we optimize our planning time to focus on the top of the queue and deliver things fast. We schedule 100% of what we can accomplish based on past throughput and availability factors (vacation, contribute, etc.).

See our product handbook on how we prioritize.

Previous releases

On our releases page you can find an overview of the most important features of recent releases and links to the blog posts for each release.

Upcoming releases

GitLab releases a new version every single month on the 22nd. You can find the major planned features for upcoming releases on our upcoming releases page or see the upcoming features for paid tiers.

Note that we often move things around, do things that are not listed, and cancel things that are listed.

Moonshots

See moonshots.

Actionable feedback

Deployments should never be fire and forget. GitLab will give you immediate feedback on every deployment on any scale. This means that GitLab can tell you whether performance has improved on the application level, but also whether business metrics have changed.

Concretely, we can split up monitoring and feedback efforts within GitLab in three distinct areas: execution (cycle analytics), business and system feedback.

Business feedback

With the power of monitoring and an integrated approach, we have the ability to do amazing things within GitLab. GitLab will be able to automatically test commits and versions through feature flags and A/B testing.

Business feedback exists on different levels:

• Short term: how does a certain change perform? Choose A/B based on data.
• Medium term: did a particular new feature change conversions, engagement

• Long term: how do larger efforts relate to changes in conversations, engagement, revenue

• A/B Testing of branches

Application feedback

Your application should perform well after changes are made. GitLab will be able to see whether a change is causing errors or performance issues on application level. Think about:

• Response times of e.g. a backend API
• Error rates and occurrences of new bugs
• Changes in API calls

System feedback

We can now go beyond CI and CD. GitLab will able to tell you whether a change improved performance or stability. Because it will have access to both historical data on performance and code, it can show you the impact of any particular change at any time.

System feedback happens over different time windows:

• Immediate: see whether changes influence availability and alert if they do
• Short-medium term: see whether changes influence system metrics and performance

• Medium-Long term: did a particular effort influence system status

• Implemented: Performance Monitoring
• Status monitoring and feedback
• Feature monitoring

Execution feedback & Cycle Analytics

GitLab is able to speed up cycle time for any project. To provide feedback on cycle time GitLab will continue to expand cycle analytics so that it not only shows you what is slow, it’ll help you speed up with concrete, clickable suggestions.

• Cycle Speed Suggestions

ML/AI at GitLab

Machine learning (ML) through neural networks is a really great tool to solve hard to define, dynamic problems. Right now, GitLab doesn't use any machine learning technologies, but we expect to use them in the near future for several types of problems.

Signal / noise separation

Signal detection is very hard in a noisy environment. GitLab intends to use ML to warn users of any signals that stand out against the background noise in several features:

• security scans, notifying the user of stand-out warnings or changes
• error rates and log output, allowing you to rollback / automatically rollback a change if the network notices aberrant behavior

Recommendation engines

Automatically categorizing and labelling is risky. Modern models tend to overfit, e.g. resulting in issues with too many labels. However, similar models can be used very well in combination with human interaction in the form of recommendation engines.

• suggest labels to add to an issue / MR (one click to add)
• suggest a comment based on your behavior
• suggesting approvers for particular code

Smart behavior

Because of their great ability to recognize patterns, neural networks are an excellent tool to help with scaling, and anticipating needs. In GitLab, we can imagine:

• auto scaling applications / CI based on past load performance
• prioritizing parallelized builds based on the content of a change

Code quality

Similar to DeepScan.

Code navigation

Similar to Sourcegraph.

Audit events

Identifying anomalous activity within audit events systems can be both challenging and valuable. This identification is difficult because audit events are raw, objective data points and must be interpreted against an organization's company policies. Knowing about anomalous behavior is valuable because it can allow GitLab administrators and group owners to proactively manage undesireable events.

This a difficult problem to solve, but can help to drastically reduce the overhead of managing risk within a GitLab environment.