See the SCM Solution.
The page below is intended to align GitLab sales and marketing efforts with a single source of truth for our go-to-market efforts around Source Code Management.
|Product Marketing||Technical Marketing|
|Saumya Upadhyaya||William Galindez Arias|
Software Delivery Automation allows organizations to automate manual, repetitive tasks from their SDLC to improve the overall velocity of the software factory and increase collaboration across dev and ops. This includes both application and infrastructure automation.
From a GitLab capabilities point of view - it includes DevOps essentials like SCM, CI, CD, GitOps and AutoDevOps.
Source Code Management is one part of the Software Delivery Automation solution. See how Source Code Management fits into the overall Software Delivery Automation solution.
As organizations accelerate delivery, through DevOps, controlling and managing different versions of the application assets from code to configuration and from design to deployment is incredibly important. Velocity without robust version control and traceability is like driving a car with out a seatbelt.
Source Code Management is more than simply tracking changes, versions, and branches of code. Effectively, it includes practices such as:
In general, version control is required because software is constantly changing. Regardless of the stage of development, there will be change to deal with.
No matter where we are in the system life cycle, the system will change, and the desire to change it will persist throughout the life cycle.
E.H. Bersoff, 1980.
Companies that excel at source code management create high quality code while integrating it at high frequency.
Being the entry point to GitLab means that many user personas find utility and a solution to their problem in Source Code Management. Let's go through the list of power user personas and describe briefly their key motivations to use Source Code Management in GitLab:
Source Code Management purchasing typically do not require executive involvement. It is usually acquired and installed via our freemium offering without procurement or IT's approval. This process is commonly known as shadow IT and its a great opportunity for us to eventually become a paid for service. When the upgrade is required the VP of IT is the most frequent decision maker. The influence of the VP Application Development is notable too to the owner of the budget.
Research relevant to this use case can be found in the Analyst Reports - Use Cases spreadsheet.
Market Requirements is a collection of capabilites we recognize are present in the Source Code Management use case. People looking to solve this use case will consider fundamental that at least one, if not all of these requirements is present in the solution they implement. To gather these in a way that represents the market with acuracy we collect data from several sources like analysts, users, competitors and thought leaders.
|Market Requirement||Description||Typical features that enable this capability||Value / ROI|
|Protect and secure assets||The solution provides mechanisms to host (repos) project assets (source code, designs, graphics, media, etc), place and manage different change permissions for the users that access those repos as well as keep a detailed chain of custody of all changes these assets are subject of.||Single sign-on, code ownership, change reviews, change approvals, IP Allowlist/Denylist, Activity stream, GPG signed commit, Reject unsigned commits, Protected branches, branching, committer access rules, Compliance dashboard etc.||Secures IP and valuable assets. Provides information on project history changes|
|Enterprise Ready||The solution is robust enough to make critical functionality available at large scale, widely distributed teams in highly regulated markets. It supports multiple project structures from monorepos to service-oriented architectures such as microservices.||Geo, Geo High Availability, Disaster Recovery, Git protocol v2 support, Deduplicate Git objects for forked repositories, Download single repository files, fast and responsive application, project templates, file templates, access controls, and traceability.||Prevents outages and disruptions of development team work. Enables traceability to authors of changes to address defects or bugs in the product and auditability throughout|
|Supports numerous assets||The solution is able to manage and maintain the version history of the diverse assets and support the development patterns that each asset implies||Component reuse, traceability, design management, branching, diffing, merging, object storage, design versioning||Able to manage assets and files for the entire development team, no matter how diverse, creating a single source of truth for the product configuration and making visibility and communication available at every level|
|Foster Collaboration||The solution is designed to enable and foster collaboration among team members. The collaboration system includes manual gates and approvals as well as automated workflows.||Create fast new branches of the project, add new files/assets, collaborate on proposed changes, review comments, suggest changes, webIDE, suggestion approvals, conflict resolution, merge, diffing, hand-offs, Design management and operations, workflow automation, Wiki, snippets, version controlled snippets, Automatically update or close related issue(s) when a merge request is merged, Configurable issue closing pattern, display merge request status for builds in CI system, visibility into security scans and build stats.||Code quality increase and improved release velocity through team review and validation.|
|Secure Development||The solution allows for security practices to be enabled at the creation phases of the project||Dependency scanning, SAST, License compliance scanning, DAST, Container scanning||Increasing resilience to external attacks, internal threats and ability to resume activity promptly|
|Market Requirements||How GitLab Delivers||GitLab Stage/Category||Demos|
|Protect and secure assets||GitLab has built in access control: LDAP, Active Directory, SAML, SSO. In-app access controls include user roles with different levels of access and permissions. The IP hosted in repos can be stored and accessed through repos, projects, and groups. There are mechanisms to restrict and track changes to the IP like protected branches, protected tags, push rules, MR approvals, and Codeowners. Finally, admins are able to control events and stop non compliant ones through audit events, block users, credentials inventory, License Compliance and Compliance Dashboard.||Create stage: SCM, Code Review
Manage stage: Compliance Management
Release stage: Release evidence
| Control Changes to Product Development Assets
Manage, Track and Maintain Access
Blog post: How GitLab protects your IP
|Enterprise Ready||GitLab provides capabilities to serve huge, geographically distributed teams organized into groups, subgroups, and projects with high availability requirements. GitLab SCM supports [Geo](https://docs.gitlab.com/ee/administration/geo/index.html replicates GitLab instances to create a Disaster Recovery system for failover scenarios. Gitaly Clusters makes Git highly available for every team, hosted in gitlab.com or on prem||Manage stage: Subgroups Code Analytics
Create stage: Source Code Management which includes- Gitaly
Enablement stage: Geo
| Enterprise ready
Support different system architectures and designs
Enterprise Ready - Project Templates
|Support numerous assets||Repositories can host numerous types of assets such as Source Code, data narratives in Jupyter notebooks for annotated, data-driven projects, and rendered markup like GitLab flavoured Markdown, Markdown, RDoc, AsciiDoc, and Org in wikis. GitLab also hosts graphic assets and support the handover communication in issues||Create stage: SCM, Design Management, Wiki
|Support numerous assets|
|Foster Collaboration||GitLab is a platform to collaborate on proposals. Change proposals happen in any project through merge requests. Collaboration then can happen in multiple places like in threaded conversations for clarity, or in merge request approvals where changes can be approved or rejected. To understand the proposed changes a detailed vision of the changes is found in resolving conflicts, code reviewers can comment on specific code line, suggest changes applicable in one click, or propose to use code snippets. All these actions connect the different users through plenty of in-app, chat (Slack or Discord) or email notifications||Create stage: SCM, Code Review, WebIDE, Single file web editor, Live Preview, Snippets
Manage stage: Code Review Analytics, Insights
Plan stage: Issue tracking
Verify stage: Code Quality
|Secure Development||GitLab incorporates several security capabilities to make development more secure even before build happens. They can detect secrets and license compliance issues, find vulnerabilities in source code or in its dependencies before merging, find vulnerabilities in running apps before merging too, and in containers too. These capabilities can even reproduce what thousand of users input in seconds to detect faults and other issues with Fuzz testing||Secure stage: SAST, DAST, Fuzz Testing, Dependency Scanning, Container Scanning, License Compliance, Secret Detection, Security Dashboard||Secure Development Also see DevSecOps resources|
|Distributed version control||It allows for asynch, remote, collaborative work to flourish since a single copy of the complete project's history can be stored in any machine, branching is easy and powerful so almost endless workflow possibilities open in opposition to centralized VCS like Perforce or CVS. All the information different teams produce while collaborating on source code and other digital assets in GitLab can be easily analyzed, authorized and streamlined from the Merge Request with clockwork precision. This, in turn, allows for team leads to correctly implement best practice workflows like GitLab Flow||– Stackoverflow's 2018 survey data states that 87% of respondents use Git (jump from 69% in 2015) instead of other centralized and distributed VCSs. Similar trend is captured in the Open Hub data. In 2019, Stack Overflow didn't even ask the question in the same survey. – Gartner's Market Guide for Software Change and Configuration Management from 2015 lays out clearly the advantages of DVCS. In 2019 Gartner assess SCM as part of Application Release Orchestration of which GitLab is a challenger as of 2019 – Google trends since 2004 compared to other DVCS and CVCSs.||Distributed Version Control|
|Single Application||The ability to connect every phase of the Software Development Lifecycle in one single DevOps platform. One data layer, one design system, one set of commands to manage all the different stages of software design, development, build and deployment||General proof points of the single app||Single Application|
|Product Development Management||GitLab is the only product that increasingly provides collaboration functionality to Product teams that work not only with source code but also and IP, graphic assets, animations and binaries to mention a few.||Forrester's Adopt Product Management to Connect Design and Development clearly states that "Siloed Design And Dev Teams Deliver Subpar Software"||Product Development Management|
A message house contains all the pieces of content that will clearly convey GitLab's values and differentiators in each touch point with prospects and clients. Each touchpoint should be worth their while and should also be relevant in their relationship with GitLab in order to move the needle in their decision-making process. In other words, every single item of the message house is in context with each persona, connect with their intents, resonates with their inflection points (value drivers) and provides an easy narrative of the SCM use case to lay out next steps and make progress.
The message house for the use case provides a structure to describe and discuss the value and differentiators for the use case.
The sample discovery questions below are meant to provide a baseline and help you uncover opportunities when speaking with prospects or customers who are not currently using GitLab for SCM. See a more complete list of questions, provide feedback, or comment with suggestions for GitLab's SCM discovery questions and feel free to contribute!
GitHub documentation: GitHub automatically redacts secrets printed to the log, but you should avoid printing secrets to the log intentionally. You cannot mask variable with GitHub Actions (with GitLab you can)
There are no Epics within GitHub
(pending verification) “security alerts for vulnerable dependencies” of GitHub need that your GitHub instance should be connected to GitHub Enterprise Cloud (no air-gapped version)
Chances are they haven’t used it yet because it’s in pre release. But even so, an excellent time to mention the webIDE: light weight, embedded in GitLab’s GUI, configurable, linting… If they mention the Super Linter recently released in GitHub you can mention our CodeQuality feature that supports almost as many languages as Super Linter and the fact that Super Linter can be run without much hassle in GitLab
GitHub Enterprise provides Organization level Analytics (Insights) on a separate self-managed server and requires the GitHub One License.
Amongst the many competitors in the DevOps space, GitHub, Perforce, Azure DevOps, SVN are the closest competitors offering SCM capabilities. Phabricator, Gerrit, GitHub, BitBucket, Azure DevOps, Crucible, Review Board, Reviewable, CodeStream, GitLens, VS Live Share and Gitpod are the closest offering Code Review capabilities. Cloud9, Codesandbox, Repl.it, Koding, StackBlitz, Theia, Gitpod, Coder, VS Online are the closest competitors offering a webIDE. Psatebin, Blocks, Gist.io, Bitbucket Snippets, Codesandbox, JSBin, JSFiddle, Codepen are the closest offering snippets. Invision, Figma, UX Pin are the closest competitors offering Design Management capabilities.
For a list of analysts with a current understanding of GitLab's capabilities for this use case, please reach out to Analyst Relations via Slack (#analyst-relations) or by submitting an issue and selecting the "AR-Analyst-Validation" template.
Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates. Obvious typos have been amended.
"The software is intuitive and quite easy to use. Since many software development projects require more than one person, this makes it easy to create teams and collaborate."
- Quality Engineer, Gartner Peer Review
"Improves productivity of engineers by providing easy and fast ways to keep feature branches and merge them quickly and efficiently."
- Engineering Manager, Gartner Peer Review
"Keeps your software projects under control. Rogue developers are kept at bay via enforced review processes and pipelines."
- Engineer, Gartner Peer Review
"For managing git repositories it is the best product available right now in the market."
- Sr. Software Engineer, Gartner Peer Review
"This has really aided in our ability to automate software delivery and return wasted overhead back to the pool of resources! This is a very simple to use and fast delivery tool to assist your code pipeline."
- Project Manager, Gartner Peer Review
"We use this platform in our company to version our source [code] ensure they are up to date and as a backup option. It enables us build scalable and high quality products. Ease of use and compatible with most development environments."
- Sr. Software Developer, Gartner Peer Review
"I appreciate its ability to run limitless. It has various features like issue tracker, protected branches and merge requests, which gives very nice experience."
- Sr. Software Engineer, Gartner Peer Review
"GitLab is a very useful SCM. In our [organization] we have used it as a source code repository. We have extensively used branching and tags creation feature. As we work in a sprints, we have several sprint and feature branches."
- Lead Developer, Gartner Peer Review
"GitLab is a superb version control and collaboration [provider]."
- Systems Engineer, Gartner Peer Review
"Before GitLab, we used to make local copies of code or backup the code and then pass on the code through the server. But if our organization knew about GitLab from start, we would have immediately integrated with our development practises for ease of deployment."
- Software Developer, Gartner Peer Review
NorthWestern Mutual Commit San Francisco 2020: Why we chose GitLab as our Enterprise SCM Deck
The following section provides resources to help CSMs lead capabilities adoption, but can also be used for prospects or customers interested in adopting GitLab stages and categories.
This table shows the recommended use cases to adopt, links to product documentation, the respective subscription tier for the use case, and product analytics metrics.
|Feature / Use Case||F/C||Basic||S/P||G/U||Notes||Product Analytics|
|Adopt GitLab Flow||X||X||X||X|
|Native Highly Available / Performance Git Storage Support||X||X||X||X||Technical Support for Gitaly Cluster only availabe for Premium/Utlimate||gitaly.clusters|
|Simplify Repository Management||X||X||X||CodeOwners file, push rules||usage_activity_by_stage_monthly.create.merge_requests_with_required_codeowners|
|Merge Request Approval Workflow||X||X||X||MergeApproval||redis_hll_counters.code_review.i_code_review_user_approve_mr_monthly|
|Templates for efficient workflows||X||X||Project templates, Group/Instance templates for gitlab-ci.yml etc||counts.template_repositories|
|Commit Protection||X||X||Reject Unsigned Commits, Verified Committer|
|Large distributed team||X||X||GitLab Geo||counts.geo_nodes|
|Repository Protection||X||IP Allowlist/Denylist|
The table includes free/community and paid tiers associated with GitLab's self-managed and cloud offering.
The following will link to enablement and training videos and content.
GitLab offers a variety of pre-packaged and custom services for our customers and partners. The following are service offers specific to this solution. For additional services, see the full service catalog.
Why choose GitLab Premium for SCM? Make your projects always available and keep all teams connected throughout the globe. With Premium access to source code and global collaboration is as trivial as pair programming in the office.
GitLab's GEO functionality can improve download speeds 300% by removing network frustration from globally distributed teams. It enables innovation at scale without compromising performance, security and uptime, especially combined with Gitaly Clusters which means High Availability, high performance, and disaster recovery.
Serve your different remote teams with filtered LDAP access to specific IP hosting repos. Be able to request signed commits and enforce collaboration rules like code review rules. Leverage the power of Git protocol v2, sparse checkout and partial clone to have the most relevant copy of the centralized repo anywhere, anytime.
Key features with Premium:
Why choose GitLab Ultimate for SCM? Keep your IP and teams compliant and secure all the time. Provide GitLab admin’s with state of the art capability to handle large, widely distributed instances of GitLab in the most secure and flexible way. Verify everything is in place and take immediate, concise action when something goes wrong in the Security Dashboard.
Compliance programs are fully supported in GitLab. Compliance professionals can use the Compliance Dashboard to promptly find the information they need by having the relevant information surfaced from the different projects to the dashboard. Time required to manage compliance needs is thus dramatically reduced.
Key features with Ultimate: