GitLab 10.4 released with Dynamic Application Security Testing and Web IDE (beta)

Reordering Issues in Epics

Epics allow you to manage a list of associated issues that together share a theme. Often an epic represents a large feature that has been separated into multiple issues to be worked on across multiple milestones.

Depending on an organization’s workflow, they may want the list order in epics to reflect different scenarios. This could be priority, difficulty, feasibility, or order of implementation.

Some organizations might want to put closed issues near the top, while others might want them near the bottom. With this release, users can now reorder the issues in an epic by simply dragging and dropping, similar to that in Issue Boards.

Group Issue Boards API

Similar to Project Issue Boards, you can now manage Group Issue Boards through the API, starting in this release, providing further flexibility and opportunities for automation in managing your individual team workflows.

For example, some teams have certain custom business requirements to move issues automatically between board columns under certain conditions. This is now possible for group issue boards through the API.

Fast SSH key lookup in CE

When authorizing a user, OpenSSH uses linear search to find a key. This means that SSH operations become slower as the number of users on a GitLab instance grows. For large instances significant time and disk I/O may be required to fulfill a request, making Git over SSH slow.

In GitLab 9.3 fast SSH key lookup was added to GitLab EE. This authorizes SSH users via a fast, indexed lookup in the GitLab database instead of the default slow linear search. GitLab CE is designed for small teams, and as a result did not previously include this optimization. However, in support of GitLab’s Cloud Native Helm Charts, all parts of the code base will need to support fast SSH key lookup and has thus been added to GitLab CE.

GitLab Geo support for HA now Generally Available

In GitLab 10.2 both Geo and Postgres HA individually reached general availability (GA), but the use of Geo in combination with HA was considered Beta.

Configurations using GitLab Geo in combination with HA are now considered GA. This allows geographically distributed teams to enjoy faster Git fetch operations using GitLab Geo and the increased redundancy of highly available configurations

Improved environment performance dashboard

In GitLab 10.4 we have improved the design of the environment performance dashboard, which displays the system and response metrics captured by Prometheus.

Now, when reviewing metrics at a specific point in time, they are clearly displayed on the hover over instead of in the chart’s legend. In an upcoming release, we will add summary metrics to the legend, displaying statistics such as the maximum throughput, or average latency over the time span.

Clear the Runner cache

GitLab Runner uses a cache to speed up execution by reusing existing data between different jobs. But sometimes it leads to inconsistent behaviors, for example, when the local copy of the repository is modified by one job, and the new changes impact the execution of the following one.

In GitLab 10.4, we introduce a new button in the Pipelines page that can be used to clear any existing cache for the specific project and start fresh with a new one. This immediately solves the problem of “dirty” runs.

Run a scheduled pipeline manually

Scheduled pipelines are very useful to run recurring jobs without a manual action by the user. They are normally used to perform maintenance tasks, or to create nightly builds for your software. But sometimes that exact scope is also needed on-demand, and recreating the same environment (e.g., adding custom variables) can be hard and time consuming.

GitLab 10.4 introduces the ability to run a scheduled pipeline manually, directly from the web interface: a “play” button can be found for each schedule in the list, and running the pipeline is just as simple as a click.

Omnibus improvements

• GitLab Mattermost version 4.5 includes Zoom plugin for video, audio, screen sharing, and much more.
• CA certificates have been updated to 2017.09.20
• GitLab Monitor has been updated to 2.4.0
• Ruby has been updated to 2.3.6
• Go based libraries such as Registry, Workhorse, and Prometheus are built with Go 1.9.2

Epics API

With this release, the GitLab API supports Epics. So you can now manage individual epics, lists of epics, and all epic attributes (title, description, and dates) through the API, allowing your team to create custom and/or automated workflows outside of GitLab.

Managing the list of issues associated with an epic is also supported, including the newly introduced reordering capability.

Easily deploy Prometheus on Kubernetes

GitLab can now deploy Prometheus into a connected Kubernetes cluster with a single click, making it easier than ever to begin monitoring the performance of your application. System metrics like processor and memory utilization latency are automatically retrieved from Kubernetes, and response metrics like latency and throughput are available with a supported ingress. To get started, connect a cluster at CI/CD > Clusters.

If GitLab has network connectivity to Prometheus, Prometheus integration can be enabled to analyze and display these metrics directly within GitLab. In the next release, GitLab 10.5, integration will be automatically enabled and will not require direct network access, offering seamless integration.

Status icon for LFS-tracked files

Identify which files are tracked by Git LFS with the new LFS tracking status icon shown in blob views and file lists, including the merge request change list. This makes it possible to verify binary files are correctly tracked by LFS when reviewing a merge request.

Browser Performance Testing now included in Auto DevOps

In 10.3 we added Browser Performance Testing to easily determine the performance impact of a change for web apps, prior to merge. To use this feature, it was necessary to add an additional job to your .gitlab-ci.yml and adapt to your needs.

In GitLab 10.4, Browser Performance Testing is now included in Auto DevOps as well, providing automatic performance analytics of the root page with zero configuration.

If you’d like to test add additional pages, simply add the relative paths to a .gitlab-urls.txt file in the root directory of the repository.

Support for openSUSE Leap 42.3

With GitLab 10.4, Omnibus packages are now available for openSUSE 42.3.

This will be the last release with support for openSUSE 42.2, as it is being officially discontinued.

GitLab Clusters now Generally Available

With GitLab 10.4, we are proud to announce that the Kubernetes cluster integration is now Generally Available! You can connect your existing clusters to your project, or create new ones on Google Kubernetes Engine (GKE) with a few clicks of your mouse, using the new Clusters page, under the CI/CD section.

The old Kubernetes integration service is still accessible, but it can be used only if it was enabled before the upgrade to GitLab 10.4. In the upcoming releases, the existing data will be migrated to the new Cluster page and the integration page will be eventually removed. Service Templates, available in the Admin area, are working as usual.

GitLab Runner 10.4

We’re also releasing GitLab Runner 10.4 today! GitLab Runner is the open source project that is used to run your CI/CD jobs and send the results back to GitLab.

The most interesting changes:

• Add (overwritable) pod annotations for the Kubernetes executor
• docker.allowed_images can use glob syntax in config.toml
• Add support for user-defined Docker runtime
• Do not use git config --local as it’s not available in Git v1.7.1

List of all changes can be found in GitLab Runner’s CHANGELOG.

Performance improvements

We are continuing to make great strides in improving the performance of GitLab in every release. We’re committed not only to making individual instances of GitLab even faster but also greatly improving the performance of GitLab.com, an instance that has over one million users!

In GitLab 10.4 we are shipping performance improvements for issues, merge requests, repositories and API. Some of the more noteworthy improvements include:

• Drastically improved filtering performance of issues by label
• Improve query performance of retrieving merged and closed event information for the merge request widget
• Improve performance and reduce memory usage of calculating commit stats
• Prevent cache misses for empty markdown and HTML strings
• Soft removals of data such as issues and merge requests has been removed, simplifying database queries. Any soft removed data will be removed physically in this release.
• Fix N+1 query problem when displaying a project’s Atom feed reducing the loading time of Atom feeds
• Fix N+1 query problem in the projects build API