GitLab 11.11 Release

Serialized commit graphs to improve performance

Serialized commit graphs to improve performance

Many common Git operations require walking the commit graph, like computing merge bases, or listing the branches that contain a commit. These operations become slower as the number of commits grows because those walks require each object to be loaded from disk to read its pointers.

In GitLab 11.11, we have enabled the serialized commit-graph feature, which was introduced in recent Git releases, to compute and store this information in advance – significantly improving the speed of these traversals for large repositories. The commit graph will automatically be generated next time garbage collection is run on your repository.

You can learn more about how the serialized commit-graph was built in a series of blog posts written by the feature’s contributor.

Add-on CI Runner minutes have been extended to Free plans

Add-on CI Runner minutes have been extended to Free plans

Last month we added the ability to purchase add-on CI Runner minutes, but only to paid plans on GitLab.com. In this iteration, we have extended this feature to Free plans on GitLab.com as well.

Applying a suggestion now automatically resolves the discussion

Applying a suggestion now automatically resolves the discussion

Suggested changes make it easier to collaborate on merge requests – no more copy/pasting to accept a suggested change. In GitLab 11.11, we are making it even easier by automatically marking the discussion as resolved when the suggestion is applied.

More details for related merge requests

More details for related merge requests

When viewing an issue, it can be helpful to see other related issues, epics, and merge requests in order to gain as much contextual knowledge as possible. In GitLab 11.11, we are introducing more elements into the related merge request table, including status, path, ID, title, pipeline status, and assignees.

Access deployment details through Environments API

Access deployment details through Environments API

We have added the ability to request information on a specific environment to the Environments API, making it easier now to ask, “Which commit is deployed to my environment right now?” This will make automation and reporting easier for users of GitLab’s environments feature.

Run all manual jobs for a stage in one click

Run all manual jobs for a stage in one click

With GitLab 11.11, users who rely on stages with many manual jobs can now easily run all of the manual jobs in a given stage by using the Play all button located to the right of the stage name in the pipeline views.

API endpoint for vulnerability information

API endpoint for vulnerability information

You can now query the GitLab API to return all of the vulnerabilities identified within a project. With this API, you can generate machine-readable lists of vulnerabilities filtered by type, confidence, and severity.

Install Prometheus on Group-level clusters

Install Prometheus on Group-level clusters

In this release, GitLab provided the ability to attach a Kubernetes cluster to an entire group. We’ve also added the ability to install a single Prometheus instance to that cluster, making monitoring of all the projects within that cluster easier.

Create custom metric charts from the dashboard view

Create custom metric charts from the dashboard view

Create new charts for custom performance metrics directly from the toolbar of your metrics dashboard. Users can now create, update, and delete metric visualizations within the dashboard view by clicking on the Add Metric button in the upper right-hand corner of the dashboard toolbar.

Auto-save epic descriptions to local storage

Auto-save epic descriptions to local storage

Epic descriptions have not been saved to local storage, often leading to changes being lost if they aren’t actively saved while editing an epic issue description. In GitLab 11.11, we are now saving epic descriptions to local storage. This means you can easily pick back up the work of editing an epic description in the event of an error, distraction, or accidental browser exit.

Repository read-write scope for personal access tokens

Repository read-write scope for personal access tokens

Many personal access tokens rely on api level scoping for programmatic changes, but full API access may be too permissive for some users or organizations.

Thanks to a community contribution, personal access tokens can now be scoped to only read and write to project repositories – preventing deeper API access to sensitive areas of GitLab like settings and membership.

Thanks to Horatiu Eugen Vlad for the contribution!

Sign in with Salesforce user credentials

Sign in with Salesforce user credentials

GitLab loves Salesforce developers, and an important step in supporting this community is allowing users to log into GitLab with their credentials from Salesforce.com. Now, instances can configure GitLab as a Salesforce-connected app and use Salesforce.com to sign into GitLab with a single click.

Recently created or modified filters for epics API

Recently created or modified filters for epics API

Querying recently created or modified data has been difficult using the GitLab epics API. In 11.11, we are adding additional filters created_after, created_before, updated_after, and updated_before to ensure consistency with the issues API and easily find epics that were modified or created recently.

Omnibus improvements

Omnibus improvements

The following improvements have been made to Omnibus in GitLab 11.11:

• GitLab 11.11 includes Mattermost 5.10, an open source Slack-alternative whose newest release includes interactive ephemeral messages and much more. This version also includes security updates and upgrade from earlier versions is recommended.
• Grafana has been bumped to 1.1.0 to pick up the latest Omnibus dashboards.
• PostreSQL 10 is now bundled with Omnibus.
• Sentry client-side DSN to be passed to gitlab.yml.
• Update RubyGems to 2.7.9.
• Update liblzma to 5.2.4 from 5.2.2.
• Update libtool to 2.4.6.
• Ensure postresql is started after pg-upgrade command.
• Update Prometheus components to the latest versions.
• Update git to 2.21.0.

Performance improvements

Performance improvements

We continue to improve the performance of GitLab with every release for GitLab instances of every size. Some of the improvements in GitLab 11.11 are:

• Speed up users autocomplete when many avatar paths are in the response
• Reduce Sidekiq payload when removing todos
• Compute GraphQL resolver complexity based on items
• Improve performance of the global search for issuables
• Impove the performance of expanding full diff
• Ensure that we only request blobs in one batch
• Avoid loading Wiki Pages content when listed
• Don’t create a temp reference for branch comparisons within project

OpenID Connect authentication support

OpenID Connect authentication support

OpenID Connect is an identity layer built on OAuth 2.0, designed specifically for authentication. Thanks to a community contribution, GitLab now supports sign-in with an OpenID Connect provider.

Thank you, Horatiu Eugen Vlad, for the contribution!

Download archives of directories within a repository

Download archives of directories within a repository

Depending on the type of project and its size, downloading an archive of the entire project may be slow or unhelpful – particularly in the case of large monorepos. In GitLab 11.11, you can now download an archive of the contents of the current directory, including subdirectories, so that you download only the files you need.

Thank you, Kia Mei Somabes, for the contribution!

View time tracking in sidebar of board view

View time tracking in sidebar of board view

Issue sidebars should be consistent in both board and issue views. GitLab is moving towards this consistency by introducing time tracking into the issue sidebar view while on an issue board. Simply navigate to an issue board, click on an issue to pull up the sidebar, and easily view time tracking information.

Negative variable matching for pipeline rules

Negative variable matching for pipeline rules

You are now able to test for negative equality or pattern matches (!= and !~) in your .gitlab-ci.yml when checking the values of environment variables, giving more flexibility to control the behavior of your pipelines.

Create a file directly from an environment variable

Create a file directly from an environment variable

One common use of environment variables is to create a file, particularly for secrets that should be protected and only available on a certain environment’s pipeline. You would do this by setting the variable content to the file content, then create a file in your job that contains the value. Using our new file type environment variable, you can do this in one step without having to modify your .gitlab-ci.yml.

Full dynamic scans are now an option for DAST

Full dynamic scans are now an option for DAST

With GitLab you can perform Dynamic Application Security Tests (DAST) as part of your CI pipeline. Starting in this release, you can now specify to use a full dynamic scan instead of the standard passive one. Using the full dynamic scan provides protection against a greater number of vulnerabilities.

Dismissal details on security dashboard

Dismissal details on security dashboard

In GitLab Security Dashboards, security administrators can review dismissed vulnerabilities. In order to make their workflow more streamlined, we’ve added the ability to see the details of any dismissal directly in the Security Dashboard.

Issues from alerts now opened as GitLab Alert Bot user

Issues from alerts now opened as GitLab Alert Bot user

Issues that are opened from alerts will now be authored by the GitLab Alert Bot, providing clear indication that the incident was created automatically from an important alert.

Pull mirroring support for Git LFS

Pull mirroring support for Git LFS

Repository pull mirroring allows you to replicate Git repositories from one location to another. This makes it easy to keep a replica of a repository hosted elsewhere on your GitLab server. GitLab now supports pull mirroring repositories which use Git LFS, so that you can mirror repositories with large files, like textures for game development or scientific data sets.

Add basic support for group GraphQL queries

Add basic support for group GraphQL queries

GraphQL APIs allows users to request exactly the data they need, making it possible to get all required data in a limited number of requests. In this release, GitLab is now supporting basic group information support in the GraphQL API.

SAML SSO now enforced on web access

SAML SSO now enforced on web access

We’re building on the SSO enforcement on the group level introduced in 11.8 with a persistent check on group and project resources, only allowing access if the user has signed in with SAML. This provides an extra layer of access control for security-conscious organizations on GitLab.com using SAML SSO; now, you can enforce SSO with the knowledge that the users of your group are using SSO.

Sign in with UltraAuth biometric authentication

Sign in with UltraAuth biometric authentication

UltraAuth is a company specializing in passwordless, biometric authentication. We’re excited to support their authentication strategy in GitLab!

Thanks to Kartikey Tanna for the contribution!

GitLab Runner 11.11

GitLab Runner 11.11

We’re also releasing GitLab Runner 11.11 today! GitLab Runner is the open source project that is used to run your CI/CD jobs and send the results back to GitLab.

• Fix git lfs not getting submodule objects
• Optimize trace handling for big traces
• Allow to configure Feature flags using config.toml
• Allow to use FF to configure /builds folder
• Add PowerShell support for Docker Executor
• Support windows docker volumes configuration

Chart improvements

Chart improvements

The following improvements have been made to Helm Charts in GitLab 11.11:

• GitLab 11.11 includes the ability to attach a volume for tmp/work directory storage
• Additional configuration options are now available to administrators including memoryKiller, maxRss, graceTime, and shutdownWait.
• Helm charts are now continuously tested on Amazon’s Elastic Container Service for Kubernetes (EKS)