Patrick is a consistent contributor to GitLab Terraform Provider - contributing 2-3 releases every milestone. He not only contributes code, but also triages and reviews issues in the provider and contributes to dependencies. He also helps out in the GitLab community: with community hours, and also in Discord.
We are so appreciative of all that Patrick does, both in our codebase and for our wider community. There is no doubt that much of the success of the Terraform Provider can be attributed to him. Thank you, Patrick!
You can now configure projects to block merge request merges unless all external status checks pass. This allows you to confidently
rely on external systems as part of your GitLab workflows and ensure that all required steps are completed before the code is merged.
When configured, users can only merge merge requests if external status checks pass and the green checkmark is displayed on the merge request. If an
external status check is pending or failed, merging the merge request is blocked.
This feature is available to self-managed users, but is not enabled by default. You can enable this feature in Gitlab 15.5 and later with the only_allow_merge_if_all_status_checks_passedfeature flag. This feature is now enabled by default in GitLab 15.8 for SaaS users and will be enabled by default in GitLab 15.9 for self-managed users.
We are excited to announce the availability of migrating GitLab projects by direct transfer Beta. Now, you can migrate group and project resources together when using direct transfer. You can use direct transfers to migrate between GitLab instances or
within the same GitLab instance.
You don’t need to manually export each project to a file and then import all those export files to a new location. Now all projects
within a top-level group are migrated automatically, making your work more efficient.
When migrating from self-managed GitLab to GitLab.com, user associations (such as comment author) are not changed to the user who is importing the
projects. Migration using direct transfer maps users and their contributions correctly, provided
a few conditions are met.
This feature is available on GitLab.com. You can migrate from a self-managed GitLab to GitLab.com
To enable it on GitLab self-managed instances, see the linked documentation.
Learn more about migrating GitLab projects by direct transfer Beta and what’s coming next in our recent blog post.
Previously, when SAML SSO was enabled, groups could choose to enforce SSO which required all members to use SSO
authentication to access the group. However, some groups want the security of SSO enforcement for employees or
group members, while still allowing outside collaborators or contractors to access their groups without SSO.
Now, groups with SAML SSO enabled have SSO automatically enforced for all members
who have a SAML identity. A member has a SAML identity if one or both of the following are true:
They signed in to GitLab using their GitLab group’s single sign-on URL.
They were provisioned by SCIM.
Users without SAML identities are not required to use SSO unless SSO enforcement is explicitly enabled.
To ensure smooth operation of the selective SSO enforcement feature, please ensure your SAML configuration is
working properly before selecting the Enable SAML authentication for this group checkbox.
A key input in GitLab Runner fleet optimization is having deep insights into queue performance over time. While today there are historical queue duration metrics available for each job on a runner in the Admin Area view, there is no simple mechanism to determine the current queue performance for runners.
With the new estimated queue time feature, you are now able to, at a glance, determine the median estimated wait time for all instance runners. This data will enable you to proactively identify potential CI job execution issues for your organization’s developers and provide insights to inform decisions on configuration or resource changes to optimize your runner fleet.
Previously, GitLab validated personal access tokens only after migrations had started. This meant group migrations by direct transfer
could fail mid-migration because the personal access token didn’t have sufficient scope or was no longer valid.
Now we perform an early check and return an informative error when the scope is not sufficient or the token has expired. This avoids starting
migrations that will definitely fail.
Previously, access requests to a project appeared only in the Access requests tab in the Project members section. Now, access requests also appear in the project owner’s To-Do List. As a project owner, having access requests added directly to your To-Do List can help you manage your tasks more efficiently and add members quicker.
When a personal access token expires, you are sent an email notification. Previously, this email told you that the token expired, but did not provide the token name. This email now provides the token name, so you can identify which token expired.
Previously when migrating a GitLab group with direct transfer to GitLab.com, you had to migrate its projects as well.
Now you have the option to not include projects when migrating groups. This option is available in the UI and the API and you can choose
this option for each group separately or for all selected groups at once. The default is to a migrate group with its projects.
As part of group migration by direct transfer with project migration (in Beta), we have added a
new application setting so that
GitLab self-managed administrators can more easily enable this feature. Previously, administrators had to use feature flags to enable this feature.
This new setting must be enabled on both the source and target instances. Remember to also enable the bulk_import_projects feature flag if you
want to migrate projects with your groups.
We’re also releasing GitLab Runner 15.8 today! GitLab Runner is the lightweight, highly-scalable agent that runs your CI/CD jobs and sends the results back to a GitLab instance. GitLab Runner works in conjunction with GitLab CI/CD, the open-source continuous integration service included with GitLab.
GitLab Static Analysis includes many security analyzers that the GitLab Static Analysis team actively manages, maintains, and updates. The following analyzer updates were published during the 15.8 release milestone. These updates bring additional coverage, bug fixes, and improvements.
CodeClimate-based analyzer updated to version 0.89.0. See CHANGELOG for further details.
This version also adds support for setting DOCKER_CONFIG as an alternative to CI_REGISTRY_USERNAME and CI_REGISTRY_PASSWORD variables, thanks to a community contribution from @bitcasso.
KICS-based analyzer updated to version 1.6.6. See CHANGELOG for further details. This version improves existing rules.
Kubesec-based analyzer updated to automatically fetch Helm dependencies in Helm projects. See CHANGELOG for further details.
NodeJSScan-based analyzer updated to improve error logging. See CHANGELOG for further details.
Semgrep-based analyzer updated to version 1.3.0. See CHANGELOG for further details.
SpotBugs-based analyzer updated to fix an error where invalid line numbers could prevent vulnerabilities from being reported. See CHANGELOG for further details.
To remain on a specific version of any analyzer, you can pin to a minor version of an analyzer. Pinning to a previous version prevents you from receiving automatic analyzer updates and requires you to manually bump your analyzer version in your CI/CD template.
Previously, access requests to a group appeared only in the Access requests tab in the Group members section. Now, access requests also appear in the group owner’s To-Do List. As a group owner, having access requests added directly to your To-Do List can help you manage your tasks more efficiently and add members quicker.
GitLab has historically relied on system fonts, like San Francisco on macOS and Segoe UI on Microsoft Windows, for text in the user interface (UI). There are, however, limitations to using these, as each system font renders differently, and there are variations that can impact your experience with GitLab.
In the recent GitLab rebranding, we selected Inter as the primary typeface, and we’ve adapted it for use in the GitLab UI by enabling disambiguation features (increased distinction between some characters) by default. Because of this change, we’re including it under the name GitLab Sans in the open source package of GitLab.
We’ve also chosen JetBrains Mono for our code editors and any UI requiring monospaced text. You can read more about the design process for this font in the blog post and leave feedback here.
Newly created user profiles can now be made private by default. This instance-wide setting helps to comply with local data privacy laws and individual company agreements, for example with a works council. Users can still change the visibility of their profile page from the profile settings, and GitLab administrators can override this setting to make new profiles public.
GitLab now records audit events when an environment is set to protected and when it is unprotected. A protected environment is typically used for high-risk deployments, so it’s important to have an audit trail for when protection is removed or added.
In this release, we’ve added a Syntax options link to the search page to help you with complex queries. The drawer content provides syntax options for Advanced Search and serves as a quick reference for you when typing a query.
Bug fixes, performance improvements, and usability improvements
At GitLab, we’re dedicated to providing the best possible experience for our users. With every release, we work tirelessly to fix bugs, improve performance, and enhance usability. Whether you’re one of the over 1 million users on GitLab.com or using our platform elsewhere, we’re committed to making sure your time with us is smooth and seamless.
Click the links below to see all the bug fixes, performance enhancements, and usability improvements we’ve delivered in 15.8.