GitLab 10.7 is out: Game-changing additions and improvements
GitLab, determined, as always, in getting things done introduces significant additions and some minor improvements in order to make the life of developers easier and more efficient.
With the release of 10.7, GitLab holds true to its principles of Getting Things Done. Major additions and some minor adjustments promise to offer the highest level of ease and efficiency for developers. From rendering Web IDE open source to expanding the language support list for SAST, GitLab is sure to gain a lot of attention.
Let’s have a closer look at all the important features of the new release.
Everyone is welcome!
With the release of 10.7, the Web IDE is now open source and widely available. GitLab values users’ contribution and aims to accommodate the needs of both beginners as well as experienced developers in the git environment. Web IDE, as presented with its beta version in GitLab 10.4, offers faster solutions for issues like writing small fixes, correcting typos or resolving merge request feedback by simply eliminating the need to stash changes and switch branches locally. Now, it becomes open source as well so everyone can benefit.
Go SAST, Go!
GitLab does not take security testing lightly; on the contrary, the new features are part of the company’s product vision of Complete DevOps. The new security testing tools of Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) were introduced in GitLab 10.4. With this month’s release, GitLab expands the list of supported languages for SAST to include Go and C/C++.
Up until now, SAST would only support Java, Ruby and Python. As Go becomes more and more relevant and companies tend to increasingly use it for their projects, it was a must that SAST ought to include Golang in its supporting list. However, it is still in an experimental stage, unlike C/C++ which have been fully integrated into the SAST support system.
Long live the tokens
Another feature introduced in GitLab 10.7 is the addition of Deploy Tokens. When working with containers, there is the need to grant access to the registry and repository which used to be done in two possible ways. The first one is using CI job tokens that would expire with the completion of the job and the second is the use of Personal Access Tokens that do provide long-term access; they are, however, tied to a specific user. Deploy Tokens, on the other hand, provides long-lived read-only authentication.
P.S. Check out what the Head of Product for GitLab had to say on what to expect of DevOps in 2018:
JAXenter: Do you think we’ll see more developers running containers in production on Kubernetes?
Mark Pundsack: Containers are a core pillar of DevOps, but in 2018 they will hit a tipping point where we’ll see more developers running containers in production on Kubernetes than not.
JAXenter: Speaking of a DevOps context, what will the role of the cloud be? Are cloud computing architectural principles essential to DevOps success?
Mark Pundsack: I think that cloud computing poses a huge benefit to the success of DevOps. While it’s possible to do DevOps without cloud computing architectures, cloud-native is the basis for many successful DevOps transformations. Developers can schedule and orchestrate elastically and be more responsive and efficient by working with cloud architectures (whether in the public cloud or a cloud in your own datacenter).
For example, developing locally with Docker makes the transition to running in production much easier. And having an elastic cloud platform available during development allows developers to easily spin up ephemeral applications for testing as-needed rather than having to manage scarce shared resources.
JAXenter: Can containers enhance a company’s DevOps transformation? Is containerization part of the future of DevOps?
Mark Pundsack: It is hard to imagine a DevOps transformation that doesn’t involve containers. Containerization allows developers to move faster, optimize usage of resources and decouple code at the right granularity. Containers are a base-level part of DevOps and allow developers to ensure that their software will run, no matter where it is deployed. In 2017, it became clear that more developers and enterprises are using Kubernetes in production to assist with container management. In 2018, this trend will continue to prosper.
See the full interview here.