Our customers are scaling their DevOps practices and with growth comes the need for even greater efficiencies and automated controls. The GitLab Kubernetes Agent is now available on GitLab.com to help you benefit from fast, pull-based deployments to your cluster, while GitLab.com manages the necessary server-side components of the Agent.
We also have a host of features to improve pipeline efficiency and measurement, to provide On-call Scheduling, and even more security enhancements. These are just a few of the 50+ significant new features and improvements in this release.
Controls to help you grow safely and efficiently
Controls can keep your automation on track as you grow and scale while simplifying compliance efforts. The GitLab Kubernetes Agent is core to GitLab's Kubernetes integrations and is now available on GitLab.com. The Agent-based integration supports pull-based deployments which are preferred by security and quickly becoming a popular method for Kubernetes deployment practices.
The agent also supports Network Security policy integration and alerts which enables fine-tuned RBAC controls within your clusters. Compliant Pipeline Configurations let you enforce a higher degree of separation of duties and reduce your business risks by defining enforceable pipelines that will run for any project assigned a corresponding compliance framework.
At the same time, Custom Compliance Framework Labels allow you to use your own requirements beyond the usual ones like PCI, HIPPA and such. The new Admin Mode increases security and control of your GitLab instance by requiring admin users to reverify their credentials before running administrative commands. Audit reports are easier now too with a new export feature in your self-managed GitLab instance to see, all in one place, what groups, subgroups, and projects users have access to.
“Speedy, reliable pipelines” is one of our core product themes, and we’ve delivered on that promise this month with a host of pipeline improvements.
The Pipeline Editor helps you get to work even faster and stay more productive once you begin. The new Empty State enhancement will allow new users to begin working with the pipeline editor on a new, blank pipeline file without having to create a config file first.
The ability to configure multiple cache keys in a single job will help you increase your pipeline performance and you can measure these improvements from the CI/CD dashboard, where a new DORA 4 graph will show lead time for changes via time for code to be committed and deployed to production.
As a related note, metrics on DevOps Adoption are now available at the group level allowing users to understand how GitLab's DevOps capabilities are being adopted.
Securing your software supply chain
Security pros will be happy to see the addition of the Semgrep flexible rule syntax to extend and modify custom detection rules, a popular request from GitLab SAST customers. We've also added support for custom certificates and email alerts for key expirations.
You can now improve your security posture by enforcing SAML for Git activity. The new On-call Schedule Management routes alerts received in GitLab to the on-call engineer in the schedule for that project.
This will be particularly helpful as we mature our security alerts in the future, providing a valuable incident management capability with end-to-end visibility across the entire DevOps process.