Petes Linkedin Blog

Innovation and growth can sometimes be at odds in the world of retail, especially when trying to develop, deploy, and manage modern applications across multicloud environments. GitLab and Google Cloud together help retailers create and secure software that scales along with their business. GitLab’s comprehensive DevSecOps Platform connects with Google Cloud’s Distributed Cloud Edge edge networking environment and Anthos cloud-centric container platform to provide retailers with enterprise-class features such as collaboration and planning, continuous integration ( CI ), configuration management, and built-in security and compliance. GitLab enables development teams to streamline management of their distributed, hybrid environments right out of the gate. Retailers can utilize the following capabilities: Agile planning and collaboration to ensure Anthos cloud container cluster configurations and policies are up to date and compliant with company standards. Continuous integration t...

Customizable roles have been on GitLab's roadmap for the past two years. When we began working on them a year ago, our team struggled to find the minimal viable change (MVC) that would benefit customers. At the same time, through different feedback channels, customers were telling us they wanted more from their Ultimate tier Guest user roles. There it was: our MVC! Here is what happened next. Our MVC journey When we began working on customizable roles, we knew that the six static, out-of-the-box roles that come with GitLab were not flexible enough to cover the use cases of our customers. Some roles were too permissive, while others didn’t grant the permissions necessary to accomplish a task. At a time when security and abiding by the principle of least privilege is more top of mind than ever, we needed to give our customers a way to define their own roles. The customer ask was clear, but the implementation path was not. Performance considerations were top of mind. Permission...

The 2023 National Cybersecurity Strategy , which the White House released last week, should serve as a wake-up call to all organizations that develop software, whether for internal or external use. The policy puts the liability for poor security on software makers and requires a strengthening of security at every step of the software development lifecycle. The policy shines a spotlight on the importance of collaboration, digital transformation, automation, and transparency. The White House is seeking to advance security-first posturing, eliminate the top cybersecurity threats, rebalance software security responsibility and data stewardship, defend against malicious actors, and forge international partnerships. “Companies that make software must have the freedom to innovate, but they must also be held liable when they fail to live up to the duty of care they owe consumers, businesses, or critical infrastructure providers. Responsibility must be placed on the stakeholders most capable ...

Today we are releasing versions 15.9.2, 15.8.4, and 15.7.8 for GitLab Community Edition (CE) and Enterprise Edition (EE). These versions contain important security fixes, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the patched version. GitLab releases patches for vulnerabilities in dedicated security releases. There are two types of security releases: a monthly, scheduled security release, released a week after the feature release (which deploys on the 22nd of each month), and ad-hoc security releases for critical vulnerabilities. For more information, you can visit our security FAQ . You can see all of our regular and security release blog posts here . In addition, the issues detailing each vulnerability are made public on our issue tracker 30 days after the release in which they were patched. We are dedicated to ensuring all aspects of GitLab that are exposed to customers or that host cust...

Effective April 3, 2023, GitLab is increasing the list price of GitLab Premium from $19 to $29 per user per month. Existing GitLab Premium customers will have a one-time transition price of $24 per user per month automatically applied to their upcoming renewals until April 2, 2024. As GitLab’s first price increase in more than five years, this new pricing for GitLab Premium reflects the evolution of GitLab from source control and CI to the most comprehensive DevSecOps Platform . Over the past five years, GitLab Premium added more than 400 features , leading to improved cycle times , enhanced developer experience , and better collaboration for our customers. GitLab Premium evolution and benefits Since February 2018, we expanded GitLab Premium to include more than 400 features across the entire software delivery lifecycle so customers can focus on delivering high-quality software faster. We’ve added notable capabilities including: Ease of getting started : Built-in templates and ...

Amazon S3 has a Static Website Hosting feature which allows you to host a static website directly from an S3 bucket. When you host your website on S3, your website content is stored in the S3 bucket and served directly to your users, without the need for additional resources. Combine this with Amazon CloudFront and you will have a cost-effective and scalable solution for hosting static websites – making it a popular choice for single-page applications. In this post, I will walk you through setting up your Amazon S3 bucket, setting up OpenID Connect ( OIDC ) in AWS, and deploying your application to your Amazon S3 bucket using a GitLab CI/CD pipeline. By the end of this post, you will have a CI/CD pipeline built in GitLab that automatically deploys to your Amazon S3 bucket. Let's dive in. Prerequisites For this guide you will need the following: Node.js >= 14.0.0 and npm >= 5.6 installed on your system Git installed on your system A GitLab account An AWS account...