Petes Linkedin Blog

   This blog post is Unfiltered    In late January/early February I was fortunate enough to become a part of the CEO Shadow Program at GitLab. Having been at GitLab for three and a half years, I have been exposed to an organization scaling at an amazing rate in our all remote setting. Aside from Contribute (add link), this program would be the first time I would work from an office while at the company, which was nerve wracking and exciting. In addition to being nervous about going into an office daily to work in person with the CEO and the co-shadow after working from home only for nearly four years, I was also grappling with the idea of being apart from my one year old daughter. Thankfully, I am originally from Northern California and with the support from the CEO Shadow Planning team, I was able to coordinate a schedule with my family where I could work from San Francisco during the week and spend the weekend in between with my daughter. I did not expect how m...

Today we are releasing version 13.0.3 for GitLab Community Edition and Enterprise Edition. This version resolves a number of regressions and bugs in this month's 13.0 release and prior versions. Suggestion to add more details to DAST_EXCLUDE_RULES variable. Add support for including user/groups from parent/ancestors Fixed redirection to project snippets Resolve "Geo: Design thumbnails are not replicated" Fix 404s downloading latest build artifacts Update deprecated routes in irker integration Fix Auto DevOps manual rollout jobs not being allowed to fail Change format of variables parameter in Prometheus proxy API for metrics dashboard Update Ruby to 2.6.6 Update Praefect Grafana dashboards Fix warning message in nginx Do not run Grafana reset during docker startup Fix API performance regression in issues API Fix "Close Issue" button by changing target selector Confirm protected branch before running checks Important notes on upgrading This v...

First, the good news: do DevOps right and you’ll release code faster. In fact, 83% of our 2020 Global DevSecOps Survey respondents said code heads out the door more quickly thanks to a successful DevOps practice. But we also asked survey takers what was most likely to delay their code, and their responses highlighted some of the toughest challenges DevOps practitioners face. When it comes to delays, 47% said testing was the culprit, while 39% said planning, and 28% said code review. At a time when faster software releases are perhaps even more critical than ever before, it may be helpful for your organization to take a hard look at what blocked our 3652 respondents from 21 countries across 19 job categories. Test, planning, and code reviews are essential steps in DevOps, but as our survey responses show, they can easily turn into black holes of time and frustration. The trouble with testing Let’s just say it: Testing is hard. A key component of successful DevOps, testing is appare...

Today we are releasing version 12.10.8 for GitLab Community Edition and Enterprise Edition. This version resolves a number of regressions and bugs in last month's 12.10 release and prior versions. Resolve "Geo: Design thumbnails are not replicated" Fix 404s downloading latest build artifacts Fix dbvacuum on pgupgrade Geo: Fix empty synchronisation status when nothing is synchronised Important notes on upgrading This version does not include any new migrations, and should not require any downtime. Please be aware that by default the Omnibus packages will stop, run migrations, and start again, no matter how “big” or “small” the upgrade is. This behavior can be changed by adding a /etc/gitlab/skip-auto-reconfigure file, which is only used for updates . Updating To update, check out our update page . GitLab subscriptions Access to GitLab Starter, Premium, and Ultimate features is granted by a paid subscription . Alternatively, sign up for GitLab.com to use G...

It’s not enough to say something is quick and easy. To have a better understanding of some of the benefits of using GitLab CI/CD, it’s much better to show you. In a short video , Itzik Gan-Baruch technical marketing manager, demonstrates how to submit a code change using GitLab Web IDE. In three minutes, teams can submit a code change and commit it, trigger a CI pipeline to scan for any errors, and ship the updated application to users. Getting started with GitLab Web IDE All code that gets automatically tested and deployed to production has a human at its source. In GitLab 10.7, we released the first iteration of our Web Integrated Development Environment (IDE) after observing how non-developers struggled with editing multiple files and committing those changes. Since we believe that everyone can contribute , building an editor that was integrated with GitLab that made it easier for anyone to contribute seemed like a natural fit. To access the Web IDE, just click the button from...

Today we are releasing versions 13.0.1, 12.10.7, 12.9.8 for GitLab Community Edition (CE) and Enterprise Edition (EE). These versions contain important security fixes, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately. The vulnerability details will be made public on our issue tracker in approximately 30 days. Please read on for more information regarding this release. User Email Verification Bypass A security issue allowed users to bypass the email verification process. This issue is now mitigated in the latest release and is waiting for a CVE ID to be assigned. Thanks to @zapprising for responsibly reporting this vulnerability to us. Versions Affected Affects GitLab CE/EE 12.5 and later. Remediation We strongly recommend that all installations running an affected version above are upgraded to the latest version as soon as possible. OAuth Flow Missing Email Verification Checks A vulnerability allowed unverified user...

Sometimes in software engineering, you have to learn the hard way. GitLab CI is extremely powerful and flexible, but it’s also easy to make mistakes that could take out a GitLab runner, which can clog up Sidekiq and bring down your entire GitLab instance. Luckily, Sean Smith, senior software engineer for F5 Networks has been through it, and summarizes some of their learnings in his talk at GitLab Commit San Francisco . In the presentation, Sean goes in-depth about a past incident that clogged up F5 Network's GitLab runner, and shares tips on setting limits for Kubernetes (K8s) runners. Sean is a GitLab administrator for F5 Networks , a company with about 1,800 users worldwide running 7,500 projects each month – excluding forks. That’s roughly 350,000 - 400,000 CI jobs going through the K8s runners each month. Until some recent hires, there were only three engineers to handle it all. Instead of running a giant GitLab instance on one VM, F5 broke up their instance into seven diffe...

Test 123