Petes Linkedin Blog

One of the most significant limitations of AWS Fargate is the inability to run containers in privileged mode. This limitation means Docker-in-Docker (DinD), which enables the building and running of container images inside of containers, does not work with the AWS Fargate Custom Executor driver for GitLab Runner . The good news is that users don't have to be blocked by this limitation and may use a cloud-native approach to build containers, effectively leveraging a seamless integration with AWS CodeBuild in the CI/CD pipeline. We provide in-depth instructions on how to autoscale GitLab CI on AWS Fargate in GitLab Runner's documentation . In this blog post, we explain how to instrument CI containers and source repositories to trigger AWS CodeBuild and use it to build container images. Architecture overview How distinct CI workloads run on Fargate. The picture above illustrates distinct GitLab CI workloads running on Fargate. The container identified by ci-coordinator (001) ...

Writing this blog post feels exciting as it’s marking the start of GitLab’s move into extending the ways to work with our ever-growing product. We're incredibly happy to bring you an official GitLab Workflow Extension for VS Code. How did we get here? Over two years ago , Fatih Acet started working on a VS Code extension to allow users to interact with GitLab from within their code editor. We encourage people who work at GitLab to build the things they want and need. Everything starts with a Merge Request and in this case that MR created something new. Fatih and more than 25 contributors continued to expand on the extension by adding new features and reaching over 160k installations. It’s truly remarkable to see the way the community worked and grew the extension to such a valuable tool in their work and showed how seamlessly GitLab could extend to where developers were doing their most meaningful work . When Fatih decided to move on from GitLab, we had an opportunity to take ...

Today we are releasing version 13.2.2 for GitLab Community Edition and Enterprise Edition. This version resolves a number of regressions and bugs in this month's 13.2 release and prior versions. GitLab Community Edition and Enterprise Edition Coerce repository_storages_weighted, removes repository_storages Add issue to iteration docs Fix jira import users startAt parameter Better error message for unconfirmed users when using git Handle special cases when mass unconfirming users Omnibus GitLab Disable crond if LetsEncrypt disabled Important notes on upgrading This version does not include any new migrations, and should not require any downtime. Please be aware that by default the Omnibus packages will stop, run migrations, and start again, no matter how “big” or “small” the upgrade is. This behavior can be changed by adding a /etc/gitlab/skip-auto-reconfigure file, which is only used for updates . Updating To update, check out our update page . GitLab subscript...

If you're brand new to Kubernetes, you'll want to start with our Kubernetes 101 guide . Kubernetes and containers are often seen as two key elements in a successful DevOps practice. But there's no question that Kubernetes can be intimidating to those not familiar with it. In fact, our 2020 Global DevSecOps Survey found just 38% of respondents are actively using Kubernetes today while 50% are not. Anecdotally though, interest in Kubernetes is very high: "We are on the path to get our monolithic server into a sert of microservices and the goal is to use Kubernetes to help on this side." "We're trying to get there." "It's a priority for our platform team." This past spring staff distribution engineer Jason Plum and senior distribution engineer Gerard Hickey walked attendees at GitLab's company-wide meeting Contribute through something they called Kubernetes 102 that looked at the practical building blocks required for a cloud-...

We consistently hear from the global GitLab family (our community, customers, and really anybody interested in GitLab) that they know from experience that GitLab helps them do the work they want to do, faster and better, and that it’s a valuable, even vital, part of their success. But they often have a difficult time describing the value GitLab delivers, especially in specific, quantified ways. We also regularly hear that the hardest part about quantifying "value" is knowing where and how to start. Enter the Forrester Total Economic Impact™ (TEI) of GitLab: studying real customer experiences So to help everyone better understand the value proposition, GitLab commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study examining the potential return on investment (ROI) organizations may realize by using GitLab for version control & collaboration (VC&C)/SCM, continuous integration (CI), and continuous delivery (CD) - all use cases that represent ...

Now that your CI/CD pipeline is up and running, it’s time to fine-tune the performance. This hands on guide will walk you through tweaks that will improve a CI/CD pipeline’s speed, functionality, security, and integration with other tools and platforms. Built for speed CI/CD and DevOps promises faster releases and we know it’s true: Even a basic automated pipeline is much speedier than the old days of manual handoffs. But there are ways to make the CI/CD pipeline even zippier. One straightforward option that guarantees faster builds is to autoscale runners . If you have 15 minutes to spare, you can link your GitLab CI pipeline to the Google Kubernetes engine . And it doesn’t get much faster than using the Auto DevOps option if you’re setting up a new pipeline from scratch. Do more with less Once a pipeline is humming along, it’s time to think about tinkering with what you have. This is one of our favorite things to do at GitLab – we even used our CI/D pipeline to turn our group co...

The number of web applications hosted in containers grows every day, but data from our 2020 Global DevSecOps Survey showed a majority of companies don't have a container security strategy in place. This post shows examples of how GitLab can help increase the security of such applications and their hosting environment. We focus on web applications, but most of the security features described in this post apply to any containerized apps. Detailed descriptions and examples of the tactics and techniques mentioned in this post can be found in the MITRE ATT&CK Matrix . Threat Models To help with our scenarios, we're taking two tactics from the MITRE ATT&CK matrix: Initial Access and Execution . There are similar categories in other frameworks, such as the cyber kill chain . Initial Access In this phase, an attacker is attempting to establish access to your computing resources through different techniques. A single one might be sufficient for the attack to succeed but, q...

Today we are releasing version 13.1.5 for GitLab Community Edition and Enterprise Edition. This version resolves a number of regressions and bugs in last month's 13.1 release and prior versions. GitLab Community Edition and Enterprise Edition Fix: Geo file downloads can block Sidekiq threads Geo: Fix inaccurate "Synchronization disabled" progress bars Fix location of k3d install script in QA dockerfile Omnibus GitLab Fix: Sidekiq will now fail to configure if sidekiq_cluster config is used Fix: Implement a version check for docker Use gitlab-depscan script from specific commit Make actioncable recipe and control files match new runit requirement Important notes on upgrading This version does not include any new migrations, and should not require any downtime. Please be aware that by default the Omnibus packages will stop, run migrations, and start again, no matter how “big” or “small” the upgrade is. This behavior can be changed by adding a /etc/gitlab/s...

Today we are releasing version 13.2.1 for GitLab Community Edition and Enterprise Edition. This version resolves a number of regressions and bugs in last month's 13.1 release and prior versions. GitLab Community Edition and Enterprise Edition Geo: Fix package file backfill with sync object storage disabled Limit database deprecation notice window Enables diff file-by-file navigation by default Fix merge request approvals for EE without license Disable security scanner alerts DAG visualization FF: Update default to true in HAML Fix local tiller default enabled inconsistency Fix JS error when discussion has no diff_file Resolve "Fix missing path for avatars of bots" Resolve "Pasting an image into a comment also uploads design" Shorten "enable LFS" message for design management Add "more information" to Design Management LFS message Omnibus GitLab Make actioncable recipe and control files match new runit requirement Importa...

Here at Gitlab we understand the importance of safe deployment practices. Progressive delivery is continuous delivery with fine-grained control over who sees the change. This ensures that all code and configuration updates go through the CI/CD stages to catch any regressions or bugs before they reach customers. If something does make it past those gates, progressive delivery makes sure any negative impact is as small as possible. We have recently added several features that add safeguards to your deployment process, which we will review in this blog post. Protected Environments It is important that deploy jobs are restricted to only those who are authorized to deploy in that environment, and we call this restriction by roles "protected". While this feature has been around for a while, it is important to remember that this should be the first step to take when thinking about safe deployments. Take a deeper dive into protected environments . Sequential Deployment (or Saf...

GitLab 13.2 now helps teams streamline project planning with milestone iterations, collaborate better for faster feedback with diff changes for wiki pages, and improve overall performance/efficiency with load performance testing. Streamline agile project planning and management Managing workflows and planning tasks for different teams can add a significant amount of development disruption to your day. In releasing our Minimal Viable Change (MVC) of iterations to break down work into smaller, more manageable, chunks, we're lessening this disruption and making project planning easier – with many enhancements to come. If your team leverages Jira for project management, it's now easier for you to view Jira issues in GitLab because we believe that GitLab should play well with others and balance integrations with native capabilities. If you're using epics to plan and manage large projects, then you can now protect sensitive content with confidential epics . When you need...