Petes Linkedin Blog

Today we are releasing versions 15.1.1, 15.0.4, and 14.10.5 for GitLab Community Edition (CE) and Enterprise Edition (EE). Please note, this critical release will also serve as our monthly security release for June . These versions contain important security fixes, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the patched version. GitLab releases patches for vulnerabilities in dedicated security releases. There are two types of security releases: a monthly, scheduled security release, released a week after the feature release (which deploys on the 22nd of each month), and ad-hoc security releases for critical vulnerabilities. For more information, you can visit our security FAQ . You can see all of our regular and security release blog posts here . In addition, the issues detailing each vulnerability are made public on our issue tracker 30 days after the release in which they were patched. We ...

The following fictional story 1 reflects a repeating pattern that Solutions Architects at GitLab encounter frequently. In the analysis of this story we intend to demonstrate three things: (a) Why one should be thoughtful in leveraging Kubernetes for scaling, (b) How unintended consequences of an approach to automation can create a net productivity loss for an organization (reversal of ROI) and (c) How solutions architecture perspectives can help find anti-patterns - retrospectively or when applied during a development process. A DevOps transformation story snippet Gild Investment Trust went through a DevOps transformational effort to build efficiency in their development process through automation with GitLab. Dakota, the application development director, knew that their current system handled about 80 pipelines with 600 total tasks and over 30,000 CI minutes so they knew that scaled CI was needed. Since development occurred primarily during European business hours, they were intere...

Gitlab recently released Streaming Audit Events to provide you real-time visibility into what happens inside your GitLab groups and projects. Whenever something happens, an event will be sent to the HTTPS destination of your choice. This is a great way to understand immediately when something has changed and if there is an action that needs to be taken. These events are often used to drive automation to update GitLab in response to certain actions, such as creating a new issue to onboard a team member when an account is added to a group, or to restore the correct value of a merge request approval setting if it is changed. We know that many users want to combine the streaming audit events with other data sets and tools they already work with. Taking automatic action in response to audit events happening can help ensure your GitLab groups and projects are always in the correct, compliant state. Pipedream simplifies the streaming audit event process Driving automation off of these ev...

A bug in certain versions of PostgreSQL, called the use-after-free bug , can cause segmentation faults. If you are affected, you should upgrade. The affected PostgreSQL versions are: PostgreSQL 12 versions earlier than 12.7. The bug was patched in PostgreSQL 12.7 . PostgreSQL 13 versions earlier than 13.3. The bug was patched in PostgreSQL 13.3 . Which versions of GitLab could be affected? GitLab EE versions 14.9 and later are affected, if your version of PostgreSQL is an affected version. GitLab CE versions 15.1 and later are affected, if your version of PostgreSQL is an affected version. Omnibus GitLab instances using a bundled PostgreSQL server are not affected as they ship with patched versions of PostgreSQL , and no further action is needed. We strongly recommend all instances using an affected PostgreSQL version to upgrade to the latest minor version for PostgreSQL version 12 or 13. For more detailed information, review our issue on this problem . from GitLab https...

eCommerce platform provider Swell was built to give entrepreneurs the opportunity to build the online business that they envision. A GitLab customer since 2021, GitLab has been adopted as Swell's one DevOps, project management, and support ticketing tool for the whole organization. It's the foundational platform that the business works on. Swell is using GitLab Premium in many different areas, including for product development and to build the platform infrastructure, says Nico Bistolfi, vice president of technology. "GitLab is our source of truth for everything," Bistolfi says. Now, Swell is looking into expanding its usage of the platform to leverage features such as code quality, automation, and other types of dynamic application security and static application security. GitLab for CI/CD Swell upgraded to the Premium version and the biggest advantage so far has been the review operations capability, Bistolfi says. The company has created environments for every...

Today, we are excited to announce the release of GitLab 15.1 with SAML Group Sync , SLSA level 2 build artifact attestation , links to included CI/CD configuration , enhanced visibility into value stream with DORA metrics , and much more! These are just a few highlights from the 30+ improvements in this release. Read on to check out all of the great updates below. Join us on June 23rd as we celebrate DevOps! GitLab co-founder and CEO, Sid Sijbrandij, will introduce best-selling author and DORA co-founder, Gene Kim. Gene will share his research and expectations for the future of DevOps then GitLab VP of Product, David DeSanto, will share how GitLab is evolving The One DevOps Platform to meet that future. We'll also unveil a new program to support your career aspirations. You won't want to miss this one-hour virtual event. Reserve your seat now! To preview what's coming in next month’s release, check out our Upcoming Releases page , which includes our 15.2 release kickoff...