Petes Linkedin Blog

At almost 15 years old, DevOps has been around long enough to settle in and take shape at organizations around the world. But what do “modern” DevOps practices look like today, and how are they likely to change? Three market research firms gave us their take on the current generation of DevOps, and what’s coming next. BizDevOps anyone? If there’s one clear sign of DevOps maturity, it’s the fact that the business side has seamlessly inserted itself into what was forever a bastion of technologies and tech-driven practices. With some of the bigger DevOps battles well in hand (broader adoption of automation, more frequent deployments, and increased software testing), teams are able to bring in new metrics, including user experience, customer satisfaction, and other business drivers. 451 Research found business objectives and outcomes are the leading priority (51%) for enterprises as they refine, improve, and expand their DevOps implementations. In fact, 451 said business metrics are now...

Modern software development is marked by a commitment to application security – not just for code developed in-house, but for the entirety of the software supply chain . However, which upstream dependencies are included in software and the reasons why they are required can be difficult to determine. A software bill of materials, or SBOM, sheds light on an application’s contents and code origins, and, when paired with vulnerability management tools, can help identify vulnerabilities and highlight risk for subsequent mitigation. This guide will explain what SBOMs are, their importance in a multi-faceted DevSecOps strategy, their relationship to vulnerability management, and how to assess and improve an application’s SBOM health. What is an SBOM? An SBOM is a nested inventory or list of ingredients that make up software components . In addition to the components themselves, SBOMs include critical information about the libraries, tools, and processes used to develop, build, and deploy a...

Over the next month and going forward, requests for GitLab CI artifacts downloads may be redirected to Google Cloud CDN instead of Google Cloud Storage . We anticipate that GitLab CI users may benefit from faster downloads from edge caches closest to your location. Disclaimer: This blog contains information related to upcoming products, features, and functionality. It is important to note that the information in this blog post is for informational purposes only. Please do not rely on this information for purchasing or planning purposes. As with all projects, the items mentioned in this blog and linked pages are subject to change or delay. The development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab. How will this work? Currently when a CI runner or other client downloads a CI artifact , GitLab.com responds with a 302 redirect to a time-limited, pre-signed URL with a domain of storage.googleapis.com . After this change, t...

It’s tempting to think the concept of DevOps collaboration is something no one needs to talk about anymore. After all, the methodology has been around for nearly 15 years, is in widespread use, and has clearly proven to be successful at getting safer software out the door faster. Haven’t we figured out DevOps collaboration by now? The answer is no, at least according to our 2022 Global DevSecOps Survey and to industry experts looking at the future of DevOps. For starters, dev and ops respondents to our survey told us programming languages and soft skills like collaboration are going to be most important for their careers going forward. DevOps collaboration was the second most important skill for sec pros surveyed. These results were far from a one-off: In our 2020 survey , dev, sec, and ops were unanimous that “soft skills,” including DevOps collaboration, were the most critical for future careers. In 2021 , sec and ops continued to prioritize DevOps collaboration for the future, wh...

Today we are releasing version 15.5.1 for GitLab Community Edition and Enterprise Edition. This version resolves a number of regressions and bugs in this month's 15.5 release and prior versions. GitLab Community Edition and Enterprise Edition Docs: Remove deprecated SAST analyzers Remove git target from gitaly rake job Add Ubuntu 22.04 to the supported OS list Add intended use for health status into docs Specify certificates when connecting to KAS using TLS Batch records when preloading for indexing Install chef-config 17.10.19 before installing Ohai Fix fail-fast job when there are migrations present Important notes on upgrading This version does not include any new migrations, and for multi-node deployments, should not require any downtime . Please be aware that by default the Omnibus packages will stop, run migrations, and start again, no matter how “big” or “small” the upgrade is. This behavior can be changed by adding a /etc/gitlab/skip-auto-reconfigure file,...

Astro is an amazing new framework to create content-focused static sites and GitLab Pages is a great way to deploy a site built with Astro. Here's a step-by-step guide on how to build and deploy an Astro Site with GitLab Pages. Create the project locally First, create the Astro Project locally using the Astro CLI. Note: Even though we're offering a project template , we recommend using the CLI locally to scaffold your project. This ensures you can create your project with the latest defaults. npm create astro@latest Now follow the CLI instructions. As part of the setup, Astro will create the project folder for you. During the course of the setup Astro will ask whether you'd like to initialize a new Git repository. Answer this with y (yes). Once the Astro CLI is done scaffolding your project, cd into the new folder: cd <your-project> Configure Astro for GitLab Pages Astro comes with a few defaults that are incompatible with GitLab Pages. So before continu...

The market is moving to a platform approach to DevSecOps . What had previously been a process that let different engineering teams adopt their own tools for different stages of the software development lifecycle – what we call “DIY DevOps” – is being replaced by a method that leverages a single application. Why is this happening? First, IT managers are coming to grips with the inefficiencies and cost of toolchain sprawl. Second, executives are relying on digital transformation to solve significant business-level problems: improving developer onboarding and productivity, building high-performing teams, securing the software supply chain, and creating a secure on-ramp to the public cloud. Finally, there’s the impact of the potential recession , which has accelerated the above trends. We recently commissioned a Forrester Consulting “Total Economic Impact™ of GitLab’s Ultimate Plan” study to better understand how companies save on costs and achieve business and technology goals with Git...

Today, we are excited to announce the release of GitLab 15.5 with GitLab Cloud Seed , Autocomplete suggestions in the Content Editor , Error Tracking Open Beta , Operational Container Scanning and much more! These are just a few highlights from the 50+ improvements in this release. Read on to check out all of the great updates below. We thank the wider GitLab community for the 153 contributions they provided to GitLab 15.5! At GitLab, everyone can contribute and we couldn't have done it without you! To preview what's coming in next month's release, check out our Upcoming Releases page , which includes our 15.6 release kickoff video. This month's Most Valuable Person ( MVP ) is Anatoli Babenia Anatoli made multiple improvements and fixes to the gitlab-docs project during this milestone. The gitlab-docs project is responsible for taking content from many of our projects and publishing it to https://docs.gitlab.com . Anatoli’s contributions to gitlab-docs ...