Petes Linkedin Blog

GitLab has surveyed DevOps practitioners for more than five years now. In that time, we have come to know what questions to ask to understand how well teams are doing with DevOps. In sharing these 10 questions, we aim to help you assess your own team’s capabilities and achieve smarter, faster DevOps. How fast is your team releasing code today vs. one year ago? Tracking release speed is like taking the temperature of your DevOps team. You’d like to think everything is going well, but you might be surprised. Occasionally DevOps teams report to us they are actually releasing code more slowly than in the past. What stage(s) in the process are causing the most release delays? This question will shine a spotlight on the areas in your DevOps practice that simply don’t work. Spoiler alert: The answer will certainly be testing , though other things, from planning to code development and code review, might pop up, too. How automated is your DevOps process? Ask this, but don’t just focus o...

Developers love their tools. Operations teams love their tools. And security teams love their tools. As Dev, Sec, and Ops consolidate onto a single DevOps platform, toolchain technical debt becomes exponentially more costly and complex. “Tools should be in the background enabling excellent development, operations, and security practices. However, DevOps teams are often led by their tools rather than the other way around and that can hinder all aspects of the software development lifecycle (SDLC),” says Cindy Blake , CISSP, director of product and solutions marketing at GitLab. An April 2022 Gartner® report titled “Beware the DevOps Toolchain Debt Collector” notes that “many organizations find themselves with outdated, poorly governed, and unmanageable toolchains as they scale DevOps initiatives.” One of the key findings, according to Gartner, is that “most organizations create homegrown toolchains, often leveraging the tools beyond their functional design. This not only leads to a f...

With GitLab 14 , we saw deep emphasis on modernizing our DevOps capabilities. This modernization enabled enhanced application security and strenghtened collaboration between developers and security professionals. We saw enhancments such as: global rule registry and customization for policy requriements with support for separation of duties a newly developed browser-based Dynamic Application Security Testing (DAST) scanner used to test and secure modern APIs and Single Page Applications more support for different languages using Semgrep new vulnerability management capabilities to increase visibility With the GitLab 15 release, we can see how our commitment to enhancing application security across the board is stronger than ever. In this blog post, I will provide details on how GitLab is commited to enhancing not only security, but efficiency. Discover how GitLab 15 can help your team deliver secure software, while maintaining compliance and automating manual processes. Save t...

Our customers frequently tell us that despite being very effective DevOps practitioners, they still struggle to build a data-driven DevOps culture. They find it especially hard to answer the fundamental question: What are the right things to measure? This becomes more challenging in enterprise organizations when there are hundreds of different development groups, and there's no normalization between how things are done or measured. Because of this, we see a strong interest from customers for metrics that would allow them to standardize between teams and benchmark themselves against the industry. Value Streams Analytics helps you visualize and manage the DevOps flow from ideation to customer delivery. What Are DORA Metrics? With the continued acceleration of digital transformation, most organizations realize that technology delivery excellence is a must for long-term success and competitive advantage. After seven years of data collection and research, the DORA's State of D...

We're hoping to stump you…and we stumped ourselves on some of these questions for sure. There are just 10 questions, so dive in, and you'll see your score at the end. from GitLab https://ift.tt/s3tFMme #GitLab #DevSecOps

Today we are releasing version 15.0.3 for GitLab Community Edition and Enterprise Edition. This version resolves a number of regressions and bugs in this month's 15.0 release and prior versions. GitLab Community Edition and Enterprise Edition Add GitLab agent image tag to install command Resolve "Add documentation for Opensearch Indexing paused." Disconnect alternates when unlinking from a repository pool Add version information for new fields in members API Upgrade to bundler v2.3.15 cgroups: Handle nil repo catfile: Backport patches to fix leaking catfile processes Important notes on upgrading This version does not include any new migrations, and for multi-node deployments, should not require any downtime . Please be aware that by default the Omnibus packages will stop, run migrations, and start again, no matter how “big” or “small” the upgrade is. This behavior can be changed by adding a /etc/gitlab/skip-auto-reconfigure file, which is only used for up...

Most of my daily conversations are focused on features and very deep technical concepts, which provide valuable and actionable insight. However, we miss the fact that tools and technology are leveraged to solve business challenges. When talking about features and technology, it's very easy to see the possible financial gain when replacing different tools with a unified platform. But it's missing all the improvement opportunities that will provide value at all the levels of a company from developers to executives. The reality is that we're working in very complex systems, making it hard to see the forest from the trees. As an engineer, you're focused on solving the next immediate problem that arises without taking a step back to reevaluate the system itself. In some cases, the problem itself is created by the design of our SDLC. As an executive, it's difficult to balance the effort required to address the technical challenges with the pressure that comes from the bu...