GitLab is a complete DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate and build software. From idea to production, GitLab helps teams improve cycle time from weeks to minutes, reduce development costs and time to market while increasing developer productivity.
Watch a GitLab demoGain visibility and insight into how your business is performing.
Searching for a group is directly available behind a lightweight dropdown menu, removing the need to navigate away from your work into a separate view when you’re looking for a hard-to-remember group.
Documentation
To maintain the integrity of your code, GitLab Premium gives admins the ability to view any modifications made within the GitLab server in an advanced audit event system, so you can control, analyze and track every change.
Documentation
Create a common pipeline definition that will run for all projects that adhere to different compliance frameworks. This ensures projects perform the steps needed to meet regulatory requirements.
Documentation
GitLab administrators and group owners are responsible for the overall security of their instance and groups. Keep track of all the PAT and SSH credentials that can be used to access your environment. See when the credentials expire and manage rotation policies.
Documentation
Compliance management within GitLab is easier with an aggregate view of all project activity. View the compliance status of your group in a fast, simple way. Using the built-in quick access view, easily spot when projects are out of compliance and drill down into individual projects to take informed actions to remediate any issues.
Documentation
Compliance frameworks allow you to easily designate which frameworks a given project must follow. We provide several pre-defined ones such as GDPR, HIPAA, PCI-DSS, SOC 2, and SOX, etc and also let you define your own.
Documentation
Compliance management in GitLab makes it easy to see what permissions users in the organization have and export that information in a report. This enables compliance teams and adminstrators to easily audit that the right people have the right levels of access.
Documentation
Manage access and permissions with five different user roles and settings for external users. Set permissions according to people’s role, rather than either read or write access to a repository. Don’t share the source code with people that only need access to the issue tracker.
Documentation
You have complete control of the server/instance, so you can install additional software (intrusion detection, performance monitoring, etc.) and view log files on the server itself. GitLab’s advanced log system means everything gets logged and provides you with easy access to a wealth of log file information.
Documentation
GitLab Premium (Self-Managed) gives your Admin’s the ability to automatically sync groups and manage SSH-keys, permissions, and authentication, so you can focus on building your product, not configuring your tools.
Documentation
Since every application that supports Git will work with GitLab, there are hundreds of applications that can integrate and work with Gitlab. Additionally, there are many partners that integrate with authentication and authorization of GitLab.
Learn more about GitLab's multiple technology partners
Two-factor authentication secures your account by requiring a second confirmation, in addition to your password. That second step means your account stays secure even if your password is compromised. The ability to enforce 2FA provides further security by making sure all users are using it.
Documentation
“To completely prevent access to a GitLab instance, administrators can block or ban users. Blocked and banned users can not sign in to GitLab, access Git repositories, receive notifications from Gitlab, or use slash commands. Banned user issues are also hidden.”
Documentation
GitLab can import projects and issues from more sources (GitHub, Bitbucket, Google Code, FogBugz, Gitea and from any Git URL) than GitHub or any other VCS. We even have you covered for your move from SVN to Git with comprehensive guides and documentation.
Documentation
GitLab provides a dashboard that lets teams measure the time it takes to go from planning to monitoring. GitLab can provide this data because it has all the tools built-in: from the idea, to the CI, to code review, to deploy to production.
Feature details
GitLab provides a group dashboard that lets teams measure the time it takes to go from planning to monitoring. GitLab can provide this data because it has all the tools built-in: from the idea, to the CI, to code review, to deploy to production.
Feature details
Productivity Analytics provides graphs and reports to help engineering leaders understand team, project, and group productivity so they can uncover patterns and best practices to improve overall productivity. The initial focus of Productivity Analytics is on the MR and how long it takes to merge MRs.
Documentation
GitLab will surface VSM (value stream management) style metrics, such as cycle time, lead time, and deployment frequency, aggregated and rolled up, per an individual team, across multiple teams within a department, or even across the entire organization.
See epic for details
The DORA-4 metric, Lead time for changes, measures the time it takes for a merge request to be merged to production. You can access this metric via the CI/CD analytics dashboard or through the API on the project or the group level. Monitoring this metric helps you understand the efficiency of your deployments over time and find bottlenecks and improvement areas.
Documentation
Deployment frequency charts are visible at the project and the group level on the CI/CD Analytics page. You can use these charts to monitor the efficiency of your deployments over time, find bottlenecks, and make improvements when necessary.
DocumentationRegardless of your process, GitLab provides powerful planning tools to keep everyone synchronized.
Create and manage iterations at the group level, view all the issues for the iteration you’re currently working on within your group or project, and enable all subgroups and projects to stay in sync on the same cadence.
Documentation
You can move issues between projects in GitLab. All links, history and comments will be copied and the original issue will reference the newly moved issue. This makes working with multiple issue trackers much easier.
Documentation
When creating a new project, you can choose to kickstart your project from a predefined template that already has some working example code and CI preconfigured. In addition, you can define a custom project templates by assigning a group. Child projects of this group are available as templates when creating a new project.
Documentation
Hill charts make it simple to report the general status of a work item, issue, or project. Where before the top of the hill, the item is full of uncertainty and unknowns, and after the crest of the hill, execution is clear sailing with fewer risks and unknowns.
Large companies often have hundreds of different projects, all with different moving parts at the same time. GitLab allows for multiple Issue Boards for a single project so you can plan, organize, and visualize a workflow for a feature or product release. Multiple Issue Boards are particularly useful for large projects with more than one team or in situations where a repository is used to host the code of multiple products.
Documentation
An Issue Board is based on its project’s label structure, therefore, it applies the same descriptive labels to indicate placement on the board. GitLab issues can appear on multiple issues and they still have meaning without the context of a particular board.
Documentation
Issue boards/dashboards reflect an organizations flow for processing work items. These boards can reflect individualized workflow or follow established patterns. Issue board types with established patterns (such as Scrum and Kanban) can make setup of new boards easier.
Issue details
Plan and track strategies, initiatives, and features with multi-level epics that collect issues together. Manage multiple children epics and their issues within the Epic Tree by dragging and dropping them to organize and prioritize the work.
Documentation
Teams have access to more than a dozen out-of-the-box reports with real-time, actionable insights into how their team is performing sprint over sprint. Example reports are sprint burndown, epic burndown, cumulative flow diagram, velocity chart, burn up chart, and sprint report.
Documentation
Visualize multiple parent and child epics across time in a Roadmap view to gain insight into how your portfolio of work is progressing. Establishing the product vision and strategy to organize, govern and shape the effort of multi-disciplinary teams building specific business services and features.
Documentation
With Requirements Management you are able to gather, document, refine, and track approval of business and system requirements. Manage and track the relationships between requirements and other requirements, requirements and code, or requirements and test cases for each version of requirements. Specific features will include definition, traceability, and requirement hierarchy and dependency.
See direction page for details
This powerful feature uses the GitLab single-application model to allow testing run in the CI/CD pipelines to satisfy your requirements. This automates the cumbersome task of identifying satisfied requirements, and enables your organization to focus on delivering value.
See direction page for details
To better collaborate with external groups and organizations, requirements can be imported and exported in CSV format. This allows teams to use a single interface for development and testing against requirements.
See direction page for details
Able to support test planning, definition of test cases, results of test execution and corresponding backlog of work resulting from failed tests. Specific features would include: Test case planning, test execution, defect tracking (backlog), severity, priority.
See direction page for details
Design Management allows users to upload design assets (such as wireframes and mockups) to GitLab Issues and keep them stored in one single place, giving product designers, managers, and engineers a seamless way to collaborate on design proposals. They can be easily uploaded and are stored in versions. You can start a thread by clicking on the image on the exact location you would like the discussion to be focused on.
DocumentationCreate, view, and manage code and project data through powerful branching tools.
When a project needs multiple sign-offs, you can require every merge request to be approved before merging. With Required Merge Request Approvals you can set the number of necessary approvals and predefine a list of specific approvers. In turn, guarantee the quality and the standards of your code.
Documentation
With this setting at the project level, you can ensure that no merge commits are created and all merges are fast-forwarded. When a fast-forward merge is not possible, the user is given the option to rebase.
Documentation
When browsing through project repositories on GitLab, having direct access to single files is a relevant use case. A ‘Download’ button in the file viewer allows you to download individual files from the GitLab UI.
Documentation
When creating a new project, you can choose to kickstart your project from a predefined template that already has some working example code and CI preconfigured. In addition, you can define a custom project templates by assigning a group. Child projects of this group are available as templates when creating a new project.
Documentation
In GitLab, to ensure strict code review, you can require a minimum number of users to approve of a merge request before it is able to be merged. You can undo an approval by removing it after the fact.
Documentation
Make sure the right people review merge requests with approval rules by specifying lists of eligible approvers, the minimum number of approvals for each, and which target branches they protect. This makes it easy to request review from different teams like Engineering, UX and Product.
Documentation
In GitLab, you can quickly create a new branch from an issue on the issue tracker. It will include the issue number and title automatically, making it easy to track which branch belongs to which issue.
Documentation
When a user opens a merge request from a fork, they are given the option to allow upstream maintainers to collaborate with them on the source branch. This allows the maintainers of the upstream project to make small fixes or rebase branches before merging, reducing the back and forth of accepting community contributions.
Documentation
Leverage the power of Server Hooks and chain them together to fire off custom scripts when certain actions occur on the repository. If the commit is declined or an error occurs during the Git hook check, the error message of the hook will be present in GitLab’s UI. GitLab supports all types of hooks.
Documentation
Manage large files such as audio, video and graphics files with the help of Git LFS. Git LFS 2.0 file locking support helps large teams work with binary assets and is integrated with our native file locking feature.
Documentation
Code review is an essential practice of every successful project, and giving your approval once a merge request is in good shape is an important part of the review process, as it clearly communicates the ability to merge the change.
Documentation
Assign Code Owners to files to indicate the team members responsible for
code in your project using a CODEOWNERS file. Code owners are assigned
automatically as merge request approvers, can be set as required and
shown when viewing files. Sections allow each team to configure their own code owners
configuration independently, allowing multiple teams to look after common
parts of the codebase.
A repository can be initialized with an example README when creating a new project. If this option is checked, a project repository is initialized with a default master branch which can be cloned right away.
Documentation
Git’s wire protocol defines how clones, fetches and pushes are communicated between the client and server. Git protocol v2 improves performance of fetch commands and enables future protocol improvements.
Documentation
GitLab is meant to be the best place for any software project. The team behind GitLab is addressing issues that maintainers and contributors to large open source projects are facing, to make it easier to do both.
Making GitLab better for large open source projects
Draft multiple comments in a merge request code review, before reviewing and submitting them together all at once. This allows you to review code in consistent, and self-contained sessions, instead of as individual comments.
Documentation
In GitLab, to ensure strict code review, you can require a minimum number of users to approve of a merge request before it is able to be merged. You can undo an approval by removing it after the fact.
Documentation
Make sure the right people review merge requests with approval rules by specifying lists of eligible approvers, the minimum number of approvals for each, and which target branches they protect. This makes it easy to request review from different teams like Engineering, UX and Product.
Documentation
Code review is an essential practice of every successful project, and giving your approval once a merge request is in good shape is an important part of the review process, as it clearly communicates the ability to merge the change.
Documentation
Assign Code Owners to files to indicate the team members responsible for
code in your project using a CODEOWNERS file. Code owners are assigned
automatically as merge request approvers, can be set as required and
shown when viewing files. Sections allow each team to configure their own code owners
configuration independently, allowing multiple teams to look after common
parts of the codebase.
Within a commit view or a merge request diff view, and with respect to a specific location of an image, you can have a resolvable discussion. Have multiple discussions specifying different areas of an image.
Documentation
Create a merge request from email by sending in the merge request title, description, and source branch name. Alternatively use patch files to create a merge request without first pushing a branch.
Documentation
When reviewing a merge request that looks ready to merge but still has one or more CI/CD jobs running, you can set it to be merged automatically when the jobs pipeline succeeds with a single click. No configuration required.
Documentation
Code or text review is faster and more effective with inline comments in merge requests. Leave comments and resolve discussions on specific lines of code. In GitLab, Merge Request inline comments are interpreted as a discussion and can be left on any line, changed or unchanged. You can configure your project to only accept merge requests when all discussions are resolved.
Documentation
Prevent merge requests from accidentally being accepted before they’re completely ready by marking them as Draft. This gives you all the code review power of merge requests, while protecting unfinished work.
Documentation
As a reviewer, it can be hard to tell at a glance if new code is covered by a test or not. Customers can now speed up their code reviews by seeing which lines of code are covered by tests in the Merge Request Diff.
Documentation
Dashboards with a filterable set of code reviews (could be by project, by user, by branch, by status, or a combination of those). Dashboards includes code review status and links to get to them. This makes it easy to see what is going on with code reviews for a desired subset.
Code review with GitLab
GitLab provides an easy way to collaborate on HTML content through the Static Site Editor. A collaborator doesn’t need to set up a local environment to contribute to the content nor have any prior knowledge of the underlying templating language, site architecture, or even Git. The Static Site Editor is currently delivered through a Middleman project template.
Documentation
Contribute to projects faster by using the Web IDE to avoid context switching in your local development environment. The Web IDE is integrated with merge requests and GitLab CI so that you can resolve feedback, fix failing tests and preview changes live with client side evaluation without leaving the Web IDE.
Documentation
The Web IDE supports the use of .editorconfig files in projects for standardizing coding style of all users working on the project. This helps to easily keep consistency and quality throughout the project.
With Gitpod integrated into GitLab, you can easily launch your Gitpod Workspace directly from the GitLab interface.
Gitpod allows you to define your project’s configuration in code so you can launch a prebuilt development environment with one click.
These environments are configured through a .gitpod.yml file inside of the project and include options for Docker configuration, start tasks, editor extensions and more.
Git’s wire protocol defines how clones, fetches and pushes are communicated between the client and server. Git protocol v2 improves performance of fetch commands and enables future protocol improvements.
DocumentationKeep strict quality standards for production code with automatic testing and reporting.
GitLab has built-in Continuous Integration/Continuous Delivery, for free, no need to install it separately. Use it to build, test, and deploy your website (GitLab Pages) or webapp. The job results are displayed on merge requests for easy access.
Feature details
When creating a new project, you can choose to kickstart your project from a predefined template that already has some working example code and CI preconfigured. In addition, you can define a custom project templates by assigning a group. Child projects of this group are available as templates when creating a new project.
Documentation
When one pipeline serves as a parent of one of more child pipelines, it removes many of the challenges of complex pipeline creation. Performance can be improved because child pipelines can run concurrently based on trigger configurations in the parent pipeline. As an added bonus, decomposing a single, complex, pipeline into a parent pipeline with multiple children simplifies pipeline visualization and ultimately improves comprehension for the entire team.
It is also possible to dynamically generate the .gitlab-ci.yml for the child pipeline, making it easy to implement runtime behaviors in a clear way. GitLab includes a Jsonnet template as an example for how you can do this with a data templating language.
GitLab.com hosted runners allow you to use GitLab CI/CD completely free up to 400 build minutes for private projects and 50,000 minutes for public projects. Use your own runner for unlimited build minutes or special build environment requirements.
Explore GitLab.com offerings
GitLab CI/CD cloud native architecture can easily scale horizontally by adding new nodes if the workload increases. GitLab Runners can automatically spin up and down new containers to ensure pipelines are processed immediately and minimize costs.
Documentation
The latest artifact of a successful job and pipeline on any active branch, MR, or tag is automatically locked to prevent being deleted. This makes it possible to set an aggressive expiration policy to clean up older artifacts, reduce disk space consumption, and ensure the latest artifact is always available. This default behavior is configurable at the project level and can be disabled in project settings.
Documentation
GitLab Runner supports Linux operating systems on ARM architectures and can run jobs natively on this platform. You can automatically build, test, and deploy for Linux ARM based projects by leveraging shell scripts and command line tools.
Documentation
GitLab Runner supports FreeBSD and can run jobs natively on this platform. You can automatically build, test, and deploy for FreeBSD-based projects by leveraging shell scripts and command line tools.
Documentation
The ability of running CI/CD pipelines on protected branches is checked against a set of security rules that defines if you’re allowed or not. It includes creating new pipelines, retrying jobs, and perform manual actions.
Documentation
With this feature you are able to use Docker containers on Windows directly, in much the same was as if they were on Linux hosts. This enables more advanced kinds of pipeline orchestration and management for users of Microsoft platforms.
Documentation
Deleting a pipeline is possible using the API and also in the UI on the Pipeline Details page. This allows for cases where perhaps secrets have been leaked in a pipeline, many unneeded pipelines have been created, or other issues have occurred where pipelines need to be deleted.
Documentation
Enables pipelines/workflows to be started based on when any defined event is executed in the code repository. For example, could run a workflow to send a welcome email on adding a new member to a repository or project.
Docs on GitLab triggerable events
Specify the path of the .gitlab-ci.yml as an arbitrary URL to store CI configurations in a repository other than the one being built. This allows for processing hundreds of repos the same way by pointing all of them to the same external gitlab-ci.yml file, and gain efficiency by having only one CI configuration file to update for multiple repositories. Use cases where a service generates the configuration file dynamically would also benefit. The ability to host the .gitlab-ci.yml file in another project enables CI configurations access control in a scalable way as the owners of the project hosting the file could restrict write access to prevent changes by unauthorized users.
Documentation
Specify a job in your current project depends on the latest artifact produced by a job in another pipeline to easily set up cross-project pipelines that have artifact dependencies on each other.
Documentation
Other CI systems show execution time for each single command run in CI jobs, not just the overall time. We’re reconsidering how job output logs are managed in order to add this feature as well.
Documentation
Enables pipelines/workflows to be started based on when any defined event is executed in the code repository or in any app extension of that repository’s eco-system. For example, when an event happens in the Slack integration, update a repo work item.
When creating a new project, you can choose to kickstart your project from a predefined template that already has some working example code and CI preconfigured. In addition, you can define a custom project templates by assigning a group. Child projects of this group are available as templates when creating a new project.
Documentation
When one pipeline serves as a parent of one of more child pipelines, it removes many of the challenges of complex pipeline creation. Performance can be improved because child pipelines can run concurrently based on trigger configurations in the parent pipeline. As an added bonus, decomposing a single, complex, pipeline into a parent pipeline with multiple children simplifies pipeline visualization and ultimately improves comprehension for the entire team.
It is also possible to dynamically generate the .gitlab-ci.yml for the child pipeline, making it easy to implement runtime behaviors in a clear way. GitLab includes a Jsonnet template as an example for how you can do this with a data templating language.
Jobs can be configured to run only when there are changes to a specific file or path, giving you control over execution to allow for more complex build pipelines optimized for the changes in each commit.
Documentation
A directed acyclic graph can be used in the context of a CI/CD pipeline to build relationships between jobs such that execution is performed in the quickest possible manner, regardless how stages may be set up.
For example, you may have a specific tool or separate website that is built as part of your main project. Using a DAG, you can specify the relationship between these jobs and GitLab will then execute the jobs as soon as possible instead of waiting for each stage to complete.
Documentation
Using the merge_requests value with only/except keywords allows
you to configure jobs to run only (or except) when in the context of a merge request.
This allows finer control over pipeline behavior, and also allows access to new
environment variables indicating the target branch and merge request ID when
relevant, offering opportunities for implementation of other more advanced behaviors.
Ability to define multiple pipelines per code repository to enable either different processes to be run at different times, and/or to enable monorepos where there are multiple applications within one repo which need to be built and handled differently per application.
Documentation
“GitLab offers a matrix keyword that works along with parallel to handle creation of similar jobs for you, each with different sets of variables (i.e., a cartesian product). As an example, you could now create a single job that knows you want a debug and release configuration for each of 4 different architectures, and it will automatically generate all these jobs for you at runtime.
Finding out if a test failed in one of your previous pipelines is a slow process. However, that knowledge is invaluable to determine if a test failure should be addressed further or if the failure may just be due to a flaky test. GitLab provides a counter showing how many times a test has failed previously in a project’s pipelines.
Documentation
Tracking how code coverage changes in a branch over time can be a time consuming and low value task for a team. GitLab now provides a simple graph to show how calculated code coverage values are trending over time.
Documentation
Tracking code coverage changes for multiple projects can be a time consuming and low value task for a team lead. GitLab provides a page that aggregates the code coverage data for a group’s projects and makes it available for download.
Documentation
GitLab is able to parse job output logs and search, via a customizable regex, any information created by tools like SimpleCov to get code coverage. Data is automatically available in the UI and also as a badge you can embed in any HTML page or publish using GitLab Pages.
Learn how to generate and show code coverage information in GitLab
Easily detect performance regressions for web apps and pages prior to merging into master. Browser Performance Testing is included in Auto DevOps, providing automatic performance analytics of the root page with zero configuration.
Documentation
Review Apps let a developer share their work in progress with their team or a broader audience quickly as they implement a change and request feedback. Being able to leave comments on the Merge Request from the Review app shortens the feedback cycle and creates a single source of truth to track change requests. This feature enables designers, Product Managers, and other stakeholders to comment on the changes to the look and feel / user experience of a change just as easily and quickly as developers working in the MR.
Documentation
Performing accessibility testing is important in order to ensure you’re serving all the users who use your products. In GitLab you can generate Accessibility reports automatically prior to merging into master.
Documentation
Ensure an orderly and efficient flow of changes in a pipeline to target branches by queueing up pipelines in parallel, each building off the merge result of the previous pipeline. Squash-and-Merge is also supported together with Merge Trains.
Documentation
A member of the parent project with appropriate permissions can run pipelines from a forked MR using the parent project’s pipeline configuration and runners. This adds another layer of security to verify that there’s no malicious activity in the forked MR that could affect the parent project.
Documentation
With GitLab CI/CD you can create a new environment for each one of your branches, speeding up your development process. Spin up dynamic environments for your merge requests with the ability to preview your branch in a live environment. Review Apps support both static and dynamic URLs.
Feature detailsCreate a consistent and dependable software supply chain with built-in package management.
GitLab’s Maven repository makes it easier to publish and share Java libraries across an organization, and ensure dependencies are managed correctly. It is fully integrated with GitLab, including authentication and authorization.
Documentation
GitLab’s NPM repository makes it easier to publish and share NPM packages across an organization, and ensure dependencies are managed correctly. It is fully integrated with GitLab, including authentication and authorization.
Documentation
This feature helps Go developers to publish and share their packages right alongside their source code and pipelines. This will also be a valuable feature for GitLab and help with dogfooding
Documentation
Easily debug your packages in any of your environments using the built-in GitLab Web Terminal. GitLab can open a terminal session directly from your environment if your application is deployed on Kubernetes. This is a very powerful feature where you can quickly debug issues without leaving the comfort of your web browser.
Documentation
Each version of a package is nested under its uniquely-named parent. Now you can easily find the package you are looking for in the UI and better understand what has changed from version to version.
Documentation
“GitLab supports a wide variety of languages in our Package Registry offering. However, you may want to store other binary types in GitLab that are not yet supported. GitLab supports raw package feeds (like you could do in Nexus) to a Generic Package Registry. Looking forward, this feature helps create the foundation for Release Assets and will ultimately make it easier for you to package and release your software with GitLab.”
Documentation
This planned feature will enable Ruby developers to setup GitLab as a remote RubyGems repository and to build, publish and share packages using the command line or GitLab CI/CD. This will also be a valuable feature for GitLab and help with dogfooding
Issue details
GitLab Container Registry is a secure and private registry for Docker images. It allows for easy upload and download of images from GitLab CI. It is fully integrated with Git repository management. (Codefresh will be ending their support for private docker registries as of May 1, 2020
Documentation
GitLab ships with its own Container Registry, Docker CI Runner, and is ready for a complete CI/CD container workflow. There is no need to install, configure, or maintain additional plugins.
Documentation
Easily debug your containers in any of your environments using the built-in GitLab Web Terminal. GitLab can open a terminal session directly from your environment if your application is deployed on Kubernetes. This is a very powerful feature where you can quickly debug issues without leaving the comfort of your web browser.
Documentation
Easily define, manage and update project-level policies to define which images should be removed and preserved. This feature is designed to help you reduce storage costs and prevent important images from being deleted.
Documentation
For many organizations, it is useful to have a caching proxy for frequently used upstream images/packages. In the case of CI/CD, the proxy is responsible for receiving a request and returning the upstream image from a registry, acting as a pull-through cache to speed up your pipelines. By keeping a copy of needed container layers locally, you can improve performance particularly for commonly used images, such as build environments.
Documentation
For organizations that rely on many open source dependencies, it is important to limit their exposure to open source security vulnerabilities. This can be done by establishing and enforcing policies to restrict which dependencies may be used, by having a central location to verify the integrity of dependencies and how they are being utilized.
Learn more about Dependency FirewallSecurity capabilities, integrated into your development lifecycle.
GitLab allows easily running Static Application Security Testing (SAST) in CI/CD pipelines; checking for vulnerable source code or well known security bugs in the libraries that are included by the application. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default.
Documentation
“Enabling SAST is now as simple as two clicks. This guided configuration experience makes it easier for non-CI experts to get started with GitLab SAST. The tool helps a user create a merge request to enable SAST scanning while leveraging best configuration practices like using the GitLab-managed SAST.gitlab-ci.yml template and properly overriding template settings.”
“GitLab SAST allows users to change the vulnerability detection defaults to tailor results to their organization’s preferences. SAST custom rulesets allow you to exclude rules and modify the behavior of existing rules.”
Documentation
GitLab allows you to perform Secret Detection in CI/CD pipelines; checking for unintentionally committed secrets and credentials. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default.
Documentation
“GitLab Secret Detection allows users to change the vulnerability detection defaults to tailor results to their organization’s preferences. Secret Detection now supports disabling existing rules and adding new regex patterns that allow the detection of any type of custom secret.”
Documentation
“Post-processing hooks for Secret Detection. These can be used to take actions like notifying the cloud service that issued the secret. Post-processing workflows vary by supported cloud providers.”
Documentation
Once your application is online, GitLab allows running Dynamic Application Security Testing (DAST) in CI/CD pipelines; your application will be scanned to ensure threats like XSS or broken authentication flaws are not affecting it. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default.
Documentation
There’s no reason to wait for the next CI pipeline run to find out if your site if vulnerable or to reproduce a previously found vulnerability. GitLab offers scanning your running application with On-demand Dynamic Application Security Testing (DAST), independent of code changes or merge requests.
Documentation
Enabling DAST is now as simple as three clicks. This guided configuration experience makes it easier for non-CI experts to get started with GitLab DAST. The tool helps a user create a merge request to enable DAST scanning while leveraging best configuration practices like using the GitLab-managed DAST.gitlab-ci.yml template.
GitLab Dynamic Application Security Testing supports scanning REST APIs. This allows for full DAST security coverage of an application, not just the UI. By supporting use of an OpenAPI specification as a guide for what URLs and REST endpoints need to be scanned, DAST helps secure an application’s entire attack surface and provides more insight into the potential vulnerabilities of any running application.
Documentation
Reuse configuration profiles quickly with on-demand DAST scans, instead of reconfiguring scans every time you need to run one. Mix different scan profiles with site profiles to quickly conduct scans that cover different areas or depths of your application and API.
Documentation
You can easily access the Dependency List (sometimes referred to as a Bill of Materials or BOM) from the left sidebar menu. The BOM indicates what components are included in your project, and often is requested by Security teams and Compliance teams.
Documentation
GitLab automatically detects well known security bugs in the libraries that are included by the application, protecting your application from vulnerabilities that affect dependencies that are used dynamically. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default.
Documentation
“Track and manage detected project vulnerabilities like you would an Issue. Link directly to a specific vulnerability occurrence’s page, create and link a remediation issue, and see vulnerability information persisted between security scans on the same branch.”
Documentation
“Security Dashboards report the latest security status of the default branch for each project. View, triage, and manage vulnerabilities at the Project, Group, or Instance level from a single view. Drill into individual vulnerability details or see high level trends and potential trouble spots.”
Documentation
GitLab’s vulnerability management is about ensuring assets and applications are scanned for vulnerabilities. It also includes the processes to record, manage, and mitigate those vulnerabilities.
Vulnerability management helps identify meaningful sets of vulnerabilities, in both your assets and application code, that can be mitigated, managed, and acted upon by your whole team—not just the security organization. It also provides a unified interface to the systems teams are already using for managing results from the ~”devops::secure” stage so there is always a single source of truth and single place for managing security results.
Learn more about Vulnerability Management
“All merge requests will show a helpful high level security scan summary of finding severities if there have been security scans run. This helps developers understand the risk of introduced vulnerabilities and helps users easily find secure job artifacts. Ultimate customers will continue to enjoy Vulnerability Management features across all our scan types.”
Read more about the Security Scan summaryGitLab's integrated CD solution allows you to ship code with zero-touch, be it on one or one thousand servers.
GitLab has built-in Continuous Integration/Continuous Delivery, for free, no need to install it separately. Use it to build, test, and deploy your website (GitLab Pages) or webapp. The job results are displayed on merge requests for easy access.
Feature details
When one pipeline serves as a parent of one of more child pipelines, it removes many of the challenges of complex pipeline creation. Performance can be improved because child pipelines can run concurrently based on trigger configurations in the parent pipeline. As an added bonus, decomposing a single, complex, pipeline into a parent pipeline with multiple children simplifies pipeline visualization and ultimately improves comprehension for the entire team.
It is also possible to dynamically generate the .gitlab-ci.yml for the child pipeline, making it easy to implement runtime behaviors in a clear way. GitLab includes a Jsonnet template as an example for how you can do this with a data templating language.
GitLab.com hosted runners allow you to use GitLab CI/CD completely free up to 400 build minutes for private projects and 50,000 minutes for public projects. Use your own runner for unlimited build minutes or special build environment requirements.
Explore GitLab.com offerings
GitLab CI/CD cloud native architecture can easily scale horizontally by adding new nodes if the workload increases. GitLab Runners can automatically spin up and down new containers to ensure pipelines are processed immediately and minimize costs.
Documentation
With multi-project pipeline graphs you can see how upstream and downstream pipelines are linked together for projects that are linked to others via triggers as part of a more complex design, as it is for micro-services architecture.
Documentation
GitLab Runner supports Linux operating systems on ARM architectures and can run jobs natively on this platform. You can automatically build, test, and deploy for Linux ARM based projects by leveraging shell scripts and command line tools.
Documentation
GitLab Runner supports FreeBSD and can run jobs natively on this platform. You can automatically build, test, and deploy for FreeBSD-based projects by leveraging shell scripts and command line tools.
Documentation
Deploy Boards offer a consolidated view of the current health and status of each CI/CD environment running on Kubernetes. The status of each pod of your latest deployment is displayed seamlessly within GitLab without the need to access Kubernetes.
Documentation
GitLab can allow you to deploy a new version of your app on Kubernetes starting with just a few pods, and then increase the percentage if everything is working fine. This can be configured to proceed per a schedule or to pause for input to proceed.
Documentation
GitLab Premium can monitor your Canary Deployments when
deploying your applications with Kubernetes. Canary Deployments can be configured directly through .gitlab-ci.yml, the API, or from the UI of the Deploy Boards.
The ability of running CI/CD pipelines on protected branches is checked against a set of security rules that defines if you’re allowed or not. It includes creating new pipelines, retrying jobs, and perform manual actions.
Documentation
Provide read-only access to specific repositories or container images to external infrastructures that need to access your data, for example to deploy applications on Kubernetes. This setting is available for project and group level.
Documentation
The DORA-4 metric, Lead time for changes, measures the time it takes for a merge request to be merged to production. You can access this metric via the CI/CD analytics dashboard or through the API on the project or the group level. Monitoring this metric helps you understand the efficiency of your deployments over time and find bottlenecks and improvement areas.
Documentation
Deployment frequency charts are visible at the project and the group level on the CI/CD Analytics page. You can use these charts to monitor the efficiency of your deployments over time, find bottlenecks, and make improvements when necessary.
Documentation
Specify the path of the .gitlab-ci.yml as an arbitrary URL to store CI configurations in a repository other than the one being built. This allows for processing hundreds of repos the same way by pointing all of them to the same external gitlab-ci.yml file, and gain efficiency by having only one CI configuration file to update for multiple repositories. Use cases where a service generates the configuration file dynamically would also benefit. The ability to host the .gitlab-ci.yml file in another project enables CI configurations access control in a scalable way as the owners of the project hosting the file could restrict write access to prevent changes by unauthorized users.
Documentation
Specify a job in your current project depends on the latest artifact produced by a job in another pipeline to easily set up cross-project pipelines that have artifact dependencies on each other.
Documentation
Encapsulate knowledge of deploying and rolling back into something more than a script, perhaps similar to a k8s operator. Something that knows how to handle failure. e.g. if you’re deploying 7 services and one fails, you can’t just stop, you probably have to rollback the 6 that succeeded, as well as the 7th that failed. (Now, depending on implementation, it still might be a script that triggers some kind of operator). GitLab can deploy and rollback, but only via scripts with limited error handling.
Blue/green deployment requires switching traffic from one set of servers to another. With GitLab today, you can manage of your load balancer via scripts, but it’s not built in as a first-class citizen.
Other CI systems show execution time for each single command run in CI jobs, not just the overall time. We’re reconsidering how job output logs are managed in order to add this feature as well.
Documentation
When adding a new custom domain, users must add an associated TXT record in order to verify they are the owner of the domain. That mechanism is used to prevent users from claiming domains they do not own.
Documentation
Choose an example project to fork and get started with GitLab Pages.
Watch a 3-min video tutorial on how to get started with GitLab Pages by forking a project
For those not interested in forking a project, GitLab Pages also offers templates for Gitbook, Hugo, Jekyll, Gatsby, and PlainHTML to start your Pages site from a template.
Watch a 2-minute video on getting your Pages site running with a GitLab template
GitLab can allow you to deploy a new version of your app on Kubernetes starting with just a few pods, and then increase the percentage if everything is working fine. This can be configured to proceed per a schedule or to pause for input to proceed.
Documentation
GitLab Premium can monitor your Canary Deployments when
deploying your applications with Kubernetes. Canary Deployments can be configured directly through .gitlab-ci.yml, the API, or from the UI of the Deploy Boards.
Canaries, blue/green deploys, and other simultaneous deployment concepts where an environment, like production, would have multiple deployments running at the same time. GitLab has this information, and can even show canary deployments in the deploy board, but in some other places only shows the most recent deployment.
Blue/green deployment requires switching traffic from one set of servers to another. With GitLab today, you can manage of your load balancer via scripts, but it’s not built in as a first-class citizen.
This feature gives you the ability to configure and manage feature flags for your software directly in the product. Simply create a new feature flag, validate it using the simple API instructions in your software, and you have the ability to control the behavior of your software via the feature flag within GitLab itself. Feature Flag strategies can be set per environment . GitLab Feature Flags includes an API for interacting with them.
Documentation
This feature gives you the ability to view all the feature flags configured in a project. You can toggle the flags on or off directly from this page, and view all the associated information for a flag. This includes the strategies linked to the flag, the number or percent of users affected, and the environments.
Documentation
You can select “Percent of Users” as a rollout strategy for your feature flags. This allows percentages to be set individually for each environment and each flag. When “Percent of Users” is configured and the flag is enabled, the feature will be shown to the configured percentage of logged-in users. This allows you to do controlled rollouts and monitor the behavior of the target environment to ensure the results are as expected.
Documentation
You can define the stickiness of the rollout strategy. This can be based on the session ID or user ID, or random (no stickiness). This gives you more control over the rollout and also opens the option for supporting stickiness for anonymous users.
Documentation
You can choose “User ID” as a rollout strategy for your feature flags. The User ID strategy allows you to specify a comma-separated list of User IDs and then toggle a feature flag only for the specified users. This can allow you to target testing features with specific cohorts or segments of your userbase.
Documentation
You can choose “User List” as a rollout strategy for your feature flags. User lists can be reused for multiple feature flags while allowing you to manage them in a single location. You can create Feature Flag user lists from the API, and edit or delete them from the API or UI.
Documentation
You can create a link from the issue that introduced the Feature Flag to the Feature Flag itself. That relationship is visible in the Feature Flag details. Feature Flags also support Markdown and can be referenced from any issue.
Documentation
GitLab’s Releases feature allow you to track deliverables in your project. Consider them a snapshot in time of the source, build output, and other metadata or artifacts associated with a released version of your code, and receive notifications when new releases are available for projects you track, including for guests of your project.
Documentation
The way many teams use GitLab, ourselves included, is to have a milestone for the release that everything tracks to. Some teams may also have more than one sprint that makes up a release. With GitLab you can associate a milestone (or more) to a release; this will populate the release page with issues and merge requests included in the release(s).
Documentation
You can create a release by associating it to a new or existing tag. This functionality is supported both in the UI and API. With this feature, users have more flexibility when planning releases and can associate tags to releases.
Documentation
Environments history allows you to see what is currently being deployed on your servers, and to access a detailed view for all the past deployments. From this list you can also re-deploy the current version, or even rollback an old stable one in case something went wrong.
Documentation
The DORA-4 metric, Lead time for changes, measures the time it takes for a merge request to be merged to production. You can access this metric via the CI/CD analytics dashboard or through the API on the project or the group level. Monitoring this metric helps you understand the efficiency of your deployments over time and find bottlenecks and improvement areas.
Documentation
Deployment frequency charts are visible at the project and the group level on the CI/CD Analytics page. You can use these charts to monitor the efficiency of your deployments over time, find bottlenecks, and make improvements when necessary.
Documentation
GitLab offers users the ultimate flexibility of setting up and configuring Environments via the API or UI. We also support Maintainer’s control of access to Protected Environments via API.
Documentation
Runbooks can contain a series of steps related to executing a successful release. Link these plans to the Release page in GitLab to coordinate activities across teams, inside and outside of GitLab.
Documentation
“GitLab supports creation of a release directly from the .gitlab-ci.yml via the release CLI. The name and description can be configured directly in the .gitlab-ci.yml or read from another file in the repository.”
Documentation
“GitLab supports a wide variety of languages in our Package Registry offering. However, you may want to store other binary types in GitLab that are not yet supported. GitLab supports raw package feeds (like you could do in Nexus) to a Generic Package Registry. Looking forward, this feature helps create the foundation for Release Assets and will ultimately make it easier for you to package and release your software with GitLab.”
Documentation
The GitLab Environments Dashboard provides a cross-project environment-based view that lets you see the big picture of what is going on in each environment. From a single location, you can now track the progress as changes flow from development to staging, and then to production (or through any series of custom environment flows you can set up). With an at-a-glance view of multiple projects, you can instantly see which pipelines are green and which are red, allowing you to diagnose if there is a block at a particular point, or if there’s a more systemic problem you need to investigate
Documentation
GitLab CI is capable of not only testing or building your projects, but also deploying them in your infrastructure, with the added benefit of giving you a way to track your deployments. Environments are like tags for your CI jobs, describing where code gets deployed.
Documentation
Developers and QA can deploy to their own environments on demand while production stays locked down. Build engineers and ops teams spend less time servicing deploy requests, and can gate what goes into production.
Documentation
GitLab offers users the ultimate flexibility of setting up and configuring Environments via the API or UI. We also support Maintainer’s control of access to Protected Environments via API.
DocumentationConfigure your applications and infrastructure.
The monitoring of servers, application, network and security devices via generated log files to identify errors and problems for analysis. GitLab makes it easy to view the logs of running pods in connected Kubernetes clusters. By displaying the logs directly in GitLab, developers can avoid having to manage console tools or jump to a different interface.
Documentation
Deploy Boards offer a consolidated view of the current health and status of each CI/CD environment running on Kubernetes. The status of each pod of your latest deployment is displayed seamlessly within GitLab without the need to access Kubernetes.
Documentation
GitLab Premium can monitor your Canary Deployments when
deploying your applications with Kubernetes. Canary Deployments can be configured directly through .gitlab-ci.yml, the API, or from the UI of the Deploy Boards.
Provides an overview of all the projects that are making use of the instance or group Kubernetes cluster, including the deployments/environments that have been provisioned and the numbers of pods used by each environment.
Documentation
Provide read-only access to specific repositories or container images to external infrastructures that need to access your data, for example to deploy applications on Kubernetes. This setting is available for project and group level.
Documentation
You can configure GitLab once at the instance level to use a specific object storage for all Terraform state files. This way you can start a new infrastructure project with minimal boilerplate. The state files are encrypted and versioned. GitLab provides you CI templates, UI and APIs to manage Terraform state files.
DocumentationHelp reduce the severity and frequency of incidents.
GitLab collects and displays performance metrics for deployed apps, leveraging Prometheus. Developers can determine the impact of a merge and keep an eye on their production systems, without leaving GitLab.
Documentation
Reviewing and analyzing a server for availability, operations, performance, security and other operations-related processes. Monitor servers system resources like CPU Usage, Memory Consumption, I/O, Network, Disk Usage, Process, etc. GitLab uses the Node Exporter (via Prometheus) to expose an extensive set of machine-level metrics on Linux and other Unix systems such as CPU usage, memory, disk utilization, filesystem fullness, and network bandwidth.
The monitoring of servers, application, network and security devices via generated log files to identify errors and problems for analysis. GitLab makes it easy to view the logs of running pods in connected Kubernetes clusters. By displaying the logs directly in GitLab, developers can avoid having to manage console tools or jump to a different interface.
Documentation
Tracing provides insight into the performance and health of a deployed application, tracking each function or microservice which handles a given request. This makes it easy to understand the end-to-end flow of a request, regardless of whether you are using a monolithic or distributed system.
DocumentationProtect your apps and infrastructure from security intrusions.
When building a Docker image for your application, GitLab can run a security scan to ensure it does not have any known vulnerability in the environment where your code is shipped. Results are then shown in the Merge Request and in the Pipeline view. This feature is available as part of Auto DevOps to provide security-by-default.
Documentation
“Add an extra layer of risk protection by requiring approval from your security team. Merge requests that would introduce a new Critical, High, or Unknown severity vulnerability can only merge when all such vulnerabilities are fixed or explicit approval is given. Security approvals can also trigger on software license compliance violations.”
Documentation
“With Container Host Monitoring, you can monitor running containers for malicious or unusual activity. This includes process starts, file changes, or opened network ports. You can also block or prevent these activities from occurring.”
Documentation
Cloud native network firewall provides container-level network micro segmentation which isolates container network communications to limit the “blast radius” of compromise to a specific container or microservice. A container-aware virtual firewall identifies valid traffic flows between app components in your cluster and limits damage by preventing attackers from moving through your environment when they have already compromised one part of it.
Documentation
GitLab Premium includes support for scaling GitLab services across multiple nodes to manage demands on your system and provide redundancy. GitLab has developed reference architectures so you can easily determine the optimal architecture for your needs.
Learn more about scaling GitLab
When development teams are spread across two or more geographical locations, but their GitLab instance is in a single location, fetching and cloning large repositories can take a long time. Built for distributed teams, GitLab Geo allows for read-only mirrors of your GitLab instance, reducing the time it takes to clone and fetch large repos and improving your collaboration process.
Learn more about GitLab Geo
Having Geo replicated server(s) can make local pulls go more quickly, but without support for Geolocation-aware DNS, developers need to reconfigure their tools manually to point to their nearest geo replicated server. Users using Geolocation-aware DNS can be transparently directed to the closest server available and can access repository data faster.
DocumentationTry the GitLab DevOps Platform for free for 30 days
Achieve higher productivity, faster and secure deployments
