These are just a few highlights from the 35+ improvements in this release. Read on to check out all of the great updates below.
We thank the wider GitLab community for the 85+ contributions they provided to GitLab 15.8! At GitLab, everyone can contribute and we couldn't have done it without you!
To preview what's coming in next month’s release, check out our Upcoming Releases page, which includes our 15.9 release kickoff video.
Patrick is a consistent contributor to GitLab Terraform Provider - contributing 2-3 releases every milestone. He not only contributes code, but also triages and reviews issues in the provider and contributes to dependencies. He also helps out in the GitLab community: with community hours, and also in Discord.
We are so appreciative of all that Patrick does, both in our codebase and for our wider community. There is no doubt that much of the success of the Terraform Provider can be attributed to him. Thank you, Patrick!
You can now configure projects to block merge request merges unless all external status checks pass. This allows you to confidently
rely on external systems as part of your GitLab workflows and ensure that all required steps are completed before the code is merged.
When configured, users can only merge merge requests if external status checks pass and the green checkmark is displayed on the merge request. If an
external status check is pending or failed, merging the merge request is blocked.
This feature is available to self-managed users, but is not enabled by default. You can enable this feature in Gitlab 15.5 and later with the only_allow_merge_if_all_status_checks_passedfeature flag. This feature is now enabled by default in GitLab 15.8 for SaaS users and will be enabled by default in GitLab 15.9 for self-managed users.
We are excited to announce the availability of migrating GitLab projects by direct transfer Beta. Now, you can migrate group and project resources together when using direct transfer. You can use direct transfers to migrate between GitLab instances or
within the same GitLab instance.
You don’t need to manually export each project to a file and then import all those export files to a new location. Now all projects
within a top-level group are migrated automatically, making your work more efficient.
When migrating from self-managed GitLab to GitLab.com, user associations (such as comment author) are not changed to the user who is importing the
projects. Migration using direct transfer maps users and their contributions correctly, provided
a few conditions are met.
This feature is available on GitLab.com. You can migrate from a self-managed GitLab to GitLab.com
right now!
To enable it on GitLab self-managed instances, see the linked documentation.
Learn more about migrating GitLab projects by direct transfer Beta and what’s coming next in our recent blog post.
Previously, when SAML SSO was enabled, groups could choose to enforce SSO which required all members to use SSO
authentication to access the group. However, some groups want the security of SSO enforcement for employees or
group members, while still allowing outside collaborators or contractors to access their groups without SSO.
Now, groups with SAML SSO enabled have SSO automatically enforced for all members
who have a SAML identity. A member has a SAML identity if one or both of the following are true:
They signed in to GitLab using their GitLab group’s single sign-on URL.
They were provisioned by SCIM.
Users without SAML identities are not required to use SSO unless SSO enforcement is explicitly enabled.
To ensure smooth operation of the selective SSO enforcement feature, please ensure your SAML configuration is
working properly before selecting the Enable SAML authentication for this group checkbox.
A key input in GitLab Runner fleet optimization is having deep insights into queue performance over time. While today there are historical queue duration metrics available for each job on a runner in the Admin Area view, there is no simple mechanism to determine the current queue performance for runners.
With the new estimated queue time feature, you are now able to, at a glance, determine the median estimated wait time for all instance runners. This data will enable you to proactively identify potential CI job execution issues for your organization’s developers and provide insights to inform decisions on configuration or resource changes to optimize your runner fleet.
Previously, GitLab validated personal access tokens only after migrations had started. This meant group migrations by direct transfer
could fail mid-migration because the personal access token didn’t have sufficient scope or was no longer valid.
Now we perform an early check and return an informative error when the scope is not sufficient or the token has expired. This avoids starting
migrations that will definitely fail.
Previously, access requests to a project appeared only in the Access requests tab in the Project members section. Now, access requests also appear in the project owner’s To-Do List. As a project owner, having access requests added directly to your To-Do List can help you manage your tasks more efficiently and add members quicker.
When a personal access token expires, you are sent an email notification. Previously, this email told you that the token expired, but did not provide the token name. This email now provides the token name, so you can identify which token expired.
Previously when migrating a GitLab group with direct transfer to GitLab.com, you had to migrate its projects as well.
Now you have the option to not include projects when migrating groups. This option is available in the UI and the API and you can choose
this option for each group separately or for all selected groups at once. The default is to a migrate group with its projects.
As part of group migration by direct transfer with project migration (in Beta), we have added a
new application setting so that
GitLab self-managed administrators can more easily enable this feature. Previously, administrators had to use feature flags to enable this feature.
This new setting must be enabled on both the source and target instances. Remember to also enable the bulk_import_projects feature flag if you
want to migrate projects with your groups.
We’re also releasing GitLab Runner 15.8 today! GitLab Runner is the lightweight, highly-scalable agent that runs your CI/CD jobs and sends the results back to a GitLab instance. GitLab Runner works in conjunction with GitLab CI/CD, the open-source continuous integration service included with GitLab.
With this release, when you create an issue, you can set the issue type to an incident on creation with the /promote_to_incident quick action.
Create an issue template and include this quick action in the description, and you will no longer have to manually select the issue type from the dropdown.
GitLab SAST uses proprietary technology to identify likely false positive results that open-source scanners return.
We’ve added Go support in addition to existing support for Ruby.
Previously, access requests to a group appeared only in the Access requests tab in the Group members section. Now, access requests also appear in the group owner’s To-Do List. As a group owner, having access requests added directly to your To-Do List can help you manage your tasks more efficiently and add members quicker.
Gists with more than 10 files are skipped and must be manually copied over.
If any gists were skipped or did not import for any other reason, you receive an email with the list of gists that could not be imported and reason for the import failure.
GitLab has historically relied on system fonts, like San Francisco on macOS and Segoe UI on Microsoft Windows, for text in the user interface (UI). There are, however, limitations to using these, as each system font renders differently, and there are variations that can impact your experience with GitLab.
In the recent GitLab rebranding, we selected Inter as the primary typeface, and we’ve adapted it for use in the GitLab UI by enabling disambiguation features (increased distinction between some characters) by default. Because of this change, we’re including it under the name GitLab Sans in the open source package of GitLab.
We’ve also chosen JetBrains Mono for our code editors and any UI requiring monospaced text. You can read more about the design process for this font in the blog post and leave feedback here.
When importing projects from GitHub to GitLab, the GitLab Allowed to push branch protection rule is set if the following conditions are met in the GitHub project:
The Require a pull request before merging setting is set.
The Allow specified actors to bypass required pull requests setting lists some users.
If the group you are importing your project to:
Has at least a Premium license, GitLab users populate the list of users that are allowed to push.
Doesn’t have at least a Premium license, the list of users that are allowed to push is limited to roles.
Newly created user profiles can now be made private by default. This instance-wide setting helps to comply with local data privacy laws and individual company agreements, for example with a works council. Users can still change the visibility of their profile page from the profile settings, and GitLab administrators can override this setting to make new profiles public.
GitLab now records audit events when an environment is set to protected and when it is unprotected. A protected environment is typically used for high-risk deployments, so it’s important to have an audit trail for when protection is removed or added.
In this release, we’ve added a Syntax options link to the search page to help you with complex queries. The drawer content provides syntax options for Advanced Search and serves as a quick reference for you when typing a query.
GitLab Static Analysis includes many security analyzers that the GitLab Static Analysis team actively manages, maintains, and updates. The following analyzer updates were published during the 15.8 release milestone. These updates bring additional coverage, bug fixes, and improvements.
CodeClimate-based analyzer updated to version 0.89.0. See CHANGELOG for further details.
This version also adds support for setting DOCKER_CONFIG as an alternative to CI_REGISTRY_USERNAME and CI_REGISTRY_PASSWORD variables, thanks to a community contribution from @bitcasso.
KICS-based analyzer updated to version 1.6.6. See CHANGELOG for further details. This version improves existing rules.
Kubesec-based analyzer updated to automatically fetch Helm dependencies in Helm projects. See CHANGELOG for further details.
NodeJSScan-based analyzer updated to improve error logging. See CHANGELOG for further details.
Semgrep-based analyzer updated to version 1.3.0. See CHANGELOG for further details.
SpotBugs-based analyzer updated to fix an error where invalid line numbers could prevent vulnerabilities from being reported. See CHANGELOG for further details.
If you include the GitLab-managed SAST template (SAST.gitlab-ci.yml), you don’t need to do anything to receive these updates. However, if you override or customize your own CI/CD template, you need to update your CI/CD configurations.
To remain on a specific version of any analyzer, you can pin to a minor version of an analyzer. Pinning to a previous version prevents you from receiving automatic analyzer updates and requires you to manually bump your analyzer version in your CI/CD template.
Bug fixes, performance improvements, and UI improvements
At GitLab, we’re dedicated to providing the best possible experience for our users. With every release, we work tirelessly to fix bugs, improve performance, and enhance UI. Whether you’re one of the over 1 million users on GitLab.com or using our platform elsewhere, we’re committed to making sure your time with us is smooth and seamless.
Click the links below to see all the bug fixes, performance enhancements, and UI improvements we’ve delivered in 15.8.
We want to hear from you
Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum.
Share your feedback