今月は、生産性を向上させるためのパイプライン管理と使いやすさの改善、さらに高いレベルで DevOps を実装するのに役立つセキュリティ更新と分析を紹介できることを嬉しく思います。これらは、このリリースでの 44 の改善点のうちのほんの一部です。
支配されるまでセキュリティを管理する
実稼働環境を安全に保つために、オンデマンド DAST スキャンをすべての Ultimate プラン ユーザーに公開しています。スキャンの手動起動により、CI/CD パイプライン (GitLab「アセンブリ ライン」のロシア語版) の外部にある構成済みの環境、つまりコードの変更やマージ リクエストなしで、既にデプロイされているアプリケーションまたは API をチェックできます。 (GitLab のロシア語ローカライズでは、「マージのリクエスト」)。
SAST Semgrep JavaScript, TypeScript Python . Semgrep , GitLab SAST. , GitLab Semgrep. @proletarius101 .ipa
(iOS) .apk
(Android), Xcode Android-.
— GitLab , . - JavaScript , DAST, , -. GitLab Ultimate - . .
CI/CD, , include:
, .gitlab-ci.yml
. , . , ; , .
DevOps
(Value Stream Analytics) , , . 13.12 , . « » (Days to Completion) , .
@leetickett , -. , .
!
GitLab. 13.12:
, ! , , 14.0.
MVP — Lee Tickett
Lee - GraphQL API: - - GraphQL.
, Lee!
GitLab 13.12
DAST-
(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Secure
, DAST (Dynamic Application Security Testing, ) ! , API . 13.11 DAST- , URL-, - API. , 13.9, , , 13.10! , GitLab.
DAST- .
GitLab CI/CD
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify
CI/CD- GitLab , CI/CD. , GitLab, . , .
YAML
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify
includes:
CI/CD .gitlab-ci.yml
, . . , . *
includes:
. includes:
, . , GitLab.
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify
CI/CD-, . .
needs
, , . , , .
13.12 , - needs:
. , , . needs:
.
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify
GitLab end-to-end , Selenium, . , , , . , - , , .
- . , , .
-
(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Verify
, . -, - IDE. .
- , . GitLab, — .
CI/CD
(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Release
DORA4 GitLab . , , , . , , .
GitLab 13.12
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Manage
, . , , , . , , .
(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Manage
(Value Stream Analytics) . , production. , - .
, , . .
(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Manage
20 . .
, , . , , Code, .
(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Manage
, , , . , , .
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify
, . , , .
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Package
GitLab . .
, , . GitLab 13.12 , .
GitLab API > (Settings > Packages & Registries) GitLab. . !
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure
GitLab . , , GitLab , CI. - , , , SAST.gitlab-ci.yml
template GitLab. .gitlab-ci.yml
, , GitLab CI, , GitLab CI.
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure
GitLab 13.5 (SAST) Android iOS. SAST Xcode Android. @proletarius101 GitLab SAST .ipa (iOS) .apk (Android), . GitLab SAST. , , CI . , , .
SAST .
Semgrep — SAST JavaScript, TypeScript Python
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure
GitLab 13.11 Semgrep — SAST JavaScript, TypeScript Python. [ ]https://habr.com/ru/post/557168/#gitlab--semgrep-obnovlyaem-sast-i-zakladyvaem-osnovu-na-buduschee) r2c, , Semgrep — . -, , Semgrep.
13.12 CI SAST.gitlab-ci.yml
JavaScript TypeScript — ESlint. ESLint, Semgrep. , . SAST.gitlab-ci.yml
, , Semgrep, , CI SAST, CI.
GitLab, r2c , . Semgrep , . , .
SAST .
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release
— , . .
GitLab Pages
(self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release
GitLab Pages ZIP- 14.0, 13.11. . , . GitLab 13.12 . . , .
ZIP- .
release:
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release
GitLab 13.2 release:
release-cli. release:
, .gitlab-ci.yml
.
GitLab
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Configure
, GitLab GitLab 13.9 GitLab 14.0, 22 . , , .
GitLab .
(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Monitor
. , GitLab, . , .
Geo PostgreSQL (-)
(self-managed: PREMIUM, ULTIMATE)
Patroni — PostgreSQL, PostgreSQL Geo. , , . , .
Geo - PostgreSQL Patroni. Patroni, , .
Patroni .
Geo Terraform
(self-managed: PREMIUM, ULTIMATE)
Geo Terraform. , . Geo , .
Geo, .
(FLoC)
(self-managed: FREE, PREMIUM, ULTIMATE)
(FLoC) — -, cookie . . FLoC Chrome .
GitLab 13.12 FLoC GitLab. FLoC, .
FLoC .
(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Manage
(self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Manage
, . , .
, , , , - . , , , - GitLab.
(SaaS: PREMIUM, ULTIMATE; self-managed: PREMIUM, ULTIMATE) DevOps: Manage
« » , , . , , .
, .
« » .
-
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Plan
, -, "/spend", , . -. , , (Time tracking report) , , -. @leetickett !
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify
GitLab , - . , .
, , .
'workflow:rules' CI/CD
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Verify
rules
, . 13.8, variables
rules
, . workflow: rules
, , . .
CI/CD .
API
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Package
GitLab . , Maven npm. CI, . , , .
GitLab 13.12 GitLab . . .
GitLab 13.12 API , , . CI . , .
(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Secure
GitLab , . Secure, . API . GitLab . (SAST, DAST), .
. (, SAST), GitLab, . .
DAST (-)
(SaaS: ULTIMATE; self-managed: ULTIMATE) DevOps: Secure
, 13.12 - . -, DAST, . JavaScript , . - JavaScript, , JavaScript. .
. , , . DAST .
. 327394 @derekferguson
. DAST .
DAST .
SAST
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Secure
SAST ( ) GitLab , GitLab . , 13.12. , .
- MobSF 3.4.3: -, .
- nodejs-scan 0.2.6: -, .
- GitLeaks 7.5.0: -, .
- pmd-apex 6.34.0: -, .
- Spotbugs 4.2.3: -, .
GitLab SAST (SAST.gitlab-ci.yml), , . , CI, CI.
SAST .
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release
13.12 API , , , — . REST API. Devin Christensen !
API .
CI- Pages: Gatsby
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Release
Gatsby « ». . , . Takuya Noguchi , GitLab, Gatsby, .
Elastic Stack
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Configure
, Gitlab, Elastic Stack , GitLab. , Elastic Stack , GitLab.
Elastic Stack GitLab. , , GitLab.
API
(SaaS: FREE, PREMIUM, ULTIMATE; self-managed: FREE, PREMIUM, ULTIMATE) DevOps: Monitor
. GitLab API. GitLab 13.12 issue_type
REST API GitLab type
GraphQL API GitLab. API , issue_type
incident
(REST API) type
INCIDENT
(GraphQL API).
Geo LFS
(self-managed: PREMIUM, ULTIMATE)
Geo LFS, Geo LFS. 200 . LFS ( ). Geo, , Geo.
Geo .
Geo
(self-managed: PREMIUM, ULTIMATE)
Geo PostgreSQL . Geo . Geo PostgreSQL Geo. , , , PostgreSQL, .
Elasticsearch
(self-managed: PREMIUM, ULTIMATE)
Elasticsearch GitLab Elasticsearch, URL- http(s)://<username>:<password>@<elastic_host>:<elastic_port>/
. GitLab. , , , , GitLab .
このリリースでは、Elasticsearch のユーザー名とパスワードに個別の入力フィールドを提供し、ユーザーがその文字をプレーン テキストとして表示しないようにパスワードを非表示にします。
Elasticsearch 構成のドキュメントと元のチケット。
完全なリリース テキストと更新/インストール手順は、元の英語の投稿で見つけることができます: GitLab 13.12 release with On-Demand DAST and Deployment Frequency Chart
。
英語からの翻訳に取り組みました キャットダーデン、 マリアーキー、 あいのねこ そして リシャバント...