GitLab has announced the release of GitLab 16.8 with GCP Secret Manager support, the ability to speed up your builds with the Maven dependency proxy, general availability of Workspaces, new organization-level DevOps view with DORA-based industry benchmarks and much more!
These are just a few highlights from the 25+ improvements in this release. Details of the main improvements are shown below:
GCP Secret Manager support
Secrets stored in GCP Secret Manager can now be easily retrieved and used in CI/CD jobs. Our new integration simplifies the process of interacting with GCP Secret Manager through GitLab CI/CD, helping you streamline your build and deploy processes! This is just one of the many ways GitLab and Google Cloud are better together!
Speed Up Your Builds with the Maven dependency proxy
A typical software project relies on a variety of dependencies, which we call packages. Packages can be internally built and maintained or sourced from a public repository. Based on our user research, we’ve learned that most projects use a 50/50 mix of public and private packages. Package installation order is very important, as using an incorrect package version can introduce breaking changes and security vulnerabilities into your pipelines.
Now you can add one external Java repository to your GitLab project. After adding it, when you install a package using the dependency proxy, GitLab first checks for the package in the project. If it’s not found, GitLab then attempts to pull the package from the external repository.
When a package is pulled from the external repository, it’s imported into the GitLab project. The next time that particular package is pulled, it’s pulled from GitLab and not the external repository. Even if the external repository is having connectivity issues and the package is present in the dependency proxy, pulling the package still works, making your pipelines faster and more reliable.
If the package changes in the external repository (for example, a user deletes a version and publishes a new one with different files) the dependency proxy detects it. It invalidates the package, so GitLab pulls the newer one. This ensures the correct packages are downloaded and helps reduce security vulnerabilities.
Workspaces are now generally available
We’re thrilled to share that workspaces are now generally available and ready to improve your developer efficiency! By creating secure, on-demand remote development environments, you can reduce the time you spend managing dependencies and onboarding new developers and focus on delivering value faster. With our platform-agnostic approach, you can use your existing cloud infrastructure to host your workspaces and keep your data private and secure.
Since their introduction in GitLab 16.0, workspaces have received improvements to error handling and reconciliation, support for private projects and SSH connections, additional configuration options, and a new administrator interface. These improvements mean that workspaces are now more flexible, more resilient, and more easily managed at scale.
New organization-level DevOps view with DORA-based industry benchmarks
We added a new DORA Performers score panel to the Value Streams Dashboard to visualize the status of the organization’s DevOps performance across different projects. This new visualization displays a breakdown of the DORA score (high, medium, or low) so that executives can understand the organization’s DevOps health top to bottom.
The four DORA metrics are available out-of-the-box in GitLab, and now with the new DORA scores organizations can compare their DevOps performance against industry benchmarks or peers. This benchmarking helps executives understand where they stand in relation to others, and identify best practices or areas where they might be lagging behind.
Check Out The New TalkDev Podcast. For more such updates follow us on Google News TalkDev News.