GitLab 16.10 released with semantic versioning in the CI/CD catalog

8 months ago 51
News Banner

Looking for an Interim or Fractional CTO to support your business?

Read more

Today, we are excited to announce the release of GitLab 16.10 with semantic versioning coming to the CI/CD catalog, wiki templates, the possibility to offload CI traffic to geo secondaries, new ClickHouse integration for high-performance DevOps analytics, and much more!

These are just a few highlights from the 90+ improvements in this release. Read on to check out all of the great updates below.

To the wider GitLab community, thank you for the 170+ contributions you provided to GitLab 16.10! At GitLab, everyone can contribute and we couldn't have done it without you!

To preview what's coming in next month’s release, check out our Upcoming Releases page, which includes our 16.11 release kickoff video.

GitLab MVP badge

MVP This month's Most Valuable Person (MVP) is jointly awarded to Lennard Sprong and Marco Zille

Lennard Sprong previously won the GitLab MVP award in 15.4 and was also nominated in 16.9. He continues to provide contributions to GitLab Workflow for VS Code, merging 8 contributions in the past two months. Some of his past contributions include the ability to watch the trace of running CI jobs, view downstream pipelines, and compare images in merge requests. Lennard is also actively involved in issues inside the gitlab-vscode-extension project.

Erran Carey, Staff Fullstack Engineer at GitLab, nominated Lennard and noted that “Lennard resolved an issue viewing pipelines affecting GitLab Community Edition users. He pointed impacted users to the existing workaround before creating a merge request to address the issue.”

Tomas Vik, Staff Fullstack Engineer at GitLab, additionally supported Lennard and highlighted a contribution to add support for image diff that allows people to view image changes during merge request review.

Marco Zille also wins his second GitLab MVP award, previously winning in 15.3. Marco was recognized not only for code contributions this release, but also for ongoing efforts supporting GitLab’s wider community of contributors, running community pairing sessions, collaborating with GitLab team members, and reviewing merge requests.

Marco added the ability to cancel a pipeline immediately after one job fails. The feature is enabled and available on GitLab.com but still behind a feature flag for self-hosted instances. It will be made available for everyone in 16.11.

Allison Browne, Senior Backend Engineer at GitLab, nominated Marco for picking up this long standing and highly requested feature request in pipeline execution. Fabio Pitino, Principal Engineer at GitLab, added that “Marco not only implemented the fix but also was instrumental to the design of the feature, bringing use cases and discussing them with customers interested in the feature.”

Peter Leitzen additionally supported Marco’s nomination by highlighting how Marco helped to review and then finish a fix for loading the stack trace from Sentry.

We are so grateful for the continued support from Lennard and Marco to improve GitLab and support our open source community! 🙌

16.10 Key improvements released in GitLab 16.10

Semantic versioning in the CI/CD catalog

Semantic versioning in the CI/CD catalog

To enforce consistent behavior across published components, in GitLab 16.10 we will enforce Semantic versioning for components that are published to the CI/CD catalog. When publishing a component, the tag must follow the 3-digit semantic versioning standard (for example 1.0.0).

When using a component with the include: component syntax, you should use the published semantic version. Using ~latest continues to be supported, but it will always return the latest published version, so you must use it with caution as it could include breaking changes. Shorthand syntax is not supported, but it will be in an upcoming milestone.

Semantic versioning in the CI/CD catalog

GitLab Duo access governance control

GitLab Duo access governance control

Generative AI is revolutionizing work processes, and you can now facilitate the adoption of these technologies without compromising privacy, compliance, or intellectual property (IP) protections.

You can now disable GitLab Duo AI features for a project, a group, or an instance by using the API. You can then enable GitLab Duo for specific projects or groups when you’re ready. These changes are part of a suite of expected work to make AI features more granular to control.

GitLab Duo access governance control

Wiki templates

Wiki templates

This version of GitLab introduces all-new templates to the Wiki. Now, you can create templates to streamline creating new pages or modifying existing ones. Templates are wiki pages that are stored in the templates directory in the wiki repository.

With this enhancement, you can make your wiki page layouts more consistent, create or restructure pages faster, and ensure that information is presented clearly and coherently in your knowledge base.

Wiki templates

New ClickHouse integration for high-performance DevOps Analytics

New ClickHouse integration for high-performance DevOps Analytics

The Contribution Analytics report is now more performant and backed by an advanced analytics database using ClickHouse on GitLab.com. This upgrade set the foundation for new extensive analytics and reporting features, allowing us to deliver high-performance analytics aggregations, filtering, and slicing across multiple dimensions. Support for self-managed customers to be able to add to this capability is proposed in issue 441626.

Although ClickHouse enhances GitLab’s analytics capabilities, it’s not meant to replace PostgreSQL or Redis, and the existing capabilities remain unchanged.

New ClickHouse integration for high-performance DevOps Analytics

GitLab Pages and Advanced Search available on GitLab Dedicated

GitLab Pages and Advanced Search available on GitLab Dedicated

GitLab Pages and Advanced Search have been enabled for all GitLab Dedicated instances. These features are included in your GitLab Dedicated subscription.

Advanced Search enables faster, more efficient search across your entire GitLab Dedicated instance. All capabilities of Advanced Search can be used with GitLab Dedicated instances.

With GitLab Pages, you can publish static websites directly from a repository in GitLab Dedicated. Some capabilities of Pages are not yet available for GitLab Dedicated instances.

GitLab Pages and Advanced Search available on GitLab Dedicated

Offload CI traffic to Geo secondaries

Offload CI traffic to Geo secondaries

You can now offload CI runner traffic to Geo secondary sites. Locate runner fleets where they are more convenient and economical to operate and manage, while reducing cross-region traffic. Distribute the load across multiple secondary Geo sites. Reduce load on the primary site, reserving resources for serving developer traffic. After this setup, the developer experience is transparent and seamless. Developer workflows for the setup and configuration of jobs remain unchanged.

Offload CI traffic to Geo secondaries

16.10 Other improvements in GitLab 16.10

Custom payload template for webhooks

Custom payload template for webhooks

Previously, GitLab webhooks could send only specific JSON payloads, which meant the receiving endpoints had to understand the webhook format. To use those webhooks, you had to either use an app to specifically support GitLab or write your own endpoint.

With this release, you can set a custom payload template in the webhook configuration. The request body is rendered from the template with the data for the current event.

Thanks to Niklas for this community contribution!

Add an issue to the current or next iteration with a quick action

Add an issue to the current or next iteration with a quick action

The /iteration quick action now accepts a cadence reference with --current or --next arguments. If your group has a single iteration cadence, you can quickly assign an issue to the current or next iteration by using /iteration --current|next. If your group contains many iteration cadences, you can specify the desired cadence in the quick action by referencing the cadence name or ID. For example, /iteration [cadence:"<cadence name>"|<cadence ID>] --next|current.

New contributor count metric in the Value Streams Dashboard

New contributor count metric in the Value Streams Dashboard

To enable software leaders to gain insights into the relationship between team velocity, software stability, security exposures, and team productivity, we introduced a new Contributor count metric in the Value Streams Dashboard. The contributor count represents the number of monthly unique users with contributions in the group. This metric is designed to track adoption trends over time, and is based on contributions calendar events.

The Contributor count metric is available only on GitLab.com, and requires the contribution analytics report to be configured to run through ClickHouse. Issue 441626 tracks efforts to make this feature available to self-managed customers as well.

New contributor count metric in the Value Streams Dashboard

Automatically collapse generated files in merge requests

Automatically collapse generated files in merge requests

Merge requests can contain changes from users and automated processes or compilers. Files like package-lock.json, Gopkg.lock, and minified js and css files increase the number of files shown in a merge request review, and distract reviewers from the human-generated changes. Merge requests now display these files collapsed by default, to help:

  • Focus reviewer attention on important changes, but enable a full review if desired.
  • Reduce the amount of data needed to load the merge request, which might help larger merge requests perform better.

For examples of the file types that are collapsed by default, see the documentation. To collapse more files and file types in the merge request, specify them as gitlab-generated in your project’s .gitattributes file.

You can leave feedback on this change in issue 438727.

Automatically collapse generated files in merge requests

GitLab Runner 16.10

GitLab Runner 16.10

We’re also releasing GitLab Runner 16.10 today! GitLab Runner is the lightweight, highly-scalable agent that runs your CI/CD jobs and sends the results back to a GitLab instance. GitLab Runner works in conjunction with GitLab CI/CD, the open-source continuous integration service included with GitLab.

Bug fixes:

The list of all changes is in the GitLab Runner CHANGELOG.

Improved environment details page

Improved environment details page

The environment details page is improved in GitLab 16.10. When you select an environment from the environment list, you can review up-to-date information about your deployments and connected Kubernetes clusters, all in one convenient layout.

Improved environment details page

Continuous Vulnerability Scanning available by default for Container Scanning

Continuous Vulnerability Scanning available by default for Container Scanning

Continuous Vulnerability Scanning for Container Scanning is now available by default. The default availability removes the need to opt into this functionality through a feature flag. To learn more about the benefits of Continuous Vulnerability Scanning, see the documentation link.

DAST analyzer performance updates

DAST analyzer performance updates

During the 16.10 release milestone, proxy-based DAST was:

  • Upgraded ZAP to version 2.14.0. For more information, see issue 442056.

We also completed the following browser-based DAST crawler performance improvements:

  • Limit the number of goroutines created when crawling. For more information, see issue 440151.
  • Optimize finding elements to interact with. This reduced scan time by 6%. For more information, see issue 440295.
  • Optimize JSON unmarshalling of DevTools messages. This reduced scan time by 7%. For more information, see issue 439726.

Audit event scope attribute

Audit event scope attribute

Audit events now include a scope attribute that indicates if the event is associated with an entire instance, a group, a project, or a user.

This new attribute helps users determine where an event originated in audit event payloads. It also allows our audit event type documentation to list all available scopes for an audit event type.

You can use this new attribute to parse through external streaming destinations or to better understand context around events.

Custom names for service accounts

Custom names for service accounts

You can now customize a service account’s username and display name. Previously, these were auto-generated by GitLab. With a custom name, it is easier to understand the purpose of the service account, and distinguish it from other accounts in the user list.

New permissions for custom roles

New permissions for custom roles

To create custom roles, you can now choose two new permissions:

  • Manage CI/CD Variables
  • Ability to delete a group

With the release of these custom permissions, you can reduce the number of Owners needed in a group by creating a custom role with these Owner-equivalent permissions. Custom roles let you define granular roles that give a user only the permissions they need to do their job, and reduce unnecessary privilege escalation.

Sign-in page improvements

Sign-in page improvements

The GitLab sign-in page has been refreshed with improvements that fix spacing issues, broken elements, and alignment. There is also additional support for dark mode, and a button to manage cookie preferences. The combination of these improvements gives a fresh look and improved functionality on the sign-in page.

Use merge base pipeline for merge request approval policy comparison

Use merge base pipeline for merge request approval policy comparison

This enhancement aligns the logic of the merge request approval policy evaluation with the security MR widget, ensuring that findings that violate a merge request approval policy align with the results displayed in the widget. By aligning the logic, security, compliance, and development teams can more consistently identify which findings violate a policy and require approval. Rather than comparing to the target branch’s latest completed HEAD pipeline, scan result policies now compare to a common ancestor’s latest completed pipeline, the “merge base”.

GitLab chart improvements

GitLab chart improvements

In GitLab 16.10, we’ve removed support for installing GitLab on Kubernetes 1.24 and older. Kubernetes maintenance support of Kubernetes 1.24 ended in July 2023.

GitLab 16.10 includes support for installing GitLab on Kubernetes 1.27. For more information, see our new Kubernetes version support policy. Our goal is to support newer versions of Kubernetes closer to their official release.

Blocked users are excluded from the followers list

Blocked users are excluded from the followers list

Previously, when a user who followed you was blocked, they still appeared in the followers list of your User Profile. From GitLab 16.10, blocked users are hidden from the followers list. If the user is unblocked, they will reappear in the followers list.

Thank you @SethFalco for this community contribution!

Filter members by Enterprise users with GraphQL API

Filter members by Enterprise users with GraphQL API

With the GraphQL API you can now filter group members by Enterprise users.

Threaded notifications supported in Google Chat

Threaded notifications supported in Google Chat

Previously, notifications sent from GitLab to a space in Google Chat could not be created as replies to specified threads. With this release, threaded notifications are enabled by default in Google Chat for the same GitLab object (for example, an issue or merge request).

Thanks to Robbie Demuth for this community contribution!

Inherited filters in Value Stream Analytics for seamless and accurate workflow analysis

Inherited filters in Value Stream Analytics for seamless and accurate workflow analysis

Value stream analytics now applies the same filters when drilling down from the Lead time tile to the Issue Analytics report. The filter inheritance helps you dive deeper and seamlessly into data as you switch between analytics views.

Inherited filters in Value Stream Analytics for seamless and accurate workflow analysis

Support domain-level redirects for GitLab Pages

Support domain-level redirects for GitLab Pages

Previously, GitLab focused on supporting simple redirect rules. In GitLab 14.3, we introduced support for splat and placeholder redirects.

From GitLab 16.10, GitLab Pages supports domain-level redirects. You can combine domain-level redirects with splat rules to dynamically rewrite the URL path. This improvement helps prevent confusion and ensure that you can still find your information after a domain change, even if you use an old domain.

Expanded checks in merge widget

Expanded checks in merge widget

The merge widget explains clearly if your merge request is not mergeable, and why. Previously, only one merge blocker was displayed at a time. This increased review cycles and forced you to resolve problems individually, without knowing if more blockers remained.

When you view a merge request, the merge widget now gives you a comprehensive view of problems, both remaining and resolved. Now you can understand at a glance if multiple blockers exist, fix them all in a single iteration, and increase your confidence that no hidden blockers have been missed.

Expanded checks in merge widget

List repository tags with the new container registry API

List repository tags with the new container registry API

Previously, the container registry relied on the Docker/OCI listing image tags registry API to display tags in GitLab. This API had significant performance and discoverability limitations.

This API performed slowly because the number of network requests against the registry scaled with the number of tags in the tags list. In addition, because the API didn’t track publish time, the published timestamp was often incorrect. There were also limitations when displaying images based on Docker manifest lists or OCI indexes, such as for multi-architecture images.

To address these limitations, we introduced a new registry list repository tags API. In GitLab 16.10, we’ve completed the migration to the new API. Now, whether you use the UI or the REST API, you can expect improved performance, accurate publication timestamps, and robust support for multi-architecture images.

This improvement is available only on GitLab.com. Self-managed support is blocked until the next-generation container registry is generally available. To learn more, see issue 423459.

Manually refresh the dashboard for Kubernetes

Manually refresh the dashboard for Kubernetes

GitLab 16.10 adds a dedicated refresh feature to the dashboard for Kubernetes. Now you can manually fetch Kubernetes resource data, and ensure you have access to the most recent information about your clusters.

Create Service Desk tickets from the UI and API

Create Service Desk tickets from the UI and API

Now you can create Service Desk tickets from the UI and the API using the /convert_to_ticket [email protected] quick action on a regular issue.

Create a regular issue and add a comment with the /convert_to_ticket [email protected] quick action. The provided email address becomes the external author of the ticket. GitLab doesn’t send the default thank you email. You can add a public comment on the ticket to let the external participant know that the ticket has been created.

Adding a Service Desk ticket using the API follows the same concept: Create an issue using the Issues API and use the issue_iid to add a note with the quick action using the Notes API.

Improved Dependency Scanning support for sbt

Improved Dependency Scanning support for sbt

We have updated the mechanism we use to generate the list of dependencies for projects using sbt. This change is only applicable to projects using sbt version 1.7.2 and later. To fully leverage Dependency Scanning for sbt projects, you should upgrade to sbt version 1.7.2 and later.

Audit event for assigning a custom role

Audit event for assigning a custom role

GitLab now records an audit event when a user is assigned a different role, regardless of whether that role is a default role or a custom role. This event is important to identify if user permissions have been added or changed in case of privilege escalation.

Improved error message for authentication rate limit

Improved error message for authentication rate limit

When authenticating with GitLab, it is possible to hit the authentication attempt rate limit, such as when using a script. Previously, if you hit the authentication rate limit, a 403 Forbidden message was returned, which did not explain why you are getting this error. We now return a more descriptive error message which tells you that you’ve hit the authentication rate limit.

Scan result policies are now “Merge request approval policies”

Scan result policies are now “Merge request approval policies”

As we’ve expanded capabilities of the policy type to support overriding project settings and enforce approval requirements, we’ve updated the policy name to the more apt “merge request approval policy”.

Merge request approval policies do not replace or conflict with existing merge request approval rules. Instead they provide Ultimate tier customers the ability to create global enforcement across projects through policies managed by central security and compliance teams - an increasingly challenging task for large-scale organizations.

Smart card support for Active Directory LDAP

Smart card support for Active Directory LDAP

Smart card authentication against an LDAP server now supports Entra ID (formerly known as Azure Active Directory). This makes it easy to sync user identity data from Entra ID, and authenticate against LDAP with smart cards.

Webhooks support mutual TLS

Webhooks support mutual TLS

You can now configure webhooks to support mutual TLS. This configuration establishes the authenticity of the webhook source and enhances security. You configure the client certificate in PEM format, which is presented to the server during the TLS handshake. You can also protect the certificate with a PEM passphrase.

Omnibus improvements

Omnibus improvements

Gitlab 16.10 introduces a new major version of Patroni, version 3.0.1. This version upgrade will require downtime. For more information and instructions, see the 16.10 section of our GitLab 16 changes page.

GitLab 16.10 also includes a new version of Alertmanager, namely version 0.27. Most notably, this version includes the removal of API v1. For more information on this release, see the Alertmanager changelog.

GitLab 16.10 also includes Mattermost 9.5. Mattermost 9.5 includes various security updates and the deprecation of support for MySQL 5.7. Users on this version of MySQL must update.

Filter groups by visibility in the REST API

Filter groups by visibility in the REST API

You can now filter groups by visibility in the Groups API. You can use filtering to focus on groups with a specific visibility level, making it easier to audit GitLab implementations.

Thank you @imskr for this community contribution!

Updated project deletion functionality

Updated project deletion functionality

Now it’s easier to identify deleted projects in project lists. From GitLab 16.10, deleted projects display a Pending deletion badge next to the project title on the project overview page. An alert message clarifies that deleted projects are read-only. This message is visible on all project pages to ensure that this context is not lost even when working on sub-pages of the deleted project.

Updated project deletion functionality

Bug fixes, performance improvements, and usability improvements

Bug fixes, performance improvements, and usability improvements

At GitLab, we’re dedicated to providing the best possible experience for our users. With every release, we work tirelessly to fix bugs, improve performance, and enhance usability. Whether you’re one of the over 1 million users on GitLab.com or using our platform elsewhere, we’re committed to making sure your time with us is smooth and seamless.

Click the links below to see all the bug fixes, performance enhancements, and usability improvements we’ve delivered in 16.10.

Deprecations Deprecations

New deprecations and the complete list of all features that are currently deprecated can be viewed in the GitLab documentation. To be notified of upcoming breaking changes, subscribe to our Breaking Changes RSS feed.

  • `Gitlab['omnibus_gitconfig']` configuration item is deprecated
  • Behavior change for protected variables and multi-project pipelines
  • Duplicate storages in Gitaly configuration
  • Hosted Runners on Linux operating system upgrade
  • List container registry repository tags API endpoint pagination
  • Min concurrency and max concurrency in Sidekiq options
  • Removals and breaking changes Removals and breaking changes

    The complete list of all removed features can be viewed in the GitLab documentation. To be notified of upcoming breaking changes, subscribe to our Breaking Changes RSS feed.

    Important notes on upgrading to GitLab Important notes on upgrading to GitLab 16.10

    Gitlab 16.10 introduces a new major version of Patroni, version 3.0.1. This version upgrade will require downtime.

    For more information and instructions, see the 16.10 section of our GitLab 16 changes page.


    Read Entire Article