GitLab.org/GitLab: Release v11.11.0-ee
Name: GitLab
Owner: GitLab.org
Release: GitLab 11.11
Released: 2020-04-03
License: MIT
Release Assets:
[OpenID Connect authentication support](https://docs.gitlab.com/ee/administration/auth/oidc) (SaaS only)
> [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html)
> is an identity layer built on OAuth 2.0, designed specifically for
> authentication. Thanks to a community contribution, GitLab now supports
> sign-in with an OpenID Connect provider.
>
> Thank you, [Horatiu Eugen Vlad](https://gitlab.com/hvlad), for the
> contribution!
[Add-on CI Runner minutes have been extended to Free plans](https://docs.gitlab.com/ee/administration/settings/continuous_integration.html#extra-shared-runners-pipeline-minutes-quota) (SaaS only)
> Last month we added the ability to purchase add-on CI Runner minutes, but
> only to paid plans on GitLab.com. In this iteration, we have extended this
> feature to Free plans on GitLab.com as well.
[Auto-save epic descriptions to local storage](https://docs.gitlab.com/ee/user/group/epics/)
> Epic descriptions have not been saved to local storage, often leading to
> changes being lost if they aren't actively saved while editing an epic
> issue description. In GitLab 11.11, we are now saving epic descriptions to
> local storage. This means you can easily pick back up the work of editing
> an epic description in the event of an error, distraction, or accidental
> browser exit.
[Recently created or modified filters for epics API](https://docs.gitlab.com/ee/api/epics.html#list-epics-for-a-group)
> Querying recently created or modified data has been difficult using the
> GitLab epics API. In 11.11, we are adding additional filters `created_after`,
> `created_before`, `updated_after`, and `updated_before` to ensure consistency
> with the issues API and easily find epics that were modified or created
> recently.
[Full dynamic scans are now an option for DAST](https://docs.gitlab.com/ee/user/application_security/dast/#full-scan)
> With GitLab you can perform Dynamic Application Security Tests (DAST) as part of
> your CI pipeline. Starting in this release, you can now specify to use a full
> dynamic scan instead of the standard passive one. Using the full dynamic scan
> provides protection against a greater number of vulnerabilities.
[API endpoint for vulnerability information](https://docs.gitlab.com/ee/api/vulnerabilities.html)
> You can now query the GitLab API to return all of the vulnerabilities
> identified within a project. With this API, you can generate machine-readable lists
> of vulnerabilities filtered by type, confidence, and severity.
[Dismissal details on security dashboard](https://docs.gitlab.com/ee/user/application_security/security_dashboard/)
> In GitLab Security Dashboards, security administrators can review
> dismissed vulnerabilities. In order to make their workflow more streamlined,
> we've added the ability to see the details of any dismissal directly
> in the Security Dashboard.
[SAML SSO now enforced on web access](https://docs.gitlab.com/ee/user/group/saml_sso/)
> We're building on the [SSO enforcement](https://gitlab.com/gitlab-org/gitlab-ee/issues/5291)
> on the group level introduced in 11.8 with a persistent check on group and
> project resources, only allowing access if the user has signed in with
> SAML. This provides an extra layer of access control for security-conscious
> organizations on GitLab.com using SAML SSO; now, you can enforce SSO with
> the knowledge that the users of your group are using SSO.
[Multiple Assignees for Merge Requests](https://docs.gitlab.com/ee/user/project/merge_requests/#multiple-assignees-starter)
> It is not uncommon for multiple people to collaborate on a feature in a
> shared branch and merge request, such as the close collaboration of
> frontend and backend engineers, or in teams where engineers always work
> in pairs like in Extreme Programming.
>
> In GitLab 11.11, merge requests allow multiple assignees so that all
> people who are responsible for the change can be assigned to merge request.
> As with multiple assignees for issues, lists, filtering and notifications, and the API, all support
> multiple assignees for merge requests.
[Pull mirroring support for Git LFS](https://docs.gitlab.com/ee/user/project/repository/repository_mirroring.html#pulling-from-a-remote-repository-starter)
> Repository pull mirroring allows you to replicate Git repositories from
> one location to another. This makes it easy to keep a replica of a
> repository hosted elsewhere on your GitLab server. GitLab now supports
> pull mirroring repositories which use Git LFS, so that you can mirror
> repositories with large files, like textures for game development or
> scientific data sets.
[Caching Dependency Proxy for Container Registry](https://docs.gitlab.com/ee/user/packages/dependency_proxy/index.html) (self-managed only)
> Lots of teams are using containers as part of their build pipelines, and
> having a caching proxy for frequently used upstream images/packages is a
> good way to speed up your pipelines. By keeping a copy of needed layers
> locally using the new caching proxy, you can improve execution performance
> for commonly used images in your environment.
>
> For this initial iteration, the container proxy is only available for
> self-managed instances using the [Puma (experimental)](https://docs.gitlab.com/omnibus/settings/puma.html)
> web server.
[Issues from alerts now opened as GitLab Alert Bot user](https://docs.gitlab.com/ee/user/project/integrations/prometheus.html#taking-action-on-incidents-ultimate)
> Issues that are opened from alerts will now be authored by the *GitLab Alert Bot*,
> providing clear indication that the incident was created automatically
> from an important alert.
[Create custom metric charts from the dashboard view](https://docs.gitlab.com/ee/user/project/integrations/prometheus.html#adding-additional-metrics-premium)
> Create new charts for custom performance metrics directly from the
> toolbar of your metrics dashboard. Users can now create, update, and
> delete metric visualizations within the dashboard view by clicking on the **Add Metric**
> button in the upper right-hand corner of the dashboard toolbar.
[Instance-level Kubernetes cluster configuration](https://docs.gitlab.com/ee/user/instance/clusters/) (self-managed only)
> As the Kubernetes security and provisioning model evolves, it is now
> possible to serve a large number of tenants via a single shared cluster.
>
> With GitLab 11.11, self-managed users are now able to provision a cluster at the
> instance level, enabling all groups and projects in the instance to make use of it for
> its deployments. The GitLab Kubernetes integration will automatically create project-specific
> resources for added security.
[Deployment notifications for Slack and Mattermost](https://docs.gitlab.com/ee/user/project/integrations/project_services.html)
> Deployment events can now be automatically shared in your team's channel through our
> [Slack](https://docs.gitlab.com/ee/user/project/integrations/slack.html) and
> [Mattermost](https://docs.gitlab.com/ee/user/project/integrations/mattermost.html)
> chat integrations, helping bring visibility to these important activities that your
> teams need to be aware of.
[Guest access to Releases](https://docs.gitlab.com/ee/user/permissions.html#releases-permissions)
> It is now possible for guest users of your projects to view releases
> that you have published on the Releases page. They will be able to download your
> published artifacts, but are not allowed to download the source code nor
> see repository information such as tags and commits.
[Access deployment details through Environments API](https://docs.gitlab.com/ee/api/environments.html#get-a-specific-environment)
> We have added the ability to request information on a specific environment
> to the Environments API, making it easier now to ask, "Which commit is deployed
> to my environment right now?" This will make automation and reporting easier
> for users of GitLab's environments feature.
[Create a file directly from an environment variable](https://docs.gitlab.com/ee/ci/variables/#variable-types)
> One common use of environment variables is to create a file, particularly for
> secrets that should be protected and only available on a certain environment's
> pipeline. You would do this by setting the variable content to the file content,
> then create a file in your job that contains the value. Using our new `file` type
> environment variable, you can do this in one step without having to modify your
> `.gitlab-ci.yml`.
[Repository read-write scope for personal access tokens](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html#limiting-scopes-of-a-personal-access-token)
> Many personal access tokens rely on `api` level scoping for programmatic
> changes, but full API access may be too permissive for some users or
> organizations.
>
> Thanks to a community contribution, personal access tokens can now be
> scoped to only read and write to project repositories – preventing deeper
> API access to sensitive areas of GitLab like settings and membership.
>
> Thanks to [Horatiu Eugen Vlad](https://gitlab.com/hvlad) for the
> contribution!
[Sign in with Salesforce user credentials](https://docs.gitlab.com/ee/integration/salesforce.html)
> GitLab loves Salesforce developers, and an important step in supporting
> this community is allowing users to log into GitLab with their credentials
> from Salesforce.com. Now, instances can configure GitLab as a Salesforce-connected
> app and use Salesforce.com to sign into GitLab with a single click.
[Sign in with UltraAuth biometric authentication](https://docs.gitlab.com/ee/integration/ultra_auth.html)
> [UltraAuth](https://ultraauth.com/) is a company specializing in passwordless,
> biometric authentication. We're excited to support their authentication
> strategy in GitLab!
>
> Thanks to [Kartikey Tanna](https://gitlab.com/tannakartikey) for the
> contribution!
[GitLab Runner 11.11](https://docs.gitlab.com/runner)
> We're also releasing GitLab Runner 11.11 today! GitLab Runner is the open source project
> that is used to run your CI/CD jobs and send the results back to GitLab.
>
> * [Fix `git lfs` not getting submodule objects](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/1298)
> * [Optimize trace handling for big traces](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/1292)
> * [Allow to configure Feature flags using config.toml](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/1321)
> * [Allow to use FF to configure `/builds` folder](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/1319)
> * [Add PowerShell support for Docker Executor](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/1243)
> * [Support windows docker volumes configuration](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/1269)
[Omnibus improvements](https://docs.gitlab.com/omnibus/) (self-managed only)
> The following improvements have been made to Omnibus in GitLab 11.11:
>
> - GitLab 11.11 includes [Mattermost 5.10](https://mattermost.com/blog/mattermost-5-10-single-sign-on-for-mobile-richer-integrations-and-more/), an [open source Slack-alternative](https://mattermost.com/) whose newest release includes interactive ephemeral messages and much more. This version also includes [security updates](https://mattermost.com/security-updates/) and upgrade from earlier versions is recommended.
> - [Grafana has been bumped to `1.1.0` to pick up the latest Omnibus dashboards](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3241).
> - [PostreSQL 10 is now bundled with Omnibus](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3142).
> - [Sentry client-side DSN to be passed to `gitlab.yml`](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3249/diffs).
> - [Update RubyGems to `2.7.9`](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3082).
> - [Update `liblzma` to `5.2.4` from `5.2.2`](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3197).
> - [Update `libtool` to `2.4.6`](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3210).
> - [Ensure postresql is started after `pg-upgrade` command](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3205).
> - [Update Prometheus components to the latest versions](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3182).
> - [Update `git` to `2.21.0`](https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3220).
[Chart improvements](https://docs.gitlab.com/charts/) (self-managed only)
> The following improvements have been made to Helm Charts in GitLab 11.11:
>
> - GitLab 11.11 includes the ability to [attach a volume for tmp/work directory storage](https://gitlab.com/charts/gitlab/issues/705)
> - [Additional configuration options](https://gitlab.com/charts/gitlab/merge_requests/776) are now available to administrators including `memoryKiller`, `maxRss`, `graceTime`, and `shutdownWait`.
> - Helm charts are now [continuously tested](https://gitlab.com/charts/gitlab/issues/1132) on Amazon's Elastic Container Service for Kubernetes ([EKS](https://aws.amazon.com/eks/))
[Performance improvements](https://gitlab.com/groups/gitlab-org/merge_requests?scope=all&utf8=%E2%9C%93&state=merged&label_name%5B%5D=performance&milestone_title=11.11)
> We continue to improve the performance of GitLab with every release
> for GitLab instances of every size. Some of the improvements in GitLab
> 11.11 are:
>
> - [Speed up users autocomplete when many avatar paths are in the response](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27866)
> - [Reduce Sidekiq payload when removing todos](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27825)
> - [Compute GraphQL resolver complexity based on items](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/11575)
> - [Improve performance of the global search for issuables](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27817)
> - [Impove the performance of expanding full diff](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27413)
> - [Ensure that we only request blobs in one batch](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27625)
> - [Avoid loading Wiki Pages content when listed](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22801)
> - [Don't create a temp reference for branch comparisons within project](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24038)
[View time tracking in sidebar of board view](https://docs.gitlab.com/ee/user/project/time_tracking.html)
> Issue sidebars should be consistent in both board and issue views.
> GitLab is moving towards this consistency by introducing time tracking
> into the issue sidebar view while on an issue board. Simply navigate to
> an issue board, click on an issue to pull up the sidebar, and easily
> view time tracking information.
[More details for related merge requests](https://docs.gitlab.com/ee/user/project/merge_requests/)
> When viewing an issue, it can be helpful to see other related issues, epics,
> and merge requests in order to gain as much contextual knowledge as possible.
> In GitLab 11.11, we are introducing more elements into the related merge
> request table, including status, path, ID, title, pipeline status, and
> assignees.
[Add basic support for group GraphQL queries](https://docs.gitlab.com/ee/api/graphql/#available-queries)
> GraphQL APIs allows users to request exactly the data they need, making it
> possible to get all required data in a limited number of requests. In this
> release, GitLab is now supporting basic group information support in the
> GraphQL API.
[Serialized commit graphs to improve performance](https://git-scm.com/docs/commit-graph)
> Many common Git operations require walking the commit graph, like
> computing merge bases, or listing the branches that contain a commit.
> These operations become slower as the number of commits grows because
> those walks require each object to be loaded from disk to read its
> pointers.
>
> In GitLab 11.11, we have enabled the serialized commit-graph feature,
> which was introduced in recent Git releases, to compute and store
> this information in advance – significantly improving the speed of these
> traversals for large repositories. The commit graph will automatically
> be generated next time garbage collection is run on your repository.
>
> You can learn more about how the serialized commit-graph was built in a
> [series of blog posts](https://devblogs.microsoft.com/devops/supercharging-the-git-commit-graph/)
> written by the feature's contributor.
[Download archives of directories within a repository](https://docs.gitlab.com/ee/user/project/repository/#download-source-code)
> Depending on the type of project and its size, downloading an archive
> of the entire project may be slow or unhelpful – particularly in
> the case of large monorepos. In GitLab 11.11, you can now download an archive of the
> contents of the current directory, including subdirectories, so that
> you download only the files you need.
>
> Thank you, [Kia Mei Somabes](https://gitlab.com/kiameisomabes), for the
> contribution!
[Applying a suggestion now automatically resolves the discussion](https://docs.gitlab.com/ee/user/discussions/#suggest-changes)
> Suggested changes make it easier to collaborate on merge requests –
> no more copy/pasting to accept a suggested change. In GitLab 11.11, we
> are making it even easier by automatically marking the discussion as
> resolved when the suggestion is applied.
[Windows Container Executor for GitLab Runner](https://docs.gitlab.com/runner/executors/docker.html#using-windows-containers)
> In GitLab 11.11 we are pleased to add a new executor to the GitLab Runner for
> using Docker containers on Windows. Previously, using the shell executor to
> orchestrate Docker commands was the primary approach for Windows, but with this
> update you are now able to use Docker containers on Windows directly, in much
> the same way as if they were on Linux hosts. This opens up the door for more
> advanced kinds of pipeline orchestration and management for our users of
> Microsoft platforms.
>
> Included with this update is improved support for PowerShell throughout
> GitLab CI/CD, as well as new helper images for various versions of Windows
> containers. Please note that your own Windows runners can be used with GitLab.com,
> but are not currently available as part of the shared public fleet.
[Negative variable matching for pipeline rules](https://docs.gitlab.com/ee/ci/variables/#supported-syntax)
> You are now able to test for negative equality or pattern matches (`!=` and `!~`)
> in your `.gitlab-ci.yml` when checking the values of environment variables,
> giving more flexibility to control the behavior of your pipelines.
[Run all manual jobs for a stage in one click](https://docs.gitlab.com/ee/ci/pipelines/index.html#add-manual-interaction-to-your-pipeline)
> With GitLab 11.11, users who rely on stages with many manual jobs can now
> easily run *all* of the manual jobs in a given stage by using the **Play all**
> button located to the right of the stage name in the pipeline views.
[Install Prometheus on Group-level clusters](https://docs.gitlab.com/ee/user/group/clusters/#installing-applications)
> In this release, GitLab provided the ability to attach a Kubernetes
> cluster to an entire group. We've also added the ability to install a single
> Prometheus instance to that cluster, making monitoring of all the projects within
> that cluster easier.