2016-07-22-gitlab-8-10-released.html.md 18.6 KB
Newer Older
1
---
Job van der Voort's avatar
Job van der Voort committed
2
title: "GitLab 8.10 released with Wildcard Branch Protection and Manual Actions for CI"
3
categories: releases
Job van der Voort's avatar
Job van der Voort committed
4 5 6
author: Job van der Voort
author_twitter: Jobvo
image_title: /images/8_10/bg.jpg
7
date: 2016-07-22 17:00
Marcia Ramos's avatar
Marcia Ramos committed
8
twitter_image: '/images/tweets/gitlab-8-10-released.png'
9 10
---

11 12 13 14
GitLab enables you to go faster from idea to production.
With every GitLab release we want to improve this and with 8.10,
GitLab is _yet again_ faster than ever.

15

Job van der Voort's avatar
Job van der Voort committed
16 17
With GitLab 8.10, reviewing code and making sure it gets merged
is easier and snappier than ever with many improvements to diffs and protected
18 19
branches. And when it's time to deploy, you can now do a manual check before
deploying with a single click, with manual actions.
Job van der Voort's avatar
Job van der Voort committed
20

William Chia's avatar
William Chia committed
21
This month's Most Valuable Person ([MVP](/community/mvp/)) is
22
Winnie! Winnie has been incredibly helpful [fixing bugs][winnie-wins] in GitLab and even
Job van der Voort's avatar
Job van der Voort committed
23
triaging issues on GitLab.com.
Job van der Voort's avatar
Job van der Voort committed
24
Thanks ***Winnie***!
25

26 27
[winnie-wins]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests?author_id=14714&scope=all&sort=id_desc&state=merged

28 29
<!--more-->

Job van der Voort's avatar
Job van der Voort committed
30 31
## Wildcard Branch Protection

Job van der Voort's avatar
Job van der Voort committed
32
To make sure your branches don't get deleted or accidentally pushed to,
Job van der Voort's avatar
Job van der Voort committed
33 34 35
[you can protect them][protected-branches]. This even allows you to prevent
people with lower permission levels to push or merge to these branches,
which is very convenient for production and release branches.
Job van der Voort's avatar
Job van der Voort committed
36 37

With Gitlab 8.10 you can now protect any branch automatically, based on a
Job van der Voort's avatar
Job van der Voort committed
38 39 40
wildcard. This makes it much easier to protect a large amount of branches.

![Wildcard Branch Protection in GitLab 8.10](/images/8_10/wc1.png)
Job van der Voort's avatar
Job van der Voort committed
41 42 43 44 45

For example, if you protect `release-*`, any branch whose name starts
with `release-` automatically becomes protected. At GitLab we use this feature
to automatically protect all our stable releases by protecting `*-stable`.

Job van der Voort's avatar
Job van der Voort committed
46 47
![Wildcard Branch Protection in GitLab 8.10](/images/8_10/wc2.png)

48
[protected-branches]: http://docs.gitlab.com/ee/user/project/protected_branches.html
Job van der Voort's avatar
Job van der Voort committed
49

Job van der Voort's avatar
Job van der Voort committed
50 51
## Merge into Protected Branches

Job van der Voort's avatar
Job van der Voort committed
52
Using protected branches is a great way to ensure only the right people
53
can push to important branches. By default, only `Master` permission and higher
Job van der Voort's avatar
Job van der Voort committed
54 55
is able to push or merge anything into a protected branch.

56
Previously, we added the ability to allow `Developer` users to also push to
Job van der Voort's avatar
Job van der Voort committed
57
these branches. With GitLab 8.10 you can now disallow pushing, yet explicitly
58
allow merges by `Developer` users.
Job van der Voort's avatar
Job van der Voort committed
59

Job van der Voort's avatar
Job van der Voort committed
60 61
![Allow developers to merge to protected branches in GitLab 8.10](/images/8_10/dev_merge.png)

62
**Concretely this means that `Developer` users can merge a merge request but not
Job van der Voort's avatar
Job van der Voort committed
63 64
directly push**. So your branches are protected from direct pushes, yet developers
don't need elevated permissions or wait for someone with a higher permission to
65 66
press merge (this is only possible to the web interface,
not from the command line).
Job van der Voort's avatar
Job van der Voort committed
67 68 69 70

Combine this feature with approvals (EE only) to enforce code review by multiple
people, while still giving developers the power to merge at their discretion.

71
> [See our documentation on protected branches](http://docs.gitlab.com/ee/user/project/protected_branches.html)
72

Job van der Voort's avatar
Job van der Voort committed
73 74 75 76 77 78 79
## Improved Diffs

Whether you create or review code and content, you are spending a lot of time
looking at diffs, so they should work really well. With GitLab 8.10 diffs will
render faster and have even learned a few new tricks.

### Better Side-by-Side Diffs
Job van der Voort's avatar
Job van der Voort committed
80

Job van der Voort's avatar
Job van der Voort committed
81 82 83 84 85
We've improved side-by-side diffs so that they now accurately show you the
changes side-by-side.

![Better side-by-side diffs in GitLab 8.10](/images/8_10/side1.png)

Job van der Voort's avatar
Job van der Voort committed
86
### Inline Diffs
Job van der Voort's avatar
Job van der Voort committed
87

Job van der Voort's avatar
Job van der Voort committed
88 89 90 91 92
When you have specific inline changes, we'll now show the exact changes that
were made, rather than just the entire line:

![Inline diffs in GitLab 8.10](/images/8_10/inline1.png)

Job van der Voort's avatar
Job van der Voort committed
93 94 95 96
### Collapsable Diffs

Diffs can now be collapsed by clicking on the filename, allowing you
to review file-by-file.
97

98 99
![Collapsable diffs in GitLab 8.10](/images/8_10/cdiff.png)

100
Very large diffs ([> 10kb][10kb]) will automatically be collapsed and can be expanded on
Job van der Voort's avatar
Job van der Voort committed
101 102
demand. This should go a long way into improving working with large diffs with
many files.
103

104 105
[10kb]: https://gitlab.com/gitlab-org/gitlab_git/merge_requests/101#note_13100125

Job van der Voort's avatar
Job van der Voort committed
106
## Manual Actions to Trigger Pipeline Jobs
107

Job van der Voort's avatar
Job van der Voort committed
108
You've already got your
109
[CI/CD pipeline](http://docs.gitlab.com/ee/ci/pipelines.html) configured to
Job van der Voort's avatar
Job van der Voort committed
110 111
continuously deploy changes, right? Well maybe you're not ready to have it
automatically deploy to production. You might automatically deploy to staging,
Job van der Voort's avatar
Job van der Voort committed
112 113 114
but you want to do manual QA before deploying to production.

Now you can define
Job van der Voort's avatar
Job van der Voort committed
115 116 117 118
how to deploy to production and using `when: manual`, a new action will appear
in the web UI so that you or your release manager can trigger that part of the
pipeline manually. You can define any kind of job in your pipeline to be
performed at a later time, when a user chooses.
119 120 121

![Manual Actions with Pipelines in GitLab 8.10](/images/8_10/ci_manual1.png)

Job van der Voort's avatar
Job van der Voort committed
122 123
The actions also show up in the environments, making it easy to promote from
staging to production:
124 125 126

![Manual Actions with Pipelines in GitLab 8.10](/images/8_10/ci_manual2.png)

127 128
> [Read our docs on getting started with GitLab CI](http://docs.gitlab.com/ee/ci/quick_start/README.html)
> [Documentation on Environments and Deployments in GitLab CI](http://docs.gitlab.com/ee/ci/environments.html)
129

Job van der Voort's avatar
Job van der Voort committed
130 131
## Blockquote Fence Syntax

132 133 134 135 136 137 138 139 140 141 142 143 144 145
If you want to quote multiple lines in markdown, you no longer have to
prepend every sentence with `>`, rather you can use the new fence syntax
in GitLab:

```
>>>
This will all become a quote.

Independent of the amount of line breaks.

Yay!
>>>
```

146
> [Read how to use GitLab Flavored Markdown](http://docs.gitlab.com/ee/markdown/markdown.html#gitlab-flavored-markdown-gfm)
147

Job van der Voort's avatar
Job van der Voort committed
148 149
## Multiple Repository Mount Points

150 151 152 153 154 155 156 157 158 159
You now have the option to distribute storage load over multiple mount points.
Simply define the alternative mount points in your `gitlab.rb` file:

```
git_data_dirs({
  "default" => "/var/opt/gitlab/git-data",
  "alternative" => "/mnt/nas/git-data"
})
```

160
In the GitLab admin area you are able to configure under which mount point
161 162
new repositories will be stored.

163
> [Read the documentation on multiple mount points](http://docs.gitlab.com/ee/administration/repository_storages.html)
164

Job van der Voort's avatar
Job van der Voort committed
165
## Bulk Subscribe to Issues
Job van der Voort's avatar
Job van der Voort committed
166

167 168 169 170 171 172
You can now bulk subscribe and unsubscribe to issues, making it easier to start
following new activity in a project you just joined or to quiet some of the
email noise.

![Bulk subscribe to issues in GitLab 8.10](/images/8_10/bulk_sub.gif)

Job van der Voort's avatar
Job van der Voort committed
173 174 175 176 177 178 179 180 181
## Custom Notification Level for Groups

In GitLab 8.9 [we added a custom notification to projects][custom-not], allowing
you to only get notified on what's important to you.

With GitLab 8.10 you can now also set this on a group level, setting this for
all projects except the project that you have overridden with other notification
settings.

Matija Čupić's avatar
Matija Čupić committed
182
[custom-not]: /2016/06/22/gitlab-8-9-released/#custom-notification-level
Job van der Voort's avatar
Job van der Voort committed
183

184 185 186 187 188 189 190 191 192 193
## Ticket-based Kerberos authentication (Enterprise Edition)

Before GitLab 8.10 users had to submit their Kerberos username and password on the GitLab sign-in page to authenticate with Kerberos. In GitLab 8.10 Enterprise Edition it is possible for Kerberos users to sign in with one click without ever submitting their password to GitLab, via the new 'Kerberos Spnego' button on the sign-in page.

We have added an OmniAuth provider for Kerberos SPNEGO authentication which reuses code originally [contributed by CERN in GitLab 7.14](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/6) that enabled ticket-based 'git clone'. If the web browser of the user 'understands' Kerberos and the user has a valid Kerberos ticket on their local machine then the browser can negotiate access to GitLab during sign-in without ever asking the user for a password.

Read the [Kerberos documentation](http://docs.gitlab.com/ee/integration/kerberos.html) to learn how to enable ticket-based Kerberos integration on your GitLab Enterprise Edition server. We will remove support for password-based Kerberos sign-ins in a future release so if you are currently using GitLab with password-based Kerberos sign-ins we recommend that you switch to ticket-based sign-ins.

## Syntax Highlighting

Job van der Voort's avatar
Job van der Voort committed
194
Syntax highlighting has been massively improved with GitLab 8.10.
195
We've updated [rouge] from 1.11.1 to 2.0.5 and in doing that have added
Job van der Voort's avatar
Job van der Voort committed
196 197 198
[new lexers and bugfixes][changelog-rouge]. That means syntax highlighting
for Docker, F#, IDL, and improved highlighting for praat,
JavaScript, Java, C#, Shell, Liquid, Tulip, Markdown, Ruby, Python and YAML!
Job van der Voort's avatar
Job van der Voort committed
199 200

You can now also override language guessing with a `.gitattributes` entry.
201 202

> [See the documentation for details][override-docs].
Job van der Voort's avatar
Job van der Voort committed
203 204

[changelog-rouge]: https://github.com/jneen/rouge/blob/master/CHANGELOG.md
205
[override-docs]: http://docs.gitlab.com/ee/user/project/highlighting.html
206
[rouge]: https://github.com/jneen/rouge
207

Job van der Voort's avatar
Job van der Voort committed
208 209 210
## Disable Access Request

[The ability to request access to a project][access-request] can now be disabled
211 212 213
for a group or project.

By default it's turned on.
Job van der Voort's avatar
Job van der Voort committed
214

Matija Čupić's avatar
Matija Čupić committed
215
[access-request]: /2016/06/22/gitlab-8-9-released/#request-access-to-a-project
Job van der Voort's avatar
Job van der Voort committed
216 217 218 219 220 221 222 223 224 225 226 227

## Better Slack integration

GitLab can notify you on Slack when certain events happen.
For instance, when someone posts a comment, when a merge request is created
or when a build fails.

We've improved the Slack service so you can configure per event to which
Slack channel GitLab should report.

![Improved Slack integration with GitLab 8.10](/images/8_10/slack.png)

228
> [Read how to set up the Slack service in GitLab](http://docs.gitlab.com/ee/project_services/slack.html)
Job van der Voort's avatar
Job van der Voort committed
229

230 231 232 233 234
## Updated Emoji!

We've updated to the 2016 library of [gemojione](https://github.com/jonathanwiesel/gemojione),
adding many new and updated emoji!

Job van der Voort's avatar
Job van der Voort committed
235 236
![New Emoji in GitLab 8.10!](/images/8_10/new_emoji.png)

Job van der Voort's avatar
Job van der Voort committed
237 238 239
## Domain Blacklist

You can now block certain domains from signing up by adding them to the
240
domain blacklist. Find the settings in the admin area.
Job van der Voort's avatar
Job van der Voort committed
241

242
> [Read how to blacklist domains in our docs](http://docs.gitlab.com/ee/user/admin_area/settings/sign_up_restrictions.html#blacklist-email-domains)
243

Job van der Voort's avatar
Job van der Voort committed
244 245 246 247 248
## Toggle Git Access Protocols

You can now configure Git access controls: enabling or disabling SSH, HTTP or
both.

249
> [Read how to toggle protocols in our docs](http://docs.gitlab.com/ee/user/admin_area/settings/visibility_and_access_controls.html#enabled-git-access-protocols)
250

Job van der Voort's avatar
Job van der Voort committed
251 252 253 254 255
## Inline Videos now supported!

GitLab will now render inline videos in comments and descriptions of
issues and merge requests.

256
> [How to use GitLab Flavored Markdown](http://docs.gitlab.com/ee/markdown/markdown.html#gitlab-flavored-markdown-gfm)
257

Job van der Voort's avatar
Job van der Voort committed
258 259
## Build Warnings

260
When your CI pipeline passes, but there were some warnings since you
261
[allow some jobs to fail](http://docs.gitlab.com/ee/ci/yaml/README.html#allow_failure),
262
GitLab will now tell you in the related merge request:
Job van der Voort's avatar
Job van der Voort committed
263 264 265

![Build warnings in GitLab 8.10](/images/8_10/warnings.png)

266
## Usage Ping (EE only)
267 268

To help us better engage with our customers, 8.10 EE periodically attempts to
Job van der Voort's avatar
Job van der Voort committed
269
send license usage back to GitLab, Inc. You can
270
disable this functionality by unchecking a setting in the application settings
Job van der Voort's avatar
Job van der Voort committed
271
page, which will also show you the _exact_ payload that we're sending.
272 273 274

![License Usage Report](/images/8_10/license_report.png)

Job van der Voort's avatar
Job van der Voort committed
275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323
## Performance Improvements

GitLab is only getting better every single month, and performance is no
exception. This month we've significantly increased performance for issue
rendering and diff rendering:

![Faster issues in GitLab 8.10](/images/8_10/perf1.png)

![Faster diffs in GitLab 8.10](/images/8_10/perf2.png)

And have made a large amount of further changes, some highlights below with
links to their merge requests.

### Backend

* [HAML has been replaced with Hamlit to reduce memory usage and rendering timings of views](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3666)
* [Certain Git operations are now cached when finding CI pipelines](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4984)
* [Various Git operations on project dashboards are now cached, reducing the time spent in Git whenever the caches exist](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4996)
* [Git operations related to viewing trees of files are only executed when necessary](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4997)
* [The various Markdown reference parsers now re-use SQL queries when used multiple times in the same request, reducing the total number of executed SQL queries](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5020)
* [The column `projects.pushes_since_gc` is only updated at most once per minute, reducing the number of writes to the `projects` table](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5083)
* [Checking if an avatar is present no longer hits the underlying storage engine, reducing the time it takes to check if an avatar is present](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5093)
* [Checking if a user has access to a single project has been optimised](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5102)
* [The queries used to get merge request closing/merging events are now cached per request](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5151)
* [The presence of an external wiki is now cached on database level](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5305)
* [Performance of automatically generating links in Markdown has been improved](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5311)
* [Checking whether to show a system note has been optimized](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5070)
* [The maximum access badge for each author of a comment is now cached to prevent multiple lookups for the same author](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4982)

### Frontend

* [Rendering of diffs has been improved by only rendering certain UI elements when necessary](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4776)
* [Page specific JS loading has been implemented in a better way, reducing the amount of JS to load per page](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4883)
* [Cropper.js has been separated from the main JavaScript file and only load Cropper.js when necessary](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4978)
* [The projects dropdown now only sends the data it needs, reducing the time it takes to load the data](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5113)
* [Discussion notes are not rendered when the diff tab is requested using Ajax](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5130)
* [The code used to check which issues are closed by a merge request is only called when necessary](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5140)

### Monitoring

* [Sidekiq latency is now tracked](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4871)
* [Redis cache hits and misses are now tracked](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4993)
* [The Markdown syntax highlighting filter is instrumented](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5038)

## Runner v1.4

From now on, runner releases will be synchronized with monthly GitLab releases.
Changes in this release (links to merge requests):

324 325 326 327 328 329
* [Use Sentry in GitLab Runner to monitor critical errors](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/217)
* [Improve logging](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/218)
* [Extend support for caching and artifacts for other executors](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/224)
* [Add support for cloning VirtualBox VM snapshots](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/111)
* [Improve support for Docker Machine](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/233)
* [Improve build abort](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/232)
Job van der Voort's avatar
Job van der Voort committed
330

Job van der Voort's avatar
Job van der Voort committed
331
## GitLab Mattermost 3.2
Job van der Voort's avatar
Job van der Voort committed
332

Job van der Voort's avatar
Job van der Voort committed
333 334 335
[Mattermost 3.2](https://www.mattermost.org/mattermost-3-2-german-custom-emoji-improved-threaded-messaging-search-windows-and-mac-apps-plus-more/) ships in GitLab 8.10 with German language translation, custom emoji, improved threaded messages, widescreen search, new Exchange and XMPP integrations, plus many more new benefits.

This version also includes [security updates](http://about.mattermost.com/security-updates/) and upgrade from earlier versions is recommended.
336 337 338

## Other changes

339
This release has more improvements, including security fixes. Please check out [the changelog](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md) to see all the named changes.
340 341 342

## Upgrade barometer

343 344 345
To upgrade to GitLab 8.10, about 15 to 30 minutes downtime is required.
Several database columns are renamed and migrations are done for changes in the
code. To prevent faulty data, GitLab will need to be offline during this time.
346

Job van der Voort's avatar
Job van der Voort committed
347
### Update your NGINX configuration
348

349 350 351 352 353 354
The default NGINX configuration now overwrites the 'Host' and 'X-Forwarded-Host'
headers. This adds defense in depth against header injection attacks.
For installations from source this means you need to update your NGINX
configuration for GitLab. For Omnibus installations this will happen
automatically, unless you configured your own 'Host' and 'X-Forwarded-Host'
values in `gitlab.rb`.
355

Job van der Voort's avatar
Job van der Voort committed
356 357 358 359 360 361 362 363 364 365
### Git Hooks renamed to Push Rules and Deprecated API

We renamed Git Hooks to Push Rules and have deprecated the git hooks API,
it will be removed with GitLab 9.0. We recommend you switch to using the
[new push_rules API][push-rules] as soon as possible.

> [Read about Push Rules in our docs](http://docs.gitlab.com/ee/push_rules/push_rules.html#sts=Push Rules)

[push-rules]: http://docs.gitlab.com/ee/api/projects.html#sts=Push Rules (EE only)

366
### Default behavior
367 368

*Note* We assume you are upgrading from the latest version. If not, then also consult the upgrade barometers of any intermediate versions you are skipping.
Matija Čupić's avatar
Matija Čupić committed
369
If you are upgrading from a GitLab version prior to 8.0 *and* you have CI enabled, you have to upgrade to GitLab 8.0 [first](/2015/09/22/gitlab-8-0-released/).
370 371 372 373 374 375 376 377 378 379 380

Please be aware that by default the Omnibus packages will stop, run migrations,
and start again, no matter how “big” or “small” the upgrade is. This behavior
can be changed by adding a [`/etc/gitlab/skip-auto-migrations`
file](http://doc.gitlab.com/omnibus/update/README.html).

- - -

## Installation

If you are setting up a new GitLab installation please see the
381
[download GitLab page](/install/).
382 383 384

## Updating

Matija Čupić's avatar
Matija Čupić committed
385
Check out our [update page](/update/).
386 387 388

## Enterprise Edition

389 390
GitLab Enterprise Edition includes advanced features such as LDAP Group support,
merge request approvals, Geo and File locking.
Matija Čupić's avatar
Matija Čupić committed
391
For a complete overview please have a look at the [feature list of GitLab EE]( /features/#enterprise).
392 393

Access to GitLab Enterprise Edition is included with a
Matija Čupić's avatar
Matija Čupić committed
394
[subscription]( /pricing/).
395 396 397 398
No time to upgrade GitLab yourself?
A subscription also entitles you to our upgrade and installation services.

- - -