GitLab 14.8 adds security approval policies, extends SSH support

by chat_bubble_outline 0 comment(s)

Update to the GitLab devops platform introduces chainable security approval policies as the replacement for the deprecated Vulnerability-Check feature.

Newly arrived GitLab 14.8 updates the software delivery platform with hardware-backed authentication and security approval policies.

Announced February 22, GitLab 14.8 has new SSH key types supporting OpenSSH 8.2, with backing for FIDO/U2F hardware authenticators with ecdsa-sk and ed25519-sk key types. With this support, users can leverage hardware-backed SSH authentication.

GitLab also now supports flexible security approvals as the replacement for the deprecated Vulnerability-Check feature. These approvals are similar to Vulnerability-Check in that both can contain approvals for merge requests containing security vulnerabilities. But they introduce a number of new capabilities. Users can choose who can edit approval rules. Multiple rules can be created and chained together, allowing for filtering on severity thresholds for each scanner type. A single set of security policies can be applied to multiple development projects. And a two-step approval process can be enforced for desired changes to approval rules.

Security approval policies can be used alongside the existing Vulnerability-Check feature, but users are encouraged to migrate to the new policies.

The GitLab devops platform provides for software version control, CI/CD, security, test automation, priority management, and code review, as well as license compliance. Developers can sign up for a free 30-day trial.

Other additions and improvements in GitLab 14.8:

  • Auto-completion of CI/CD keywords has been added to the pipeline editor, to increase efficiency when writing and debugging pipelines.
  • Audit events are provided on the group audit events page for user impersonation starting and stopping. This previously was available on a page unavailable to GitLab SaaS customers. Now, both self-managed and SaaS users can view these events, which indicate when an administrator impersonated another user.
  • Group owners can delete groups at the parent group level.
  • GitLab Runner 14.8, a lightweight agent for running build jobs and sending results back to the GitLab instance, was released. The Apple M1 chip is supported.
devops

Written by

Leave a Reply

Your email address will not be published. Required fields are marked *