►
From YouTube: 14.7 Monthly Release Kickoff (Public Livestream)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Welcome
everyone
to
14
slot
7
git
lab
release
kickoff.
This
is
the
last
kickoff
for
this
year.
As
a
reminder,
we
plan
ambitiously,
so
everything
you
say
and
share
here
is
subject
to
change,
so
please
don't
make
any
material
purchasing
decisions
based
on
these
plans.
A
That
said,
I
want
to
welcome
everybody
to
go
to
the
release
kickoff
page
and
engage
with
us
on
all
the
cool
work.
We're
gonna
talk
about
here.
You
can
help
come
build
with
us
to
make
software
easy
and
secure.
I'm
gonna
share
a
few
look
back
from
last
year
or
last
12
months,
just
to
see
how
the
team
and
everybody
has
done
here.
A
A
This
is
very
similar
and
consistent
from
last
year,
where
certain
stages
are
more
focused
on
adding
value
for
developers,
others
for
teams
and
others
for
organization.
That's
pretty
cool!
Thank
you
and
what
an
amazing
amazing
team.
This
is
we're
going
to
kick
it
off
today,
with
enablement,
starting
with
josh,
followed
by
dev
with
david
hillary
you'll
cover
our
sex
section
and
then
kenny
will
bring
us
home
with
pop.
Take
it
away,
josh.
B
Thanks
anub
and
thanks
everyone
for
attending,
I
will
be
covering
off
the
enablement
highlights
and
first
wanted
to
talk
through
a
little
bit
of
what
we
achieved
similar
to
a
new
last
year,
or,
I
should
say
the
past
year.
The
first
thing
is
that
we've
been
focused
heavily
on
the
get
lab
hosted
first
theme.
B
So
again,
this
will
give
us
scalability
improvements,
but
also
performance
improvements,
because
we
can
spread
the
right
loadout
to
multiple
databases,
we'll
also
be
working
on
a
similar
model
for
redis
and
splitting
out
our
session
keys
to
a
separatist
instance
to
similarly
give
us
more
scalability
and
performance
thereol.
The
memory
group
is
doing
this
work
and
we're
also
doing
similar
decomposition
work
with
our
elasticsearch
index
to
move
our
commits
out
into
a
separate
index
as
well
for
very
similar
reasons.
B
On
the
global
search
side,
we've
seen
significant
performance
improvements
by
moving
multiple
types
of
each
type
of
content
out
into
its
own
indexes.
So
we've
got
this
for
a
while.
We've
had
great
results
and
so
we're
continuing
to
do
the
work
here
for
the
rest
of
the
data
types
last
up
for
gitlab
hosted.
First,
we
are
working
to
make
generally
available
our
object,
storage
replication
framework.
Not
all
customers
can
utilize.
B
The
built-in
object,
storage
application
for
their
object
store
because
it
might
not
be
there,
and
so
we
have
built-in
support
within
geo
to
do
this
for
those
folks,
but
it's
currently
beta,
and
so
we
want
to
go
through
and
just
make
sure
it
all
works
and
dot
our
eyes
and
cross
our
t's.
We
don't
know
of
anything
major,
but
we
want
to
make
sure
we
do
that
past
before
making
it
ga.
B
Next
up.
Moving
on
to
usability,
we
are
finishing
up
our
work
to
replace
the
old
jquery
based
drop-down
with
a
pajamas-based
component.
Pajamas
is
gitlab's
design
framework
and
uses
reusable
widgets
if
you
will
to
standardize
across
gitlab.
B
So
the
tech
debt
here,
but
we'll
set
us
up
for
success
later
we're
also
working
on
the
new
market
side
to
complete
our
red
hat
official
certification
of
our
operator.
So
we
hopefully
will
get
it
here
in
14.7,
but
if
not
we'll
be
very
close.
We're
working
through
a
couple
items
here,
in
particular
on
super
offering
support
for
openshift
4.9
and
the
reason
why
it's
a
bit
more
challenging
is
because
it
requires
support
for
kubernetes
1.22.
B
Now
there
have
been
some
deprecations
within
kubernetes
around
the
api
framework.
We
released
a
blog
post
on
this
which
might
impact
you
if
you
use
our
built-in
nginx
ingress
service,
and
you
might
want
to
read
that
blog
post
more
in
tension.
But
the
overall
idea
here
is
to
support
case
1.22
and
openshift
4.9
and
drive
through
a
few.
The
last
remaining
items
here
on
support
for
the
open
shift
certification.
B
C
C
So,
to
start
us
off
with
data,
let's
talk
about
the
manage
stage,
so
the
managed
team
is
working
on
adoption
to
usability
and
actually
all
of
dev
is
focused
on
this.
For
this
milestone
for
the
newly
renamed
authentication
authorization
group
formally
accessed
they'll
be
working
on
support
for
phytotube-based,
ssh
keys
very
exciting.
This
is
again
continue
to
extend
what
we
can
do
from
an
authentication
standpoint
and
addressing
some
of
the
newer
things
in
the
security
industry.
C
The
compliance
team
is
finishing
up
their
work
on
the
mvc
for
streaming
audit
events.
This
will
provide
a
graphql
endpoint
for
people
to
define
where
they
would
like
their
compliance
audited
events
to
go
to
externally
from
gitlab
as
well,
so
for
still
going
into
the
audit
events
functionality
of
our
application.
C
C
The
compliance
team
is
also
working
on
improving
the
compliance
report
and
compliance
dashboard
to
show
you
what
this
looks
like
today.
You
have
a
list
of
compliance
items
to
address
when
you
click
on
this,
we'll
be
introducing
a
tray
that
will
slide
out
and
we'll
give
you
additional
details
about
that
event
that
you're
looking
at
on
the
dashboard,
the
optimize
team
is
looking
to
improve
the
usability
of
the
value
stream
analytics
example.
Here
this
is
on
the
left.
C
The
current
behavior
of
what
the
value
stream
analytics
looks
like
when
you
look
at
it
they're
looking
to
enhance
that,
so
you
get
things
such
as
the
project,
eventually
labels
and
other
details
to
help
that
be
as
rich
as
our
issue
list
functionality
inside
the
issue
tracker
and
the
workspace
team
is
getting
ready
to
release
their
first
official
feature.
This
is
a
great
usability
improvement
today
when
you
go
into
the
editing
of
labels,
you
do
not
have
the
option
to
delete
them.
You
have
to
do
that
in
a
different
view.
C
Here
you
can
see
this
is
actually
our
demo
project.
We
use
a
lot
for
demoing,
dev
and
sec.
I
come
in
here
and
edit
it.
There
is
no
edit
button
and
I
am
the
owner
of
this
project,
so
this
will
be
coming
in
and
beginning
to
support
labels
moving
into
workspace
and
then
beginning
to
address
usability
for
all
tiers
of
the
product.
C
Part
of
this
is
also
improving
the
editability
and
so
they'll
be
working
on
introducing
some
of
the
improvements
that
the
other
team
is
working
on
within
task
example.
This
is
being
able
to
edit
the
title
in
mind,
so
you
can
see
an
edit
an
edit
view
of
this
item,
which
is
in
the
wiki.
I
can
click
on
it,
come
and
rename
it
and
be
able
to
just
click
off
of
it.
To
save
it.
It's
a
really
nice
big
usability
improvement.
C
The
create
stage
is
primarily
focused
on
q4
okrs.
This
includes
our
infradev
focus
for
get
live
hosted
first,
as
well
as
our
continuous
security
vulnerability
burn
down.
However,
one
item
I
wanted
to
highlight
is
something
the
editor
team
is
working
on
they're,
looking
to
improve
how
we
handle
very
large
markdown
files
as
part
of
the
wiki
experience,
so
as
more
users
begin
to
standardize
on
our
wiki,
we
want
to
make
sure
they
can
get
that
same
experience
to
get
with
the
wikis
they're
moving
from
and
then.
C
Finally,
in
partnership
with
the
applied
ml
team,
the
code
review
team
is
getting
ready
to
launch
the
beta
program
for
our
new
suggested
reviewers
functionality.
This
functionality
is
bringing
in
the
acquisition
of
unreview,
where
we're
now
going
to
be
able
to
recommend
code.
Reviewers
based
off
of
lots
of
different
data
points
expect
to
see
this
announced
in
january.
C
I
will
have
a
blog
post
come
out
and
then
you'll
be
redirected
to
this
form
you're,
seeing
here
to
fill
in
and
sign
up
for
access
to
the
beta
program
and
then,
finally,
before
kicking
it
over
to
hillary
to
talk
about
sec.
I
also
want
to
kind
of
give
you
a
look
back
on
this
year.
From
the
dev
section
perspective,
we
focused
a
lot
on
adoption
through
usability
and
that's
been
a
theme
for
22..
Some
of
the
things
I
wanted
to
highlight.
We
improved
our
settings
and
navigation.
C
C
C
Another
focus
we
had
was
improving
our
visibility
and
you
can
see
that
with
some
of
the
things
we've
been
able
to
report
on
now.
This
includes
better
visibility
in
how
lasting
integrations
are
being
used,
how
our
import
experience
goes
for
our
users
as
they
move
from
their
other
projects.
Another
project
locations
over
to
us
for
their
devops
and
we
also
addressed
a
bunch
of
key
jobs
to
be
done.
C
Obviously,
the
one
related
settings
navigation,
but
also
the
rollout
of
the
content
editor,
giving
a
better
editing
experience
the
manage
access
team
now
manage
authentication
and
authorization
they've
rolled
out
things
like
group
saml,
allowing
enterprise
to
have
better
management
over
their
provision,
users
and
finally,
product
planning
introduced
filter
improvements,
as
well
as
epic
board
improvements
as
well.
So
a
lot
of
exciting
stuff
happened
in
dev
this
year.
C
We're
also
excited
to
see
the
platinum
machine
learning
team
get
involved
as
well,
but
from
everyone
in
the
dev
and
model
of
sections,
my
wife,
our
lovely
dogs.
We
all
want
to
wish
you
a
happy
holidays
and
I'm
going
to
go,
get
all
this
pulled
out
of
my
beard
before
my
next
customer
call
just
feels
like
that's
something
I
should
probably
do
so
with
that
over
to
hillary.
D
D
So
to
start
off
here
with
static
analysis,
we're
continuing
to
roll
out
our
custom
rule
set
improvements
to
additional
analyzers,
and
so,
as
a
reminder,
the
idea
behind
this
work
is
to
provide
the
option
to
customers
to
extend
rules
to
each
of
our
analyzers
on
a
project
by
project
basis
for
a
couple
purposes.
D
So
here's
a
preview
of
what
that'll
look
like
so
basically
you'll
be
able
to
go
and
see
if
you've
configured
a
scan.
What
the
name
of
that
scan
is
what
it's,
what
it's
targeting,
what
mode
it's
in
and
then
you'll
be
able
to
kick
off
a
scan
directly
from
this
page.
That's
what's
going
on
for
on-demand
scanning,
also
in
dynamic
analysis,
we're
working
on
continuing
to
add
or
continuing
to
establish
passive
attack,
parity
between
the
oauth
zap
library
of
attacks
and
our
browser-based
gas
scanning.
D
So
we
aim
to
roll
out
about
five
to
seven
new
attacks,
each
corresponding
to
a
common
weakness,
enumeration
or
cwe
with
each
milestone,
and
you
can
explore
which
ones
are
targeted
for
this
milestone
in
this
issue.
Here
continuing
to
work
on
that
in
container
security,
we're
also
working
on
moving
cluster
image
scanning
from
alpha
to
ga
state.
So
this
has
been
in
progress
for
a
few
milestones
now.
Customers
may
have
noticed
that
operation
operational
volumes.
I
have
already
shipped
to
the
vault
report
page,
so
you
can.
D
As
you
can
see,
we
take
a
look
at
this
on
this
page.
You
can
see
that
this
page
highlights
any
vulnerabilities
found
in
applications
that
have
already
moved
into
a
production
or
running
state,
so
basically
we're
continuing
to
roll
this
out.
We
anticipate
shipping
the
ga
version
of
this
functionality
within
the
next
couple
of
milestones
and
are
actively
looking
for
customer
feedback,
so
if
anyone's
using
this
in
its
office
date,
please
please
share
that
feedback.
If
you
have
it
and
then
finally,
with
thread
insights,
we're
also
kicking
off
work.
D
This
milestone
on
our
hotly
anticipated
integrated
developer
training.
So
with
this
functionality
we're
aiming
to
address
the
challenges
that
organizations
have
with
scaling
out
security
education
to
developers
in
a
way
that's
engaging
and
also
directly
relevant
to
the
work
that
they're
actually
doing
on
a
daily
basis.
So
the
idea
is
to
embed
small
chunks
of
security
training
at
sort
of
critical
points
within
the
developer
workflow.
So
if
they're
looking
at
reviewing
security
findings
in
nmr
in
pipelines
or
on
the
vulnerability
report,
they
basically
be
able
to
access
this
training
from
there.
D
So
the
embedded
training
will
kick
a
developer
to
a
topical
training
module
provided
by
one
of
our
third-party
security.
Training
providers
and
they'd
be
able
to
view
a
tidbit
about
the
specific
security
issue
that
they're
actively
trying
to
resolve
so
say.
For
instance,
a
new
developer
is
reviewing
a
security
finding
in
git
lab
about
sql
injection
vulnerability,
but
that
individual
has
no
prior
experience
with
it.
They'd
be
able
to
go
and
access
a
topic-specific
training
module
that
kind
of
educates
them
on
the
fly.
D
So,
of
course,
we're
super
excited
about
this
work
and
we'll
be
iterating
on
this
over
a
number
of
upcoming
milestones.
But
we're
kicking
that
off
shortly
here
so
and
that's
it
for
a
sec
with
that
I'll
turn
it
over
to
kenny
to
talk
about
apps.
E
Awesome
thanks
hillary
yeah
that
integrated
training
is
really
exciting
and
I've
got
some
tough
acts
to
follow,
but
I'll
try,
my
name's
kenny.
I
cover
the
ops
section.
There
were
tons
of
items
that
I
wanted
to
highlight
in
this
kickoff,
but
I
wasn't
I'm
not
going
to
be
able
to
get
to
all
of
them,
so
I'm
just
going
to
jump
to
some
very
specific
ones.
The
first
and
the
kind
of
the
spirit
of
look
back,
the
entire
op
section.
Every
group
published
letters
from
the
editor.
E
I
had
the
opportunity
to
review
those
from
each
one
of
the
op
section
groups
and
kind
of
summarize
that
in
this
letter
from
me,
but
I
really
wanted
to
highlight
that
during
the
course
of
this
last
year,
we've
focused
a
lot
on
git
lab.
First,
we
had
a
kind
of
verify
abuse
spike
that
happened
at
the
start
of
the
year.
E
Secondly,
we've
also
had
a
really
big
focus
on
adoption
through
usability.
You've
heard
that
from
a
number
of
other
sections,
but
I'm
particularly
proud
that,
in
the
ops
section,
we've
consistently
beat
our
very
ambitious
cmo
goals,
which
is
number
of
users
across
a
whole
number
of
stages.
There's
five
stages
that
make
up
the
ops
section
and
we've
been
seeing
rapid
growth
across
all
sections
through
the
course
of
this
year,
so
really
great
to
see
the
results
show
up
as
a
from
all
of
our
hard
efforts
through
the
course
of
the
year.
E
Thank
you
to
the
team.
The
other
exciting
thing
that
I
wanted
to
share
with
you
that
I'm
super
excited
to
get
to
share.
We
announced
last
week
that
gitlab
acquired
a
company
called
opstrace
and
I've
been
working
closely
with
obstrace
team
as
part
of
this
acquisition
for
the
better
part
of
four
months,
and
I'm
really
excited
to
see
the
expertise
that
they
bring
in
building
and
that
they've
brought
in
having
built
a
open
source.
Observability
solution
integrated
into
gitlab.
So
my
team
is
stellar.
E
I'm
excited
for
them
to
hit
the
ground
running,
we'll
be
creating
a
new
monitor,
observability
group
that
this
team
will
will
form
and
they'll
be
working
on
integration
over
the
coming
milestones,
and
so
that
integration
will
benefit
our
users
in
having
an
on
by
default,
immediately
available,
set
up
and
configured
correctly
observability
platform
for
developers
to
utilize
so
that
they
can
not
have
to
create
that
on
their
own
or
have
their
organization
created
on
their
own
and
get
the
benefits
of
seeing.
E
You
know
eventually
seeing
things
like
integrated,
observability
insights
right,
while
you're
coding
or
direct
connection
between
incident
management
and
the
deploys
and
committers
and
reviewers
of
code
that
was
recently
deployed.
So
I'm
really
excited
about
what
the
future
holds
for
this
integration
and
the
team
hitting
the
ground
running
over
the
next
couple
of
weeks
to
really
work
on
integrating
this
directly
into
gitlab.
E
The
other
themes
that
I
wanted
to
highlight
are
across
the
other.
Product
groups
are
first
usability,
and
so
one
of
the
things
that
we've
been
focused
on
in
our
sas
first
approach
has
been
the
control
of
costs
and
so
that
we're
going
to
specifically
be
performing
a
lot
of
work
over
the
coming
milestone.
E
Understanding
the
cost
that
gitlab
as
a
sas
service
incurs
when
users
use
ci,
but
it's
important
to
recognize
that
we
also
want
to
make
sure
we
reduce
the
cost
for
users
who
are
self-hosting
their
own
runners,
that
they
can
minimize
the
amount
of
ingress
and
egress
charges
that
they're
getting
from
their
cloud
providers
in
shipping,
whether
it's
git
repos
get
repo
clones
or
package
registry
image
registry
downloads
back
and
forth
across
the
internet.
E
Next
we
have,
we
recently
announced
that
we
were
deprecating
our
certificate-based
cluster
integration,
so
we've
been
having
a
heavy
focus
on
improving
the
existing
auto
devops
capabilities
so
that
they
work
with
the
new
kubernetes
agent.
So
there's
a
series
of
work
that
the
configure
group
is
doing
to
finalize
that
so
that
we,
so
it
is
very
straightforward
for
auto,
deploy
and
auto
develops
to
work
with
a
project
who
has
an
attached
cluster
via
the
agent
process.
E
That
includes
both
making
sure
that
the
cube
ingress
domain
isn't
required
and
that
we
have
documentation
for
how
to
set
up
review
apps
when
you're
using
the
agent
next
in
the
pipeline
authoring
group
we're
going
to
be
working
on
improving
the
tool
tips
that
you
get
when
you're
looking
at
keywords
in
the
pipeline
editor.
So
today,
when
you,
when
you're
writing
a
ci
pipeline,
you
get
a
little
squiggly
mark.
That
says,
there's
a
syntax
error,
but
we
also
want
to
provide
tool
tips
that
show
you.
E
E
So
that
will
include
this
view
where
today,
we're
going
to
start
with
being
able
to
sort
by
name
but
eventually
you'll
be
able
to
have
other
filters
to
be
able
to
quickly
find
the
specific
image
tag
in
your
container
registry
repositories
and
then.
Lastly,
the
two
highlights
that
I
really
wanted
to
focus
on
were
in
new
markets
were
from
the
runner
team.
E
So
the
runner
team
both
needs
to
ensure
that
runners
are
manageable
at
scale
and
that
there
are
great
fleet
management
capabilities,
but
also
that
gitlab
runner,
as
the
kind
of
foundational
component
for
gitlab's
ci
cd,
is
capable
of
running
in
a
lot
of
various
environments.
And
so
they're
going
to
be
working
on
fips
compliant
runner
that
enables
it
to
run
in
more
secure,
especially
us
federal
workloads
and
then
the
next
one
is
the
kubernetes
runner
operator.
E
Previously
we've
been
focusing
this
operator
specifically
on
working
with
openshift,
but
we're
going
to
make
it
more
generic
so
that
the
operator
is
available
for
any
type
of
kubernetes
environment,
not
just
openshift.
So
those
are
the
things
that
I'm
really
excited
about
and,
as
david
mentioned,
I'm
really
proud
of
the
work
that
this
group
has
done
and
I'm
excited
for
everyone
taking
a
nice
break
around
the
holidays
and
happy
holidays
to
everyone
who
is
listening
over
to
you,
anu.
A
A
So
you
have
the
right
details
at
your
fingertips,
recommending
the
right
code
reviewers
using
machine
learning
to
help
address
a
major
source
of
delay
and
frustration
for
developers,
love
the
secure
team's
efforts
to
reduce
false
positives,
provide
extensibility
and
I'm
looking
forward
to
the
ga
of
cluster
image
scanning
integrated
developer
training
into
vulnerability
management.
That's
actually
amazing.
Let's,
let's
find
out
how
people
receive
it,
because
I'm
really
excited
about
learning.
While
you
go
in
the
flow
on
by
default,
easy
observability
platform
powered
by
ops
trace.
A
This
is
going
to
be
huge
investment
for
us
next
year,
so
I'm
really
looking
forward
to
the
early
iterations
and
then
reducing
data
cost
transfer,
cost
for
ci
to
help
reduce
costs
or
control
costs
for
all
of
our
users.
Every
almost
everybody
uses
ci,
so
everything
we
can
do
to
help
our
users
and
customers.
That's
awesome,
fibs
compliant
runners
and
gitlab
runner
operator
for
all
kubernetes
environments.
Also
super
interesting.
I
want
to
take
a
second
and
share
with
the
team
what
our
fiscal
23
themes
are
going
to
look
like
just
like.
A
Last
year,
we
have
three
themes.
This
year
we
are
continuing
our
get
lab
hosted
first
team.
We
think
we
have
made
a
whole
lot
of
progress.
We
established
error
budgets,
availability
targets
and
we're
starting
to
meet
many
of
them.
We
think
we
need
to
continue
down
this
path
and
become
more
robust
around
here.
A
The
second
is
improving
key
workflow
usabilities,
again
inspired
from
adoption
through
usability
three.
What
we've
realized
is
we
made
a
really
broad
effort
last
year
to
improve
usability
and
we
accomplished
a
lot
and
we
found
that
there
are
certain
key
workflows
that
are
often
more
complex
and
require
more
cross-functional
alignment
to
drive
the
hard
20
remaining
20
percent
of
the
changes.
So
that's
where
we're
going
to
focus
on
including
excellent
planning,
workflows,
intuitive
settings
and
navigation,
onboarding
and
learnability
to
help
drive
multi-state
adoption.
A
A
code
review
experience,
that's
more
efficient
and
intuitive
the
ability
to
create,
and
edit
pipelines
that
is
intuitive
and
customizable,
and
then
deployment
workflows
that
enable
collaboration
between
the
platform
and
apps
teams
to
perform
safe,
reliable,
continuous
deployments
and
third
is
extending
our
lead
in
ci.
Cd
ci
is
one
of
the
first
use
cases,
customers
or
users
experience,
and
we
want
to
make
sure
that
it
continues
to
be
improved,
will
work
on
ensuring
a
scalable
and
efficient
ci
service,
robust
cloud
runners,
improved
adoption
of
the
package
management
capabilities
and
safe
and
secure
deployments.
A
So
those
are
the
things
we're
planning
as
an
area
of
emphasis
for
fiscal
23.
That
doesn't
mean
other
areas
are
not
getting
focused
or
less
focused.
Those
will
continue
as
their
stage
groups
usually
do
with
that.
I
want
to
wish
all
of
you
a
great
holiday
season.
Stay
safe
and
we'll
see
you
again
in
2022,
bye.