►
Description
Matt and Haris discuss what's ahead for the Manage stage in 13.6.
Agenda and issue links are publicly available at https://docs.google.com/document/u/1/d/e/2PACX-1vRnN91k9Rx1AyF8cIQga3KGFpjkI-sheTB16Jg-4e8fO3snZas2Th4hJC5C5wKIrNWbzr8aYDjI-T7-/pub
A
Hey
y'all,
I'm
jeremy
watson,
I'm
a
product
manager
here
at
git
lab
and
I'm
joined
here
by
harris
and
matt
for
the
import
and
compliance
groups
respectively.
Talking
about
what's
ahead
for
the
manage
stage
in
13.6
releasing
november
22nd
2020.
first
up
is
going
to
be
matt
talking
a
little
bit
about.
What's
ahead
for
the
compliance
group,
matt
take
it
away,
sir.
B
Well,
thanks
jeremy,
so
in
this
particular
release
I
would
say,
half
of
our
capacity
is
still
taken
up
by
important,
necessary
work
such
as
continuing
the
refactoring
of
audit
events
and
some
underlying
improvements
that
aren't
necessarily
customer
facing,
but
will
improve
the
overall
experience
of
gitlab.
So
that's
one
bucket,
but
the
other
bucket
that's
user
facing
is
things
like
reals.
B
I'm
not
sharing
my
screen,
adding
a
revoke
button
to
the
personal
access
token
tab
of
the
credential
inventory,
so
we're
continuing
to
iterate
on
the
credential
inventory
to
continue
building
that
out,
which
will
consist
of
adding
additional
credentials
but
as
well
as
more
functionality.
And
so
this
is
one
of
the
ways
in
which
we're
bringing
the
convenience
of
providing
more
flexible
solutions
for
credential
management
to
gitlab.
B
So
I
think
it
was
two
releases
ago
we
released
an
mvc
for
a
list
of
commits,
which
was
our
our
first
foray
into
this
chain
of
custody,
and
so
some
of
the
feedback
we
received
was
that's
great
but
oftentimes.
I
have
a
commit
shaw
that
I
know
is
problematic
or
that
I
want
to
investigate,
and
so
it
would
be
great
if
you
could
show
me
everything
related
to
that
and
so
we're
starting
to
lay
the
groundwork
by
adding
this
capability.
B
So
that
way,
it'll
you
provide
the
commit,
sha
and
it'll
show
you
all
of
the
related
other
resources
or
objects,
like
pipelines,
merge
requests
and
eventually
things
like
jira
tickets
and
such
so
trying
to
give
users
the
ability
to
specify
or
refine
the
reports
that
we
generate.
So
they
don't
have
to
generate
a
big
chunk
of
data
and
then
have
to
sort
through
that
themselves
and
then
the
the
last
thing
of
note
is
bringing
an
export
of
merge
requests
as
csv
to
the
ui
so
similar
to
the
capability
available
for
exporting
issues.
B
You'll
be
able
to
export
merge
requests,
and
this
is
all
part
of
the
theme
of
making
it
easier
to
get
data
out
of
git
lab
so
because
our
customers
regularly
tell
us
that
they're
trying
to
get
the
data
out
of
gitlab
to
put
into
other
systems
of
record
or
even
just
to
generate
as
an
evidence.
Artifact
of
some
sort,
so
these
are
the
ones
I'm
most
excited
about,
and
hopefully
our
community
will
feel
the
same.
A
That's
very
cool,
especially
like
the
the
the
the
china
custody
report.
I
think
that's
gonna
be
a
very
exciting
addition.
I
could
you
please
just
like
voice
over
really
briefly
our
tiering
strategy
for
the
credential
inventory.
I
know
that
the
two
of
us
have
been
talking
about
it
a
little
bit
here
and
there,
but
the
con.
The
conversation
has
been
around
the
credential
inventory,
revocation
like
what
should
our
tiering
thinking
be
there.
Do
you
mind
just
voicing
over
that
super
quick.
B
B
These
features
such
as
listing
and
revoking
personal
access
tokens
for
admins,
so
an
admin
can
list
and
revoke
the
paths
of
their
users
like
things
like
that
api
functionality
that
they
can
go
build
their
own
solution,
I
think,
makes
sense
at
a
minimum
in
a
lower
tier
like
premium.
But
I
would
I
would
be
supportive
of
having
that
in
core,
because
I
think
one
of
the
strong
arguments
made
for
that
was.
It
helps
our
our
users
and
our
customers
just
have
a
stronger
information
security
posture
by
default
and
so
for
the
credential
inventory.
B
So
we
will
give
them
the
ability
and
ultimate
to
set
a
an
expiration
policy
to
determine
if
they
want
to
enforce
that
in
a
programmatic
way,
or
have
some
flexibility
there
for
orgs
that
have
said
they
want
softer
enforcement,
providing
things
like
these
revoke
or
delete
buttons
to
do
a
one-click
action
to
be
able
to
act
on
rotations,
but
we're
also
considering
things
like
adding
support.
For
you
know
ip
allow
listing.
B
You
know
the
the
access
group
melissa
has
done
a
great
job
with
releasing
project,
scoped
access
tokens
and
I
believe
group
scoped
access
tokens
are
falling,
which
gives
us
the
ability
to
bring
this
functionality.
This
credential
inventory
to
the
group
level
for
com
customers
as
well,
and
so
having
that
convenience.
Having
that
automation
having
that
ability
to
really
build
out
a
flexible
credential
management
policy
in
get
lab
and
have
us
do
that
work
for
you,
I
think,
is
why
it
makes
sense
in
ultimate.
A
Yeah,
it's
totally
agree.
I
think
that
we
were
talking
urgently
about
having
certain
types
of
credentials
like
in
ultimate
and
others.
I
think
that's
a
much
cleaner
kind
of
like
approach.
I
really
like
the
the
attitude
that
you
know
if
you
have
for
giving
them
the
two
individual
tools
like
it's
something
that's
available
in
lower
tier.
I
agree
with
your
kind
of
thinking
that
you
know
it's
it's
a
security-based
kind
of
like
capability,
and
maybe
it
belongs
to
core
versus
premium
to
that
effect.
A
That's
something
that,
like,
I
think,
believes
it
belongs
an
ultimate
and
it's
a
lot
cleaner
of
an
approach
than
like
certain
credentials
are
and
certain
credentials
aren't.
That's
probably
a
really
frustrating
model
for
customers
who
are
trying
to
make
it
just
buying
decisions
so
that
that
sounds
great.
The
other
thing
was
like
a
nice.
A
B
Yeah,
I
think
it
would
be,
and
in
fact
it's
part
of
the
thinking,
I
don't
think
we
have
an
issue
for
it,
but
it's
on
my
mind
because
one
of
our
enterprise,
I
think
they
were
a
prospect,
but
they
mentioned
like
hey.
What
we
would
like
to
do
is
x,
y
and
z,
but
that
was
one
of
the
things
they
would
like
to
build
in
sort
of
like
this
delayed
revocation,
where
you
know,
I
think
the
example
they
gave
was
on
the
first
use
of
the
token
after
it
expires,
give
them
a
warning.
B
A
C
C
So
in
1306,
we
plan
to
continue
the
work
on
the
gitlab
group
migration
nbc
in
the
in
13.5.
We
have
added
the
front
end
and
the
back-end
framework
to
support
this
feature,
and
now
we're
gonna
have
to
just
iterate
toward
making
the
feature
more
complete
and
providing
more
depth
to
the
feature
until
it's
useful
and
and
in
in
the
end,
replaces
the
existing
file
based
export
import
by
implementing
that
one-click
migration.
C
Let
me
share
my
screen
to
talk
about
the
user
experience
so,
in
addition
to
completing
the
mvc,
which
is
currently
in
progress,
the
the
very
next
thing
that
we're
going
to
do
to
provide
more
depth
to
the
feature
and
more
usefulness
is
add.
Epics
to
the
group,
that's
being
migrated.
So
all
the
epics
that
belong
to
the
group
will
be
migrated
as
well,
and
we
also
want
to
work
on
the
user
experience.
C
What
we're
going
to
be
doing
is
adding
the
ability
to
import
group
from
another
instance
of
gitlab
so
providing
the
credentials
the
url
and
the
credentials
to
that
instance
will
connect
to
the
instance
and
show
you
all
the
top
level
groups
that
you
have
visibility
into
and
let
you
decide
which
one
of
those
groups
you
would
like
to
go
ahead
and
import
into
your
current
in
your
current
instance.
So
this
experience
is
very
similar
to
what
we
have
on
projects.
C
This
is
still
kind
of
just
the
first
out.
We
are
looking
to
to
refine
issues
that
will
add.
You
know
more
standard
interactions
that
we
normally
have
on
other
views,
such
as
the
ability
to
filter
and
search
for
the
group
that
you're
looking
for
in
case
that
there's
there
are
more
groups
than
can
fit
on
a
interview.
C
C
In
addition
to
you
know,
so
the
team
will
be
swarming
around
this,
so
we
we
are
gonna,
aim
to
deliver
one
large
feature,
as
opposed
to
several
small
ones.
That
said,
you
know
we
always
do
have
other
other
goals
and
other
and
bugs
security
issues
that
we
typically
take
care
of
escalations.
So
we
are
planning
in
addition
to
delivering
this
one
feature
to
still
have
some
bandwidth
to
take
care
of
kind
of
the
incoming
bugs
escalations
and
security
issues.
C
A
Yeah,
I
was
just
curious
when
you
say
the
goal:
is
you
know
importing
and
adding
epics
to
the
group
migration?
When
you
say
what
is
what
is
what
is
included
in
that?
Because
you
know
you
have
an
epic,
you
have
an
epic
description,
you
have
a
number
of
like
sub,
epics,
potentially
and
then
issues
that
are
associated
with
epic.
So
what
do
you
anticipate
kind
of
like
is
going
to
be
included
in
that.
A
Are
you
concerned
that
a
a
customer
might
use
the
import
capability
and
then
find
themselves
in
like
a
weird
partial
state,
they're
like
oh,
I
have
100
epics.
Let
me
try
this
this
importer
capability
and
then
it
doesn't
import
any
of
their
issues
and
they're
kind
of
like
well.
I
have
this
epics,
all
my
epics,
but
now
I
have
to
I
don't
know
script
or
manually
associate
all
the
issues
with
the
epics.
Now
are
you
kind
of
concerned
about
that.
C
Definitely
and
that's
a
kind
of
a
bug
and
a
feature
at
the
same
time,
so
we
are
going
to
communicate
clearly
what
will
be
migrated
as
part
of
this
migration
and
we'll
be
evolving
that
documentation
that
we're
going
to
provide
on
on
in
the
view
as
well.
But
we
would
actually
like
for
people
to
give
us
feedback
and
tell
us
what
are
the
next
things
and
what
are
the
big
things
that
are
missing
and
what
we
should
work
on
next.
C
C
A
Yeah,
I
would
maybe
call
it
a
beta
and
the
the
the
we
have
a
handbook
page
on
this
right
here,
which
is
which
explains
alpha
beta
and
generally
available.
So
alpha
not
ready
for
production
use.
Data
loss
can
occur,
beta
not
for
natural
production
use,
unstable
featured
functions,
unlikely
to
change
data
loss,
not
likely
it
might
be.
That
might
be
like
because
the
data
loss
seems
unlikely,
but
you
might
get
some
unpredictable
results
from
it
and
the
features
aren't
are
unlikely
to
change
themselves.
Yeah.
C
I
don't
know
but
yeah,
I
don't
think
so.
I
don't
think
that
we
are
at
at
risk
of
losing
data
or
having
production
issues
or
even
have
performance
issues.
I
think
it's
really
all
about
just
having
disappointing
people
by
not
migrating
enough
and
it
not
be
viable
in
a
way
or
useful
enough
for
anyone
to
really
use
it.
So
I
think,
for
that
reason
I
might
still
just
call
it
beta
in
order
to
call
out
the
fact,
because
then
then
people
will
click
through
potentially
and
may
get
informed
better
of.
C
A
C
Yeah,
so
this
feature
has
been
designed
from
the
get
go
to
to
be
able
to
we're
just
hitting
an
api
so
from
any
instance
that
can
hit
some
other
instance
api.
We
will
be
able
to
pull
data
across,
so
that
could
be
from
gitlab
to
self-manage,
from
self-managed
to
gitlab
some
self-managed
to
self-manage
in
a
way
we're
not
advertising
this,
but
you
in
theory.
You
should
be
able
to
pull
a
group
across
from
gitlab
to
gitlab
cool.