►
From YouTube: GitLab 13.9 Kickoff - Manage
Description
Matt, Haris, and Larissa talk about what's ahead for Manage in 13.9.
- Manage:Compliance - 0:24
- Manage:Import - 11:04
- Manage:Optimize - 19:45
Agenda and issue links available at https://docs.google.com/document/u/1/d/e/2PACX-1vRnN91k9Rx1AyF8cIQga3KGFpjkI-sheTB16Jg-4e8fO3snZas2Th4hJC5C5wKIrNWbzr8aYDjI-T7-/pub
A
Hey
everyone,
I'm
jeremy
watson,
joined
by
harris,
matt
and
larissa
we're
here
to
talk
about.
What's
ahead
for
the
manage
stage
in
139,
releasing
february
22nd
melissa,
ushikov
of
the
access
group
will
be
doing
her
own
video,
but
without
further
ado
matt.
What's
ahead
for
compliance,
take
it
away,
sir.
B
B
So
one
of
the
issues
for
13.9
is
adding
this
input
field.
That's
a
terrible
backdrop,
but
it's
an
input
field
where
somebody
when
they
create
one
of
these
compliance
frameworks
can
say
any
project
that
uses
this
framework.
I
want
it
to
point
to
this
compliance
yaml,
that's
centrally
managed
somewhere
by
my
compliance
or
security
team
and
then
once
that's
set.
Then
in
the
project
we'll
see
in
the
the
ci
cd
settings,
this
read
only
field
for
visibility
for
maintainers
and
such
where
that
pipeline
configuration
is
coming
from.
B
But
this
would
essentially
address
the
concerns
around
separation
of
duties
and
in
terms
of
who
can
apply
the
the
controls
and
who's
bound
by
them,
but
just
the
general
security
posture
or
compliance
posture
of
the
project,
because
only
certain
individuals
be
able
to
modify
that
the
other
one
is
adding
a
project
level
setting
to
require
a
issue
from
jira
be
linked
to
a
merge
request.
This
this
behavior
doesn't
really
exist
today
in
terms
of
enforcement.
B
But
if
you
have
a
jury
integration,
you
can
associate
the
ticket
by
adding
a
title
or
description
element
or
content
that
links
to
the
name
of
the
jared
ticket.
But
here
what
we're
doing
is
we're
starting
down
the
path
to
say
at
a
project
level
we're
going
to
require
that
this
relationship
or
this
link
exists
before
the
mr
can
be
merged,
and
this
is
coming
about
from
the
need
for
organizations
to
have
documented
change
management
processes.
So
when
a
ship
when
a
change
is
being
shipped,
you
have
to
know
why.
B
B
Oh
that's
just
close
up
and
then
the
let's
see
another
one
is
we're
adding
option
enforcement
for
ssh
keys
to
self-manage
for
now
we'll
follow
that
on
for
sas
customers
as
well.
But
the
rationale
here
is
that
we
introduced
an
expiration
policy
for
personal
access
tokens
and
then
we
also
added
a
toggle
there.
That
says
you
can
have
this
enforcement
be
programmatic,
but
some
organizations
find
that
very
disruptive.
B
I
tend
to
agree
with
that
and
so
there's
a
toggle
to
make
that
enforcement
optional.
So
the
instance
admin
would
still
be
notified
that
a
credential
has
expired
and
they
can
take
action
through
things
like
the
credential
inventory,
where
you
can
revoke
or
delete
credentials,
but
it
wouldn't
necessarily
be
immediately
disruptive
to
the
end
user.
Who
you
know
may
not
know,
may
not
have
the
time
or
just
something
like
that.
So
it
gives
a
little
bit
more
flexibility
to
credential
management
and
the
last
one
is.
B
A
That's
awesome,
matt,
there's
so
many
great
compliance
changes
there
that
are
going
to
be
super
valuable
for
for
a
lot
of
our
customers.
I'm
always
I'm
still
really
impressed
by
the
by
the
great
work
on
tying
ci
to
compliance
frameworks.
I
know
we've
been
iterating
on
compliance
frameworks
for
quite
a
while,
and
I
think
it's
a
it's
a
great
idea
to
tie
that
to
ci
in
the
way
that
you're
done.
A
I'm
really
curious,
though,
if
I'm
a
developer-
and
I
am
working
in
a
project
that
has
a
mandated
compliance
pipeline
based
off
of
the
compliance
pipeline
location
feature
you
just
described
about.
Can
I
write
like
additional
ci
rules
to
run
on
top
of
that?
How
does
that
work
or
my
hands
kind
of
tied
by?
What's
by
that
external
pipeline.
B
Yeah,
that's
a
great
question,
so
the
answer
is
yes:
a
developer
can
write
additional
jobs
or
add
additional
stages.
Even
the
centrally
managed
pipeline
would
just
provide
a
baseline
so
that
the
security
or
compliance
team
can
say.
I
want
to
control
these
these
jobs
or
stages
that
have
to
run
and
in
this
particular
order,
which
makes
it
uneditable
or
unmodifiable
by
the
the
local
project
users,
including
developers
and
maintainers.
B
A
A
A
My
question
was,
I
wonder:
like
did
we
ever
consider
tying
that
requirement
to
get
lab
issues
instead
and
my
idea
was,
I
don't
know
what
the
status
of
our
our
integration
plans
are
with
jira,
but
if
we
made
that
generic
so
that
you
just
said,
we've
tied
to
an
issue
and
then
a
user
can
use
whatever
external,
whatever
tools
that
they
want
to
in
order
to
create
the
issue,
and
so
it
doesn't
have
a
hard
requirement
into
jira.
Do
you
ever
consider
that,
like
what
do
you
think
about
that.
B
Yeah
we've
considered
it,
I
think,
there's
the
primary
motivation
for
starting
here.
First,
at
least,
is
that
there's
a
lot
of
customer
demand
for
it,
so
we're
trying
to
solve
what
I
locally
refer
to
as
fires.
We
have
large
customers
who
have
upcoming
audits,
or
maybe
just
had
an
audit
where
this
became
problematic
for
them,
and
so
this
was
the
fastest
way
we
could
deliver
the
value
to
them
and
jira
seems
to
be
the
the
service
that's
used
most
at
least
in
the
customers
we
spoke
to.
B
I
think
that
makes
sense,
though,
because
organizations
are
going
to
say
yes,
I
want
that
enabled,
but
it
is
disruptive
which
I
think
is
generally
contrary
to
our
philosophy
at
gitlab
to
not
impede
developers,
so
I
think
it
would
make
sense
to
have
it
toggled
off
by
default,
but
a
lot
of
the
customers
make
that
change,
but
I
don't
know
I
I
also
know
we
have
principles
to
be
on
by
default.
So
jeremy,
I
don't
know
if
you
or
harris
or
lewis
anyone
has
an
opinion
or
thought
there
yeah.
I
I'd.
C
Say
that
you
know
on
by
default
a
feature
that
expands
your
abilities,
but
something
that
actually
restricts
your
ability
for
from
doing
something
which
is
a
lot
of
the
compliance
stuff.
I
would
I
would.
I
would
actually
even
state
that
that's
our
posture
is
that
you
know
these
are
things
that
you
can
restrict
on
your
own,
but
we
probably
shouldn't
come
out
with
a
blank
instance
that
has
all
the
restrictions
on,
because
that'd
be
really
hard
to
unwind
or
use
or
learn.
B
B
C
Cool,
thank
you.
Let
me
share
my
screen
and
tell
you
all
about
what
imports
planning
to
do
for
13.9,
so
we're
going
to
do
kind
of
more
of
the
same.
In
a
way
I've
been
talking
about
the
group
migration
for
a
couple
milestones
now
and
we're
currently
marching
towards
achieving
parody
with.
I
just
wanna
make
sure
you
can
see
my
screen
being
shared
right.
B
C
For
the
reason
I
had
the
green
boundary
around
it,
so
the
next,
the
next
up
in
in
our
search
for
in
our
like
quest
for
parity
with
the
current
group
export
import,
is
completing
the
epics
migration.
So
in
the
mvc
we
have
some
of
the
basic
fields
of
epics
being
migrated
such
as
title
description
state,
but
none
of
the
relationships.
So
things
like
labels,
comments
notes
are
not
being
migrated
over.
C
C
Given
that
we
have
a
solution
that
might
be
able
to
do
the
same
job,
so
that's
that's
the
primary
goal
for
13.9.
In
addition
to
that,
we
are
going
to
be
paying
attention
to
the
usability
of
the
same
features.
So,
on
the
front
side,
we
are
looking
to
add
the
pagination
for
the
group
migration
list,
I'm
showing
a
screenshot
of
what
that
list
sort
of
looks
like
right
now,
and
there
is
no
way
to
to
get
to
the
second
page
or
to
paginate.
C
So
we're
looking
to
first
implement
a
standard
pagination
that
we
have
on
a
lot
of
our
other
lists,
but
we're
also
gonna.
That's
that's!
What's
coming
in
thirteen
nine
and
but
at
the
same
time
we're
also
looking
to
expand
that
feature
with
something
that
we're
gonna
really
need
in
order
to
scale
this
experience
to
users
who
may
have
hundreds
or
thousands
of
different
groups
that
they
need
to
migrate.
C
So,
in
addition
to
creating
the
the
regular
pagination,
their
regular
pagination
feature
we're
looking
to
also
provide
the
ability
to
select
the
size
of
the
page,
which
is
something
that
a
lot
of
lists
out
there
have
and
something
users
are
used
to
and
expect
to
have.
And
for
us
it's
always
going
to
be
a
must,
because
having
just
20
per
page
means
that
we
still
are
not
going
to
be
able
to
do.
A
lot
of
you
know.
C
C
C
Finally,
I
have
two
instrumentation
issues
that
we're
going
to
be
playing.
One
is
getting
to
a
single
usage
metric
for
the
project
import
gmail,
so
we
can
have
one
number
to
track
for
the
group
monthly,
active
users
count
and
once
that's
completed,
we're
going
to
make
sure
that
our
counts,
which
are
currently
not
accurate,
become
more
accurate.
C
C
The
calculation
is
off
and
we're
gonna
make
sure
that
we
update
these,
and
this
will
also
give
us
the
ability
to
finally
then
see
the
usage
for
importers
from
from
self
self-managed
instances.
Currently,
we
have
that
for
sas
only
and
this
this
this
issue
will
finally
clean
that
up
and
make
it
so
that
we
can
get
the
same
kind
of
data
from
self-managed.
A
I'm
still
typing,
I
wanted
to
just
say
thanks
for
prioritizing
the
instrumentation,
I'm
really
excited
to
see
our
dashboards
all
built
out.
You
know
you
talked
about
completing
epics
migration.
Are
there
any
other
objects
that
you
feel
like?
We
need
to
kind
of
think
about
after
epics,
or
is
that
kind
of
the
main
thing
that's
kind
of
standing
between
feature
parity
with
the
existing
future.
C
So
it's
a
great
question:
epics
is
really
the
the
big
one
and
the
most
probably
gonna
take
the
most
time
to
get
done.
But
in
addition
to
that,
we
have
some
usability
issues
that
we
would
need
to
get
take,
take
care
of
and,
for
example,
our
ability
to
not
just
pick
a
top
level
group,
but
also
be
able
to
pick
a
subgroup
and
migrate
as
well,
which
is
something
that
you
currently
can
do
with
project
export
with
group
export
import.
C
But
in
our
case
we're
only
allowing
you
to
pick
a
single
top
group
for
exports,
so
getting
to
some
of
that
and
then
finally
migrating
labels,
that
are
the
group
level,
migrating
milestones,
iterations,
badges
and
boards.
So
all
of
those
things
that
are
currently
included
in
the
group
export
import,
we
should
be
able
we
will
need
to
have
in
order
to
achieve
that
parity.
C
A
D
D
First
up,
we
have
a
little
bit
more
work
to
do
on
the
user
availability
work,
so
we
added
a
busy
indicator
recently,
and
so
the
way
that
works
is,
if
you
click
into
your
name
and
edit
status
you
can
select
busy
and
that
room
that
appears
in
a
number
of
different
places
throughout
the
ui.
So,
for
example,
you
can
see
here
that
I
have
it
set.
If
I
scroll
down
to
my
name
in
the
comments
and
hover
over
my
name,
I
can
see
that
I'm
busy.
D
D
D
Next
up,
we
have
some
work
that
carried
over
from
13
8
for
value
stream
analytics,
so
we've
been
working
on
migrating
to
this
horizontal
navigation
and
we
will
be
removing
this
vertical
navigation.
We
still
have
a
bit
more
work
to
do
on
that,
so
we're
hoping
to
wrap
that
up
in
13.9
and
also
switch
this
view
to
a
table
which
will
allow
us
to
do
more
things
like
sorting
on
that
table.
D
We
had
added
the
ability
to
add
a
new
segment
in
this
table,
so
this
is
a
an
adoption
table
that
shows
you
the
features
that
your
teams
have
adopted.
The
gitlab
features
we
added
a
segment
selector
which
allows
you
to
combine
projects
and
groups,
but
there
was
some
concern
that
this
adds
too
much
complexity,
given
that
we
already
have
the
concept
of
groups
and
projects-
and
this
would
be
another
concept,
so
we're
actually
flipping
that
to
groups.
D
D
D
So
one
thing
that
we've
found
at
get
lab
is
that
sometimes
we
want
to
look
at
these
metrics
but
exclude
the
contributions
made
from
external
contributors,
community
members
and
so
we're
going
to
add
a
filter
that
will
allow
you
to
do
that
either
by
saying
does
not
equal
contributor,
which
is
a
label
that
we
use
or
by
based
on
the
access
level
that
the
user
has.
So
you
could
specify
minimum
of
a
developer
level
and
that
would
exclude
any
guest
contributions
so
that
you
can
see
what
your
internal
teams
are
delivering.
A
Yeah,
I
just
had
a
few
comments.
I
think
the
first
one
was
to
say
just
thank
you
for
pivoting
on
the
adoption
report.
I
think
that
there's
a
lot
of
small
changes
there
that
are
gonna
address
some
of
the
concerns
and
I'm
really
excited
to
see
that
feature
at
the
group
level
as
you
pivot.
I
think
just
keep
in
mind
where
the
future
of
that
feature
is
going
because
the
current
report,
with
the
you
know
the
the
the
boolean
the
filled
in
dots.
A
A
The
other
thing
is
to
say
just
thanks
a
lot
on
to
for
focusing
on
usability
like
you
were
talking
about
the
busy
status
and
it's
like
a
general
comment,
because
I
can
see
usability
as
like
a
focus
on
all
the
things
everyone
is
working
on
like
harris.
You
talked
about.
You
know
the
pagination
and
some
thought
that
you
went
into
there
to
make
sure
it's
a
great
feature.
A
Matt
you're
like
very
thoughtful
about
the
user
experience
with
the
compliance
frameworks,
and
I
think
that,
like
the
busy
status
that
you
talked
about
larissa,
it's
not
directly
related
to
like
our
immediate
goals
that
we
kind
of
have
shifted
towards.
But
it's
still
like
a
great
addition.
It's
going
to
make
the
product
more
lovable.
So
thank
you
all
for
focusing
usability
and
then
I'm
really
excited
to
see
the
mr
analytics
improvements.
A
So
please
consider,
as
that
gets
built
out,
continuing
to
drive
internal
adoption
of
that
telling
you
know
making
sure
you're
talking
about
this
and
with
engineering
leadership
and
making
sure
that
we're
getting
feedback
from
folks
to
make
sure
that
this
is
something
that
we
can
start
using
internally,
because
I
think
that
we've
still
get
to
get
like
a
ton
of
traction
with
this
feature.
But
people
are
excited
about
where
it's
going
so
great
stuff.
D
A
It,
I
still
think
devops
reports
is
the
most
valuable
and
highest
roi
feature
that
we
have,
but
I
think
that
that's
also
like
an
interesting
goal
to
keep
in
mind,
for
maybe
this
year
to
say:
hey,
how
can
we
pull
as
many
of
those
engineering
productivity,
charts
out
of
size
sense
and
into
the
handbook,
so
you
can
just
embed
them
correctly.
I
think
it'd
be
pretty
cool.