►
From YouTube: GitLab 16.2 Kickoff - Verify:Pipeline Security
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Yeah
all
right,
hi,
I'm,
Jocelyn
I,
am
the
product
manager
for
the
pipeline,
Security
Group
here
at
gitlab.
For
those
of
you
who
are
new
or
need
a
refresher,
our
group
is
responsible
for
two
categories.
The
first
is
build
artifacts
and
the
second
is
Secrets
management,
which
includes
integration
with
Secrets
managers,
CI
variables,
as
well
as
CI
job
token
I'm.
Here
with
our
wonderful
designer
beethica
today
to
kick
off
our
our
plans
for
16
too.
A
So
in
terms
of
our
themes,
we're
continuing
on
our
theme
to
really
improve
the
user
experience
for
CI
variables,
and
then
a
small
group
of
our
team
will
continue
to
work
on
the
build
artifact
bugs
that
are
currently
preventing
expiration
settings
from
working
correctly,
so
just
to
highlight
a
bit
of
our
deliverables.
A
lot
of
the
back
end.
Work
that
we're
going
to
be
doing
is
really
to
set
up.
A
The
necessary
graphql
queries
to
be
able
to
support
the
front
end
work
that
that
you'll
be
seeing
so
one
of
the
things
that
we're
looking
to
bring
in
the
next
Milestone
or
so
is
pagination
for
the
group
variables
table,
and
this
is
one
thing
that
we'll
be
focusing
on
getting
the
back
end
ready
to
support
that
front-end
implementation
in
the
in
the
following
Milestones,
the
other,
as
I
mentioned,
we're
focusing
a
lot
on
that
front-end
experience.
A
So
some
of
the
big
things
one
is
we're
going
to
start
limiting
the
number
of
environments
in
the
variables
modal
drop
down
just
so
it's
a
little
bit
more
user
friendly.
We're
also
going
to
be
updating
the
process
for
adding
and
editing
a
variable
as
well.
A
B
Yeah
thanks
Jocelyn,
so
we
did
a
lot
of
design
work
for
variables
to
like
do
sort
of
an
overhaul
of
the
experience
that
we
were
providing
and
change
it
for
better
and
a
part
of
that
exercise
was
also
just
understanding
like
what
could
be
a
better
way
of
presenting
the
variables
that
a
project
has
access
to
starting
from
the
ones
that
are
inherited
to
the
ones
which
are
created
in
the
project
itself.
B
And
we
came
up
with
a
couple
of
designs
that
we
wanted
to
like
take
to
our
users
and
get
to
know
like
if
this
change
is
going
to
be
of
any
value
to
them.
And
if
not,
what
are
the
changes
to
that?
B
We
need
to
make
to
this
to
make
a
share
that,
like
whatever
we
are
doing,
we
are
doing
it
for
good,
so
the
design
two
that
you
are
looking
at
is
the
one
that
will
most
probably
be
discussing
with
all
the
participants
that
we
have
interviews
already
scheduled
with
for
the
coming
weeks.
Okay,
we'll
speak
with
a
bunch
of
YouTube
and
we'll
be
sharing
our
prototypes,
we'll
be
providing
scenarios
and
there'll
be
a
lot
for
us
to
learn
from
that.
That's
one.
B
The
next
couple
of
issues
that
I'll
be
looking
at
in
this
Milestone
are
these.
This
up.
First
one
is
configure
job
token
group
scope
at
group
level,
so
I
think
about
six
months
back
I
worked
on
an
issue
which
was
to
provide.
B
Like
which
was
a
workflow
for
for
allowing
a
particular
project
to
be
accessed
by
another
project
by
adding
it
to
an
allow
list
that
belongs
to
this
other
project,
but
for
like
thinking
about
organizations
that
have
let's
say
too
many
projects
in
groups,
it
was.
It
is
a
very
tedious
task
to
go
individually
to
each
one
of
them
and
then
set
up
this
allow
list
to
make
it
easier.
What
we'll
be
doing
now
is
we'll
be
working
on
configuring,
these
tokens
at
group
level,
and
that
would
make
everything
so
much
easier.
B
Like
you
just
have
to
configure
the
settings
at
group
level
like
which
projects
you
would
want
to
be
to
access
or
to
be
accessed
through
the
projects
which
are
inside
the
group,
and
that's
it-
you
won't
have
to
go
to
the
individual
projects
then
coming
to
the
next
one.
B
It
says
through
the
variables
entered
while
running
a
manual
Pipeline
and
that's
pretty
much
what
we
we're
talking
about,
that
when
a
pipeline
is
run
the
jobs,
the
variables
that
the
jobs
are
using.
The
only
way
today
for
showing
that
and
that's
also
I,
think
a
working
progress
is
on
the
job
logs
page,
we
are
adding
a
variables
tab,
but
what
happens
if
like
what
happens
when
users
want
to
get
a
glimpse
of
all
the
variables
like
going
to
each
job
at
a
time
and
looking
at
the
variables
as
its
cumbersome?
B
And
we
understand
that
so
we
are
going
to
be
thinking
of
a
way
in
which,
without
like
making
much
changes
or
much
additions
to
the
UI
of
the
pipeline
detail
page.
If
we
can
just
present
this
extra
information
like
what
variables
the
jobs
used
when
they
executed
and
that's
it,
that's
pretty
much
all
I'll
be
looking
at
besides
working
on
the
design
proposal
for
those
Secrets
native
solution,
POC
and
I'll
have
more
to
share
about
that
in
the
next
milestone.
B
A
Thanks
beethica,
so
just
to
wrap
back
up
a
large
part
of
what
we're
focusing
on
in
16-2
is
really
continuing
to
improve
the
user
experience
for
CI
variables,
so
everyone
uses
variables.
So
please
reach
out
if
you
have
any
suggestions
or
any
comments
or
would
like
to
would
like
to
be
part
of
solutioning
with
us.
We
are
super
excited
to
continue
to
iterate
on
the
improvements
and
and
we
look
forward
to
the
feedback.
Thank
you.