►
From YouTube: Verify:Pipeline Security - 16.0 Milestone Kickoff
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
A
Jocelyn
I
am
the
product
manager
for
the
pipeline
security
team
here
at
gitlab.
For
those
of
you
who
are
not
familiar
with
our
categories,
we
have
secrets
management,
which
includes
the
integration
of
Secrets
secret
managers
as
well
as
variables
and
CI
job
token.
We
also
are
the
owners
of
build
artifacts
today,
I'm
here,
to
kick
off
our
16.0
Milestone
to
give
us
preview
of
what
we
have
coming
so
our
themes
for
160.
Our
first
is
breaking
changes
we'll
and
then
the
continuation
build
artifacts,
so
adding
additional
functionality
with
bulk
deletion.
A
So
up
until
this
month,
this
coming
Milestone.
We
have
enabled
three
different
ways
to
use
the
Json
web
token
for
authentication
they've
lost
several
milestones.
A
We
have
continued
to
increase
layers
of
protection
and
mature
our
oidc
token,
which
has
really
led
to
this
new
production
ready
oidc
token,
which
is
really
a
secured
version
of
the
CI
job
JWT
version
2
token,
and
that
that's
going
to
be
our
new
default
standard
that
we
will
be
using
to
authenticate
with
a
variety
of
different
products
such
as
faults,
AWS
and
so
on
and
so
forth.
So
as
a
result
of
this
change
or
this
direction,
we
will
be
removing
the
less
secure
authentication
methods
from
Service.
A
You
will
also
notice
this
change
on
the
UI
as
well,
where
previously
we
allowed
users
to
select
the
limit
JWT
access
toggle.
This
will
now
be
the
defaults.
If
you
haven't
had
a
chance
to
prepare
for
this
breaking
change.
I
recommend
checking
out
the
blog
post
on
getlab.com
for
instructions
on
how
to
prepare
for
the
change
to
ensure
a
smooth
transition
of
your
workflows.
A
The
next
item
is
build
artifacts,
which
continues
to
be
at
the
top
of
our
minds
as
we
work
through
this
process
of
unlocking
old
artifacts
from
previously
filled
or
deleted
jobs.
This
has
not
been
a
trivial
test
for
those
of
you
who
have
been
following
our
progress,
and
our
back-end
team
continues
to
persevere
and
work
through
this
big
hairy
problem.
A
Our
last
back
end
item
that
I
wanted
to
highlight
is
audit
logging
for
CI
job
token
work
for
secure,
CI
job
token
workflows.
This
will
really
enable
our
users
to
be
able
to
track
when
there
have
been
changes
to
CI
job
token.
In
the
audit
logs
on
the
front
end,
we
are
continuing
to
enhance
artifact
management
through
our
artifacts
page,
including
bulk
deletion,
and
then
we
are
focusing
on
usability
for
variables,
so
we'll
be
adding
a
loading
indicators.
A
So
you
all
know
exactly
what
the
status
is
of
the
of
the
the
query
will
be
enhancing
our
displays
to
show
the
inherited
group
variables
and
we'll
also
be
focused
on
improved
messaging.
A
Continuing
on
our
theme
of
protecting
sensitive
information
vehicle
will
also
be
looking
at
the
experience
to
prevent
sensitive
data
from
being
downloaded
by
those
who
don't
necessarily
have
the
need
to
know
so
that
wraps
up
pipeline
Securities
16.0
Milestone
plans.
This
is
definitely
a
very
act
Milestone,
and
so
we
are
we're,
excited
and
energized
and
ready
to
to
get
started
and
deliver
some
of
these
some
of
these
new
capabilities,
so
we're
excited.
We
hope
you
are
too
thanks
for
listening.