►
Description
Here is an overview of the Release Evidence features and an example of how a user is leveraging the JSON files in an audit.
https://about.gitlab.com/direction/release/release_evidence/
A
Hey
Jackie
Michelle
here
with
release
management
over
here
at
get
lab.
I'm
gonna
talk
a
little
bit
about
our
release.
Evidence
category
direction
today,
first
does
introduction.
Release
evidence
is
within
the
stage
of
release
management,
which
is
very
focused
on
delivering
a
very
mature
experience
for
orchestrating
releases
within
get
lab.
A
component
of
that
is
successfully
managing
environments
and
deployments
with
our
tools,
as
well
as
secrets,
management
and
even
deploying
to
our
pages
release.
Evidence
is
very
focused
on
the
auditor
and
compliance
personas
within
release
orchestration.
A
So
when
we
think
about
the
different
phases
of
a
software
development,
an
auditor
may
come
in
and
ask
for
an
artifact
that
shows
all
the
changes
that
have
occurred
in
your
software,
who
made
those
changes
and
when
those
changes
were
made,
we've
built
release
evidence
as
a
tool
that
captures
a
snapshot
of
the
release,
object
based
off
of
the
associations
to
a
milestone.
The
milestones
that
are
contained
within
an
issue
are
also
linked
within
evidence
and
then
there's
a
commit
sha
that
can
be
verified.
A
Nothing
has
been
tampered
with
as
a
part
of
this
auditing
and
compliance
story.
When
we
look
at
the
future
of
release,
evidence
we're
very
focused
on
expanding
the
information
that
is
contained
in
the
current
JSON
file
today.
So
we
have
the
base
attributes
of
name
project
milestone,
but
we're
looking
to
expand
that
reach
into
test
results,
scan
results,
merge
requests
who
made
those
changes
were
the
changes
that
were
merged
had
an
approver
on
it.
A
Let's
go
ahead
and
review.
What
were
the
live?
What
we've
delivered
today
and
where
we're
going
to
go
so
today,
release
evidence
is
captured
at
they
released,
add
attribute.
You
also
have
the
capability
of
creating
an
upcoming
release
and
therefore
the
release
evidence
is
scheduled
and
we
also
delivered
some
more
advanced
functionality
for
how
an
evidence
can
be
captured.
A
release.
Evidence
is
a
JSON
file,
that's
attached
to
that
release,
object,
and
it
offers
some
really
neat
attributes
that
allow
people
this
chain
to
see
this
chain
of
custody
related
to
a
project's
release.
A
When
we
look
at
what
we've,
what
we've
expanded
on
the
release
evidence
today,
we're
very
focused
on
allowing
our
users
to
deliver
more
release,
evidence
comparison
capabilities
within
any
given
release.
So
if
you're
a
core
user,
you
would
take
a
JSON
file
from
a
previous
version
and
compare
it
to
perhaps
the
current
version
and
you
would
diff
those
two
JSON
file
and
see
the
changes
are
more
advanced.
Customers
in
the
releases
capability
may
want
to
take
that
same
release
and
compare
multiple
snapshots
over
the
same
time.
A
So
in
this
image
right
here,
you
can
see
there
are
several
evidences
that
are
collected
for
the
same
tag,
so
the
released
at
attribute
allows
you
to
collect
these
different
release.
Evidences
on
demand,
which
is
offered
to
our
premium
customers
and
above
the
advantage
here,
is
that
you
can
take
this
JSON
file
and
this
JSON
file
disk
them
and
see
the
changes
over
time.
So
let
me
go
ahead
and
show
an
example
of
how
a
core
customer
would
do
this.
A
So
I
will
go
to
a
project
I
see
how
I
have
this
tag
here
in
this
version,
I'm
going
to
go
ahead
and
click.
My
evidence
JSON
for
this
version
I'm
also
going
to
go
to
this
tag
here
of
a
separate
version
in
the
same
project
and
click
that
and
then
I'm
gonna
use
a
JSON
diff
tool
and
it
going
ahead
and
select
a
couple
files
here
for
my
first
version
and
then
I'm
gonna
choose
the
file
of
my
second
version
and
then
I'm
gonna
hit.
Compare.
A
We
can
see
that
this
TIFF
tool
has
found
five
differences
and
we
can
see
that
there
you
highlight
it
as
you
click
through
them,
and
the
strings
and
numbers
are
actually
different.
So
this
would
be
an
example
where,
over
time,
we'd
be
able
to
observe
the
differences
and,
as
we
build
out
more
maturity,
we'd
be
able
to
see
that
this
is
how
our
production
environment
has
changed.
Who
made
the
change
and
potentially
why
the
change
was
made.
A
Another
neat
feature
that
will
help
this
auditor
persona
or
compliance
persona.
Is
this
idea
of
identifying
rule
violations
in
the
release
evidence
file
so,
as
we
expand
release
evidence
to
include
things
like
merge
request
was
submitted
by
and
merge
request
was
approved
by
in
the
production
environment.
We
could
add
a
rule
to
get
lab
that
says:
I
need
my
approver
in
my
submitters
to
be
two
different
IDs
and
we
would
be
able
to
add
a
comment
to
the
evidence
that
suggests
M.
Our
approver
and
submitter
is
the
same
or
not
the
same.
A
Someone
could
then
triage
fixes
to
then
make
sure
that
they're
in
compliance
for
their
production
environment
altogether
release
evidence
is
about
making
the
auditing
and
compliance
journey
as
simple
as
possible.
It's
a
complicated
process
and
it
could
be
very
disruptive
to
people
who
are
producing
changes
to
production.
So
by
organically
capturing
this
information
in
a
one-stop
place,
we
actually
compete
very
effectively
with
the
current
tools
out
there
and
we
also
satisfy
the
needs
of
many
of
our
users.