To ensure strict code review, you can require a minimum number of users to approve of a merge request before it is able to be merged.
For faster code review, draft multiple comments in a merge request code review, before submitting them together all at once.
Assign Code Owners to files to indicate the team members responsible for code in your project. Code owners are assigned automatically as merge request approvers.
Find bottlenecks in your code review process by understanding how long open merge requests have been in review.
Keep master green. A special pipeline runs on the results of merged code before merging into master to detect changes that may be green on a branch but will fail master when merged.
Full Code Quality reports are available on the pipeline page, showing areas of the codebase that do not meet the organization’s preferred style or standards.
Shorten the feedback cycle and enable stakeholders to provide comments through a form in your review app - which is then automatically added to the related merge request .
Visualize the history and current status of pipelines across projects and groups all in a single dashboard that can be customized for each user.
Visualize how pipelines across projects are linked together, including cross project dependencies.
Reduce pipeline queueing and waiting time with merge trains which allows parallel pipeline execution, with each pipeline building off the merge result of the previous one.
Connect your projects hosted on external services (like GitHub or Bitbucket) and leverage the power of GitLab CI/CD pipelines to build, test, and deploy your applications easily.
Manage the deployments and connection to your Kubernetes clusters in a secure and compliant way, driven by code.
Visualize cross-project environments, track change flow from development to production, track pipeline status and diagnose issues from a single dashboard.
templates for a Group to make consistency easier.
An overview of all the projects, environments provisioned and the numbers of pods used by each environment in a Kubernetes cluster.
Visualize multiple epics and milestones across time in a roadmap view.
Issue board lists that pull in issues in a given milestone
Assign scoped labels mutually exclusively when they have the same scope.
Assign more than one person to an issue at a time.
Plan and track features and work group level epics that collect issues together. Easily create and assign Issues directly from the Epic itself
Multiple Group Issue Boards, similar to Multiple Project Issue Boards
Promote an issue to epic to continue collaboration at a higher-level work abstraction.
Associate a board with a milestone, labels, an assignee, and a weight
Approval rules ensure that the right people review merge requests by specifying eligible approvers and the minimum number of approvals required for a merge request.
Coordinate the order in which merge requests are merged within the same project and/or across different projects.
Reject new code and commits that don’t comply with company policy.
Guarantee quality and standards of your code by mandating a set number of necessary approvals and predefine a list of specific approvers.
Extend the base functionality of protected branches and choose which users can push or merge to a protected branch.
Specify which person, group, or account is allowed to deploy to a given environment, allowing further protection and safety of sensitive environments.
Group owners can prevent new members from being added to projects within a group.
Users using Geolocation-aware DNS can be transparently directed to the closest server available and access repository data faster.
Fail over in minutes to another data-center.
Maintenance mode allows systems administrators to perform maintenance operations, such as preparing for a scheduled failover, with minimal disruption to end users.
Configure replicated Git storage with automatic failover, strong consistency, and read distribution for improved fault tolerance and performance.
Built for distributed teams, GitLab Geo helps to reduce time to clone and fetch large repos with GitLab Geo - thereby speeding up the user experience for all users regardless of location.
Scale GitLab services across multiple nodes to manage demand and provide redundancy. Determine the optimal architecture for your needs using reference architectures.
Supports distributed teams by running multiple registry instances across several regions and syncing between data centers.
Distribute read-only queries among multiple PostgreSQL database servers and reduce the load on the primary database to increase responsiveness.
Forward your logs to a central system.
Gain visibility into top-priority fixes by identifying and tracking trends in security risk across your entire organization.
Ensure you are not exposed to web application vulnerabilities like broken authentication, cross-site scripting, or SQL injection by dynamically investigating your running test applications in CI/CD pipelines.
Empower your entire team, and not just Security, to act on security findings with a unified interface for scan results from all GitLab Security scanners.
Run a security scan to ensure the Docker images for your application do not have any known vulnerabilities in the environment where your code is shipped.
Protect your application from vulnerabilities that affect dynamic dependencies by automatically detecting well-known security bugs in your included libraries.
A vulnerability database that can be viewed and enhanced by anyone.
Identify vulnerabilities in your running application, independent of code changes or merge requests.
“Test the APIs in your apps to find vulnerabilities and bugs that traditional QA processes miss.”
The security alert dashboard provides a workflow for viewing and managing container network policy security alerts.
Require approval from your security team before allowing developers to merge in code that introduces new vulnerabilities.
Allow security teams to manage and enforce security policies for GitLab projects and for Kubernetes clusters.
To maintain the integrity of your code, admins can track and analyze changes made within GitLab in an advanced audit event system
View an aggregated compliance status of your groups and projects, easily spot when projects are out of compliance and take informed actions to remediate any issues.
Check that licenses of your dependencies are compatible with your application, and approve or deny them. Results are then shown in the Merge Request and in the Pipeline view.
Designate which compliance framework a given project must follow. Define the framework for the relevant standards your business adheres to, such as GDPR, HIPAA, PCI-DSS, SOC 2, and SOX, or a custom one.
To ensure projects perform the steps necessary to meet regulatory requirements, create a common pipeline definition that will run for all projects that adhere to a given compliance framework.
Define and plan test cases, maintain test execution results and create a backlog of work from failed tests.
Gather, document, refine, and track approval of business and system requirements. Define traceability between requirements and other requirements, code, or test cases.
GitLab helps you ensure compliance during software development. You can define and enforce MR approval settings to ensure proper separation of duties. Settings are made at the group level and are automatically applied to child projects within the group to help ensure compliance with organizational requirements.
Plan and track strategies, initiatives, and features with multi-level epics. Organize and prioritize work across multiple children epics and their issues within the Epic Tree.
Report on and quickly respond to the health of individual issues and epics by viewing red, amber, or green health statuses on your Epic Tree.
Establish product vision and strategy, gain progress insights, organize, govern and shape the effort of multi-disciplinary teams with portfolio-level roadmaps.
Edit labels on multiple epics all at once via the Epic List.
View and track your epics on a kanban-style board
Charts to visualize data such as triage hygiene, issues created/closed in a given period, average time for merge requests to be merged and much more.
Monitor the frequency of your deployments over time, find bottlenecks, and make improvements when necessary.
Lead time for changes measures the time to merge a change to production and helps you understand the efficiency of your deployments over time and find improvement areas.