vault-demo
gitlab
Our great sponsors
vault-demo | gitlab | |
---|---|---|
2 | 448 | |
- | - | |
- | - | |
- | - | |
- | - | |
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
vault-demo
-
Vault root token using terraform?
GitLab supports jwt. This allows the pipeline job to generate a one time use token to authenticate to vault. Here are a few examples on how to do this. https://gitlab.com/bdowney/vault-demo/-/blob/master/.gitlab-ci.yml
-
AWS federation comes to GitHub Actions
There are a couple approaches. GitLab's JWT token allows custom scripting to interface it to other systems. This demo shows custom integration with Vault (it also demonstrates our native integration - so you have to parse out which code you are looking at): https://gitlab.com/bdowney/vault-demo
Another approach is placing a GitLab runner within AWS and assigning it an IAM role directly. While this isn't as flexible, it is also not as complex to debug why a specific user can't build or deploy a job when another can.
In this scheme, there is potentially a runner per-dev team that has the same exact IAM profile as the dev team.
This can be done using KIAM for EKS runners, or if you are doing docker runners, you can use the "GitLab HA Scaling Runner Vending Machine for AWS EC2 ASG" here: https://gitlab.com/guided-explorations/aws/gitlab-runner-aut...
That last automation is designed to be self-service and can be setup in AWS Service Manager for teams to self-deploy their runners.
The many other benefits to this automation are enumerated here: https://gitlab.com/guided-explorations/aws/gitlab-runner-aut...
gitlab
-
Gitlab Duo
Since the relevant code appears to be in the "ee" directory <https://gitlab.com/gitlab-org/gitlab/-/blob/v16.11.0-ee/ee/l...> and is not present in the foss repo, I'm guessing the answer is no, at least for now. They do have a history of "releasing" features from EE back to CE but my suspicion is not for LLM stuff
- Code Search Is Hard
- XZ Backdoor Investigation Request to Gitlab Team
-
Client side Git hooks 101
(Side note: Issues are usually hash-prefixed like #1234 both on GitLab and GitHub. However, commit messages must not begin with a hash, they would be considered a comment and ignored. Therefore, GitHub has introduced the alternative prefix GH- and I've contributed a similar prefix GL- to GitLab a while ago.)
- Assign Issue to an AI Developer
-
BuildKit in depth: Docker's build engine explained
and its "oh, you want multi-arch, do you?" friend. While prosecuting this <https://gitlab.com/gitlab-org/gitlab/-/issues/339567> I learned that https://hub.docker.com/layers/multiarch/qemu-user-static/7.2... actually mutates the binfmt_misc in buildx's context in order to exec the static copy of qemu in it https://github.com/multiarch/qemu-user-static/blob/v7.2.0-1/...
and, that the buildx plugin itself has some qemu magick in it, which got addressed in a minor version bump but I couldn't track down the relevant GitHub issue this second (I've flushed it from my mind, only recalling that there were a lot of actors in that tire fire)
-
Gitlab password reset bug leaves more than 5.3K servers up for grabs
This is actually a follow-up refactor, the fix is here: https://gitlab.com/gitlab-org/gitlab/-/commit/abe79e4ec43798...
- ExifTool CVE-2021-22204 – Arbitrary Code Execution
- Critical Gitlab vulnerability exposes 2FA-less users to account takeovers
- Upcoming critical Gitlab security issue
What are some alternatives?
trackiam - A project to collate IAM actions, AWS APIs and managed policies from various public sources.
Gitea - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
onedev - Git Server with CI/CD, Kanban, and Packages. Seamless integration. Unparalleled experience.
rich-markdown-editor - The open source React and Prosemirror based markdown editor that powers Outline. Want to try it out? Create an account:
gitlab-foss
chatwoot - Open-source live-chat, email support, omni-channel desk. An alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬
Gitbucket - A Git platform powered by Scala with easy installation, high extensibility & GitHub API compatibility
terratest - Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
dependency-track - Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
semantic-release - :package::rocket: Fully automated version management and package publishing
Redmine - Mirror of redmine code source - Official Subversion repository is at https://svn.redmine.org/redmine - contact: @vividtone or maeda (at) farend (dot) jp