gitlab-org/gitlab-foss v16.7.0

on GitLab

You can now list your Mastodon handle on the User Profile. With this enhancement we are now supporting a fediverse social network, which will help in advancing ActivityPub for GitLab.

Group descriptions can now contain up to 500 characters. If you try to save a group description with more than 500 characters, a warning message appears stating that the description is too long. Thanks to @freznicek for this community contribution!

The search bar is now more prominent on the search results page. To increase the search bar visibility, the group and project filters have been moved to the left sidebar.

If you're switching from Terraform to OpenTofu, this release of GitLab adds preliminary support for OpenTofu. Because OpenTofu is a fork of Terraform, the MR widget integration, module registry, and GitLab-managed Terraform state work by default. We added support for OpenTofu in the gitlab-terraform helper image to simplify the usage of the GitLab IaC offering.

GitLab continues to support Terraform for the MR widget, module registry, and GitLab-managed Terraform state.

You can now optionally input a new parameter, expires_at, when rotating an access token. This allows you to create a custom expiry date for the token. Previously, each rotation extended the expiration one week from the previous expiry date. This new option provides flexibility in rotation interval.

You can now override the default single-threaded gzip compression library with an alternate compression library of your choice for backups using the COMPRESS_CMD and DECOMPRESS_CMD commands. This allows you to leverage parallel compression libraries to speed up the compression stage of the backup by using the power of modern multi-core processors. The commands include support for passing options to the compression library allowing you to adjust parameters such as compression levels and speed.

Until now, GitLab only displayed time in 12 hour format, which could not be changed.

From this release, thanks to the community contribution, you can customize the format used to display time in places like issue lists, overview pages or when setting your status. You can display times as:

• 12 hour format, for example 2:34 PM.
• 24 hour format, for example 14:34.

Thanks to Thorben Westerhuys for this community contribution!

In the following milestone we will audit all timestamps shown across the GitLab product to make them respect the setting.

Administrators can now access the Admin Area in one step, by using a link at the bottom of the left sidebar. Previously, you had to select Search or go to and then select Admin Area. This change should save you time when accessing the Admin Area.

GitLab groups and project migrations done by direct transfer can become stuck for various reasons. In the past, to avoid leaving these migrations in an incomplete state indefinitely, GitLab periodically executed a worker to identify migrations that hadn't completed within 8 hours. GitLab marked these migrations as timed out.

For large organizations, the migration process can take longer than 8 hours, so this amount of time was not always sufficient to properly determine if a migration was stuck. As a result, this worker might have incorrectly marked a migration as stuck.

In this milestone, instead of using an 8 hour time limit, GitLab now only marks the migration as stuck if the child workers stop working for 24 hours.

Knowing how crucial for our users is to understand the results of the import process, in this milestone we further improved on information presented for imports by direct transfer. We now display import status badges next to GitLab groups and projects on:

• The page where you can select groups and projects to import.
• The page listing imported groups and projects.

The import status badges are:

• Not started
• Pending
• Importing
• Failed
• Timeout
• Cancelled
• Complete
• Partially completed

The Partially completed badge was added in this release and identifies a completed import process that has some items (such as merge requests or issues) not imported.

Groups that an import process was started for have a View details link that shows imported subgroups and projects for that particular group. From there, you can see the list of items that couldn't be imported (if any) by clicking a See failures link. See failures was released in the last release.

In this milestone we also improved navigation with the breadcrumbs between those pages.

In GitLab 16.2 we released the rich text editor as an alternative to the existing Markdown editing experience. The rich text editor provides a “what you see is what you get” editing experience and an extensible foundation on which we can build custom editing interfaces for things like diagrams, content embeds, media management, and more.

With GitLab 16.7, we've changed the rich text editor to match the behavior with our Markdown editing experience and fix reported bugs. We've changed the sorting order in the labels autocomplete modal to be consistent between the Markdown and rich-text editor, addressed a bug in the options returned in the unassign quick action in the rich-text editor, added support for custom emojis, and updated the look and feel of the quick action selection dropdown to be consistent in the two editing experiences, among other improvements.

The value stream analytics report now has a set of filter options for data in the last 30, 60, 90, or 180 days. These new filter options simplify the date selection process, making it more efficient and user-friendly to understand where time is spent during the development lifecycle.

Previously, to create a GitLab Pages project, you needed a domain formatted like name.example.io or name.pages.example.io. This requirement meant you had to set up wildcard DNS records and SSL/TLS certificates. In GitLab 16.7, you can set up a GitLab Pages project without a DNS wildcard. This feature is an experiment.

Removing the requirement for wildcard certificates eases administrative overhead associated with GitLab pages. Some customers can't use GitLab Pages because of organizational restrictions on wildcard DNS records or certificates.

We welcome feedback related to this feature in issue 434372.

Who doesn't love a good emoji to really express yourself? When commenting on items across GitLab, you've used our default set of emoji to add reactions, but sometimes those emoji just weren't enough to express your emotions. Groups can now add custom emoji to use across their projects. Custom emoji allow you to express your true feelings and communicate more clearly with the rest of your team. We can't wait to see how you'll react next.

When your approval is required for a merge request, you need to be notified to take action. Some users only want notifications when their approval is required, which is typically done by adding a user by name to review the changes. However, some users want a notification for any merge request they are eligible to approve, even if they aren't added by name as reviewers.

Enable the Added as approver custom notification level to trigger an email and to-do for each merge request you are eligible to approve. This helps you be aware of merge requests sooner in the process, and take action to get the proposal merged.

Previously, the artifacts:public keyword was only available as a default disabled feature for self-managed instances. Now in GitLab 16.7 we've made the artifacts:public keyword generally available for all users. You can now use the artifacts:public keyword in CI/CD configuration files to control whether job artifacts should be publicly accessible.

In GitLab 13.0 we introduced the ability to keep the job artifacts from the most recent successful pipeline. Unfortunately, the feature also marked all failed and blocked pipelines as the latest pipeline regardless of whether they were the most recent or not. This led to a buildup of artifacts in storage which had to be deleted manually.

In GitLab 16.7 the bugs causing this unintended behavior are resolved. Job artifacts from failed and blocked pipelines are only kept if they are from the most recent pipeline, otherwise they will follow the expire_in configuration. Affected GitLab.com customers should see artifacts which were inadvertently kept now unlocked and removed after a new pipeline run.

The Keep artifacts from most recent successful jobs setting overrides the job's artifacts: expire_in configuration and can result in a large number of artifacts stored without expiry. If your pipelines create many large artifacts, they can fill up your project storage quota quickly. We recommend disabling this setting if this feature is not required.

We’re also releasing GitLab Runner 16.7 today! GitLab Runner is the lightweight, highly-scalable agent that runs your CI/CD jobs and sends the results back to a GitLab instance. GitLab Runner works in conjunction with GitLab CI/CD, the open-source continuous integration service included with GitLab.

What's new:

• Implement graceful shutdown for Docker executor
• Dynamically create PVC volumes with storage classes for Kubernetes

Bug Fixes:

• allow_failure:exit codes unusable with custom executor because exit code is always 1
• Add better handling of signals in the runner helper and build container for the Kubernetes executor

The list of all changes is in the GitLab Runner CHANGELOG.

Runners can now generate provenance metadata with a statement that adheres to SLSA 1.0. To enable SLSA 1.0, set the SLSA_PROVENANCE_SCHEMA_VERSION=v1 variable in the .gitlab-ci.yml file. The SLSA version 1.0 statement is planned to become the default version in GitLab 17.0.

GitLab 16.7 sees the Beta release of the CI/CD catalog! The catalog is where you can search for CI/CD components maintained by you, your organization, or the public community. This is the place where DevOps engineers come together to create, contribute, and share reusable pipeline configurations.

Unlike other methods of reusing CI/CD configuration, CI/CD components published in the catalog have an improved experience, and are easily added to your pipeline. We invite you to start testing this new and exciting feature! You can try out components that others have created and shared in the catalog, or create your own components and share them with everyone.

While this is our initial beta release of the feature, we continue to work on making the experience even better. Our goal is to make the CI/CD catalog a fundamental part of the GitLab CI/CD experience.

You can now configure GitLab to reopen closed issues when an external participant adds a new comment on an issue by email. This gives you full visibility into ongoing conversations, even after an issue has been resolved.

It also adds an internal comment that mentions the assignees of the issue and creates to-do items for them. This way you can make sure you never miss a follow-up email again.