GitLab 11.8 released with JavaScript support in SAST, subgroups in Pages and error tracking
- Transfer
* author of the illustration: carmen_dorin
JavaScript support in SAST
The GitLab Application Security Test Function (SAST) scans the source code and helps identify potential security threats in the early stages of the pipeline. In version 11.8, we added the JavaScript support option in SAST , plus the existing node.js. support option. Now you can scan any JavaScript files, such as static scripts and HTML. The main method of DevSecOps is to scan code changes at every commit, and thanks to this change, we cover one of the most popular web languages, helping you to identify dangerous places in JavaScript code as early as possible.
GitLab Pages for subgroups and templates
In this GitLab release, we have seriously improved GitLab Pages, and among the innovations are 2 key enhancements. First, we implemented support for GitLab Pages for projects in subgroups , making it possible to publish the contents of these projects on the network. GitLab 11.8 also combines our most popular Pages templates , and in this way, users can get started with one click.
Sentry bug tracking
Application errors provide important information about the state of the application and can help detect problems before users report them. GitLab 11.8 displays the latest errors directly in the project: now detecting them and taking appropriate measures is much faster and easier.
And many other great features!
The release contains a number of useful features, and we would like to pay special attention to some of them:
- Rules for permitting merge requests . Simple rules for those who need to approve changes, whether it is an individual user, group or position. The feature will be available soon on GitLab.com, and the administrator will be able to activate it in your GitLab instance.
- A set of application settings for environments . Previously, options were turned on or off for all your environments. It's finished! Now the parameters for individual environments are included selectively. The feature is available on GitLab.com now, and the administrator can activate it in your GitLab instance.
- Improved function for combining descriptions in commits . Those who like to create detailed descriptions in commits are probably upset by their loss in the combined commit. In 11.8, merged commits now automatically use the first multi-line description in the commit, and can also be overridden to provide additional improvement.
The most valuable asset (MVP) this month became Aaron Walker ( by Aaron Walker ).
In this release, walkafwalka added 2 new Auto DevOps features: support for custom domains and redeployment when changing exclusively secret keys . Thanks for the improvements!
Key Features Added to GitLab 11.8 Release
JavaScript support in SAST
Available in: ULTIMATE, GOLD
The Static Application Security Testing (SAST) feature allows you to detect vulnerabilities in the source code each time you make a new change to the repository. With this information in the merge request, you can implement the function of a safe shift to the left and solve problems before combining them into a stable branch.
In version 11.8, we added JavaScript to the list of languages supported by SAST. There is no need to change anything in the pipelines. JavaScript projects are automatically recognized and analyzed for security risks. It is also an element of Auto DevOps .
Sentry bug tracking
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Tracking errors that occur in the application allows you to detect problems before users report them.
GitLab 11.8 makes the error monitoring process more convenient and efficient by integrating the popular Sentry open source error tracking program and displaying the latest errors directly in the GitLab project.
Sentry has recently expanded its GitLab integration capabilities to detect suspicious commits, track releases and commits, and more. Thanks to a combination of integration tools, moving from Sentry to GitLab and vice versa is easy, and so the problems are solved within the context, within the existing process.
Create One-Click Pages with Combined Templates
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Now we are combining our most popular Pages templates directly in GitLab, allowing you to create sites directly from the screen for creating a new project without branching out the sample repository, as before.
For more information, see our article on using GitLab Pages templates .
Pages Subgroup Support
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
The Pages function has been modified to work with subgroups in GitLab, which also provides the ability to create Pages sites. Sites created in this way have URLs in the format toplevel-group.gitlab.io/subgroup/project
. This will provide projects, even if they are part of subgroups, with access to the ability to create documents or other sites necessary as part of the software release process.
Merge request permission rules
Available in: PREMIUM, ULTIMATE, SILVER, GOLD
Code review is an integral part of any successful project, but it is not always clear who should review the changes. As a rule, participation of reviewers from different teams is desirable: development teams, user interaction teams, production teams.
The permission rules added in GitLab 11.8 make it possible to improve the interaction process between individuals involved in code review by defining the circle of authorized approvers and the minimum number of permissions. The permission rules are displayed in the merge request widget - so you can quickly appoint the next reviewer.
In GitLab 11.3, we introduced the Code Owners option - to designate team members who are responsible for individual parts of the project code. The Code Owners feature is integrated into permission rules, and so you can always quickly find the right people to review changes.
By default, Permission rules in 11.8 are disabled; they must be enabled by the instance administrator by running a command Feature.enable(:approval_rules)
on the Rails command line.
Permission rules are temporarily disabled on GitLab.com. They will be reenabled after deployment of GitLab 11.8.1. Keep track of this task in updates.
Enhanced cross-project pipeline triggers
Available in: PREMIUM, ULTIMATE, SILVER, GOLD
Starting with GitLab 9.3, you can create multi- project pipelines by launching a descending pipline through a call to the GitLab API in your task. In version 11.8, we added a first-class support function for launching a descending pipeline using a trigger:
keyword that can be added to the bridge task to automatically start a descending pipeline if the current is successfully completed.
Improved function for combining descriptions in commits
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Creating a history of git that will be readable and useful for people in the future can be broken by small commits, with single-line descriptions that fix errors detected by automatic tests, or make changes resulting from discussion between developers.
Now GitLab, by default, concatenates messages in commits, first inserting the first multi-line description of the commits in the git branch and allows you to override the final description in the combined commit so that you can update it and reflect any important changes.
Auto DevOps support for custom domains in a specific environment
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Auto DevOps allows you to get started quickly by adding a “base domain” to your projects. If your application is ready for deployment in a production environment, you may need additional domain names.
Use an environment variable ADDITIONAL_HOSTS
to designate one or more additional domains for your application. Add them to a specific environment variable name adding to the medium,. F. <ENVIRONMENT>_ADDITIONAL_HOSTS
.
Thanks to Aaron Walker for your contribution!
Function scale display for Knative functions
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Delivering functionality using gitlab serverless takes full advantage of knative, such as scaling a service up and down to zero.
You can see the size of your serverless application for each component hosted in knative. Size shows the current number of running Kubernetes pods.
Other improvements in GitLab 11.8
Determining the first day of the week
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
GitLab calendars used to assume that the week starts on Sunday. Now users can choose Monday in their profile: this is reflected in the application when choosing a date and on the distribution chart.
Thank Fabian Schneider ( of Fabian Schneider ) for their contribution!
Scrolling a schedule forward, into the future, and back into the past
Available in: ULTIMATE, GOLD
When you start the schedule for the first time, GitLab pre-selects a time period for you: a weekly, monthly or quarterly interval. But the view was fixed, and the epics outside the displayed area were hidden.
Now scroll forward to the future and back to the past. Epics falling into these extended periods will be automatically displayed without requiring a page refresh in any way, which will allow you to easily see even more epics for the desired period.
Smart Card Credential Authentication with LDAP
Available in: PREMIUM, ULTIMATE, SILVER, GOLD
Organizations that use smart cards as authentication tokens often use LDAP for centralized identity management. In version 11.8, we repeated the smart card authentication function added in version 11.6 , which allows you to log in using smart card credentials through a configured LDAP server.
The GitLab method uses standard rule -based RFC4523 schemas certificateExactMatch
.
A set of application settings for environments
Available in: PREMIUM, ULTIMATE, SILVER, GOLD
Now you can individually enable or disable parameters for individual environments. Control settings by creating a set of rules based on matching the name of the environment. By default, this is always a special character ( *
) rule , but you can set additional rules by adding other environmental characteristics (for example, review/*
).
In version 11.8.0, this function will require you to enable the parameter with Feature.enable(:feature_flags_environment_scope)
a command on the Rails command line.
Modify Kubernetes Runner Application by Integrating Kubernetes
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Using the latest version when launching Kubernetes-based applications will provide access to the latest features and maximum security.
GitLab 11.8 allows you to update GitLab Runner in Kubernetes in one click. Future releases will include a similar set of features for the rest of the applications.
Logging recent user actions in GitLab now includes data browsing
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
GitLab includes a user attribute last_activity_on
, helping administrators understand when a user was performing the last action. This is very useful when identifying active and inactive users.
To provide read-only activity logging, we have expanded last_activity_on
to update pageview data related to dashboards, projects, tasks, and merge requests.
Display user actions and creation dates in the admin panel
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
For instance administrators, understanding the level of user activity in GitLab should not be difficult. Therefore, we added the date the user was created and the date the user last acted in the user zone of the admin panel at /admin/users
.
To learn more about the types of actions that GitLab views as activity, click here .
Finding repository tags in a project using the API
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Now you can search for repository tags in the project using API tags . This greatly simplifies the process of finding a specific tag in a project; If you are looking for related projects with a specific version tag, now you can easily find the related projects.
Thank you Robert Schilling ( by Robert Schilling ) for their contribution!
Project tags have now become project topics
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Project tags are a convenient way to organize related projects, but the term tag comes into conflict with Git tags. To solve the problem, we renamed the project tags to the project themes and adjusted their display on the project overview page.
We are pleased to be able to make the topics more useful for finding projects and add a topic filter to the project information panel in version 11.9.
Improved group overview and reduced free space
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
In version 11.8, we redesigned the design and increased the information density of the group overview function. We reduced the amount of free space on this page and rebuilt the user interaction mechanism by redesigning the project overview function .
This is the first step in a large set of improvements to the group’s overview page, and we are pleased to continue to work on improving it.
Improved project listings with increased information density
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
We responded to user feedback regarding the first change in the design of the list of projects - we increased the information density on this page with the help of an additional column and reduced free space.
Recycled related merge requests based on related tasks
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
We redid the section of related merge requests into a task to ensure visual integrity of related tasks and aesthetic appearance.
We will even add more metadata to each line in a future release so that users can view relevant information on merge requests faster and in context.
Child Epics in Epics API
Available in: ULTIMATE, GOLD
In the previous release, we introduced child epics , the ability to add epics to epics. This release also allows you to manage these epic relationships through the API. Thus, now you can manage individual processes in your teams, including in automatic mode.
Manage group labels through the API
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Now you can manage group labels through the API, similar to project labels, which contributes to the individual planning and implementation of processes in your teams.
Thank you Robert Schilling ( by Robert Schilling ) for their contribution!
Moving an Auto DevOps Domain from CI / CD Settings to Cluster Settings
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Defining a base domain for Auto DevOps allows you to take advantage of a number of useful features, such as Auto-Review and Auto-Deploy. Now we have simplified the process of determining the domain: it can be moved directly to the cluster settings. As a result, defining a base domain is very simple if a cluster is created, and you can also define different domains for different clusters.
.Html extensions are now automatically resolved for Pages sites
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
The file on the Pages website called /sub-page.html
can now be accessed as /sub-page
, which offers you more options for showing your site to users.
Pages predefined variables in CI
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
CI_PAGES
and CI_PAGES_URL
added as CI variables for Pages pipelines, which allows you to see the Pages domain name and URL. This provides greater flexibility when working with Pages sites deployed in multiple locations.
Gitaly TLS Support
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Gitaly now supports TLS, so all communication between GitLab and Gitaly is encrypted if TLS is enabled. Before, the data exchange between GitLab and Gitaly was not encrypted and depended on the network security.
Adding tolerations to runners in Kubernetes
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Kubernetes offers a great opportunity to ignore the hardware used to run the applications. However, some tasks require the use of special equipment, including tasks that require more resources than others.
Kubernetes supports this option by introducing taints and tolerations to take these factors into account when planning hearth placement. We have added native support for taints and tolerations in the GitLab Runner to support these types of processes.
Convenient transition between files when viewing changes in the merge request
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
A review of voluminous merge requests is difficult, in particular, when moving from one file to another. The new matching system makes the process of moving from one file to another painless, so you can quickly track differences using the keyboard.
Elasticsearch support in Gitaly
Available in: STARTER, PREMIUM, ULTIMATE
Previously, you needed to use NFS to access Git on the file system when using Elasticsearch. This release allows you to use Gitaly instead of NFS, which increases the efficiency of Git in data input and output.
Getting alerts from manually configured instances of Prometheus
Available in: ULTIMATE, GOLD
In GitLab 11.3, we introduced support for alert settings , but it was limited to Prometheus instances deployed through the integration of GitLab with Kubernetes .
In GitLab 11.8, manually configured Prometheus servers can also warn GitLab of dangers by simply adding GitLab as the Webhook recipient in the alert manager. When receiving alerts, GitLab sends emails to maintainers and owners.
The number of permissions in the list of merge requests
Available in: STARTER, PREMIUM, ULTIMATE, BRONZE, SILVER, GOLD
Merge requests, resolved and ready for merge, can now be easily seen in the list of merge requests. The number of required permissions and the number of received permissions are now displayed in the list of merge requests.
Thank you Andy Steele ( Andy Steele ) for their contribution!
Confidentiality Tasks for Security Vulnerabilities
Available in: ULTIMATE, GOLD
Users can create new tasks to eliminate security vulnerabilities based on security reports in the merge request, on the pipeline screen and on the security information panel. This information contains confidential data that may disclose confidential information that is not subject to disclosure before the patch is available and released.
Starting with GitLab 11.8, tasks created due to a vulnerability are marked as confidential by default , and users can disable the option if information can be disclosed.
Removing unused tags from the container registry using the API
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Many organizations create containers for each commit to simplify checking for code changes, as well as final deployment. This can lead to a large number of container tags that are used for a short period of time and are no longer required.
GitLab 11.8 now allows end users to clean container registries using the API, removing tags individually or in bulk using regular expressions.
Force redeployment when updating private keys of Auto DevOps application
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
When you configure the application secret key for Auto DevOps using the variable syntax K8S_SECRET_
for your application, the corresponding Kubernetes private key is created.
When updating these application private keys, Auto DevOps will redeploy the application with updated private keys.
Thanks to Aaron Walker for your contribution!
Display a cluster environment while viewing a list of serverless functions
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
The Serverless page has been enhanced and now groups the functions deployed in Knative based on the cluster environment in which they are deployed.
In addition, the function description is now displayed along with the action button to copy the endpoint of the function and open the endpoint in a new tab.
Enabling Cert-Manager with Auto DevOps Application URLs
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
Cert-Manager offers an easy way to add HTTPS support for Auto DevOps applications. Now there is support for longer URLs than 64 characters, which are supported by Let's Encrypt by default, which provides more flexibility for applications.
GitLab Runner 11.8
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
And today we released GitLab Runner 11.8! GitLab Runner is an open source project that is used to run CI / CD jobs and send results back to GitLab.
The most interesting changes :
- Adding a race condition fix when deleting a Windows cache
- Preventing Runner Performers from Changing Settings
- Adding Fedora / 29 Package Support
- Docker SDK Client Update
A list of all changes can be found in the GitLab Runner change log: CHANGELOG .
Omnibus Enhancements
Available in: CORE, STARTER, PREMIUM, ULTIMATE
- The docker-distribution-pruner GitLab package is now bundled with Omnibus, which offers administrators a way to clean up registry storage.
- GitLab 11.8 includes Mattermost 5.7.1 , an open source analogue of Slack , the latest release of which includes a number of improvements to the user experience mechanism. This version also includes security enhancements ; Recommended update.
node_exporter
no longer starts by default in the Omnibus docker image and requires host access.- Additional alerts have been added to alert administrators of Unicorn’s high load, Sidekiq job queues, Postgres blocking, a lot of errors, and more.
nginx
Updated to version 1.12.2,registry
to version 2.7.1, andgitlab-elasticsearch-indexer
to version 1.0.0.prometheus
Updated to version 2.6.1,node_exporter
to version 0.17.0, andredis_exporter
to version 0.26.0.
Performance improvement
Available in: CORE, STARTER, PREMIUM, ULTIMATE, FREE, BRONZE, SILVER, GOLD
We continue to improve GitLab performance with each release for GitLab instances of any size.
In GitLab 11.8, we significantly improved the efficiency of checking the list of tasks in tasks, merge requests and epics by refusing to re-render the entire description after checking or removing a task .
GitLab Chart Enhancements
Available in: CORE, STARTER, PREMIUM, ULTIMATE
- GCS is now a supported backup bucket type .
- It is now possible to use Postgres databases with mutual TLS authentication .
ruby
Updated to version 2.5.3.
Deprecated Features
Requires Ruby 2.5
Starting with GitLab 11.6, Ruby 2.5 is required to run GitLab. Omnibus GitLab and GitLab Chart already include Ruby 2.5.3, but users of the original versions with Ruby 2.4 will need an update.
Deleted: December 22, 2018
Raspbian Jessie Support
GitLab 11.8 is the latest release with support for Raspbian Jessie.
Jessie switched to LTS , and the latest Raspbian Jessie image has been around for over a year. We recommend users upgrade to Raspbian Stretch .
Deleted: February 22, 2019
Google OAuth2 SSO is only supported on GitLab 11.7+
March 7, 2019 Google closes all Google+ APIs. Read more about the announcement from Google here .
Since versions of GitLab prior to 11.7 use these APIs for Google OAuth2, Google SSO will no longer work in these versions. GitLab 11.7 and above will support Google SSO .
If your instance uses Google OAuth2 for authentication, we recommend updating it to 11.7 .
Date deleted: March 7, 2019
Developers can remove Git tags in GitLab 11.9
Removing or editing version notes for Git tags in unprotected branches has historically been limited only to maintainers and owners.
Since developers can add tags, as well as modify and delete insecure branches, developers should be able to remove Git tags. In GitLab 11.9, we make this change to our permission model to improve the workflow and help developers make better and more efficient use of tags.
If you want to keep this restriction for maintainers and owners, you can use secure tags .
Date of deletion: 22 on March 2019 g .
Hipchat Integration
Hipchat will be discontinued . Therefore, we are removing the existing GitLab Hipchat integration feature as part of the 11.9 release .
Date of deletion: 22 on March 2019 g .
CentOS 6 Support for GitLab Runner with Docker Artist
Runner support for CentOS 6 when using the Docker artist will be removed in GitLab 11.9 , because we are switching to the more modern Docker library, which no longer supports CentOS 6. For more details, see this task .
Date of deletion: 22 on March 2019 g .
Removing the System Info section in the admin panel
GitLab provides information about your GitLab instance admin/system_info
, but this information may not be accurate.
We will remove this section of the admin panel in version 11.10 and recommend using other monitoring features .
Date of deletion: on April 22 2019 g .
Unverified GitLab.com Pages domains will be deleted in one week
To improve the performance of GitLab.com, domains that cannot be verified will be deleted after one week (verification attempts are made within 4 days before the start of the weekly countdown). If you plan to keep the domain with GitLab without completing the verification, you will have to complete this step to keep the domain registered for you. Review your domain verification instructions to make sure you don’t run into any problems. If your GitLab.com Pages domain does not throw 404 errors, then it has already been verified.
Details of the cleaning plan are presented here: gitlab-ce # 44696
Date of deletion: on April 22 2019 g .
Support for Prometheus 1.x in Omnibus GitLab
Starting with GitLab 11.4 , the embedded version of Prometheus 1.0 is not included in Omnibus GitLab. From now on, Prometheus 2.0 is used , the metric format of which is not compatible with version 1.0. Existing versions can be upgraded to 2.0 and, if necessary, transfer data using the built-in tool .
GitLab version 12.0 will automatically install Prometheus 2.0 if there hasn't been an update yet. Data from Prometheus 1.0 will not be transferred and will be lost.
Date of deletion: 22 June 2019 g .
TLS v1.1 will be disabled by default in version 12.0
Starting with GitLab 12.0 , TLS v1.1 will be disabled by default for added security. This fixes numerous problems, including Heartbleed, and makes GitLab natively compatible with the PCI DSS 3.1 standard.
To disable TLS v1.1 immediately, install nginx['ssl_protocols'] = "TLSv1.2"
in gitlab.rband
and run gitlab-ctl reconfigure
.
Date of deletion: 22 June 2019 g .
OpenShift template for installing GitLab
The official gitlab
helm chart is the recommended way to run GitLab on Kubernetes, including deploying to OpenShift .
The OpenShift template for installing GitLab is deprecated and will no longer be supported in GitLab 12.0 .
Date of deletion: 22 June 2019 g .
GitLab Geo will provide hashed storage in GitLab 12.0
GitLab Geo requires hashed storage to mitigate race condition on secondary nodes. This has been noted in gitlab-ce # 40970 .
In version 11.5, we added this requirement to the Geo documentation: gitlab-ee # 8053 .
In version 11.6, itsudo gitlab-rake gitlab: geo: check
checks whether hashed storage is enabled and if all projects are migrated: gitlab-ee # 8289 . If you are using Geo, please run this check and migrate as soon as possible.
In 11.8, the permanently disabled gitlab-ee! 8433 warning will be displayed on the “Admin Area› Geo ›Nodes” page if the above checks are not allowed.
At 12.0, Geo will apply a hash storage requirement: gitlab-ee # 8690 .
Date of deletion: 22 June 2019 g .
List of changes
Refer to the changelog to see all changes:
Installation
If you are setting up a new GitLab installation, see the GitLab download page .
Update
Check out our update page .
GitLab Subscription Plans
GitLab is available in two versions: self-managed and as a cloud service (SaaS) .
Self-managed : Deploy locally or on your favorite cloud platform.
- Core : For small teams, personal projects, or testing GitLab with unlimited time.
- Starter : For teams whose members are in the same place, engaged in a small number of projects that need professional support.
- Premium : For distributed teams that require advanced features, high availability and 24/7 support.
- Ultimate : For businesses that want to align their strategy and project execution with enhanced security and interoperability requirements.
SaaS cloud service - GitLab.com : supported, managed and administered by the GitLab team; free and paid subscriptions for individuals and teams are possible .
- Free : Unlimited private repositories and an unlimited number of employees in the project. Private projects gain access to Free features ; open projects gain access to Gold features .
- Bronze : For teams that need access to advanced workflow features.
- Silver : For teams that need more robust DevOps features, compatibility, and faster support.
- Gold : Best suited to a large number of CI / CD pipeline jobs. Team members of each public project can use the Gold features for free, regardless of their subscription plan.