GitLab 13.4 combines CI and Vault

Sept. 27, 2020, 5:42 p.m.

TL;DR

GitLab version 13.4 enables secrets managed in Hashicorp's Vault to be injected into the Continuous Integration (CI) process.

GitLab 13.4 released with Kubernetes Agent, Vault for CI variables and other new features (source: https://unsplash.com/photos/ZV_64LdGoao)

Key Facts

1
With version 13.4, GitLab extends the platform's DevSecOps capabilities with new features.
2
The integration of direct injection of secrets managed in the Hashicorp Vault into the Continuous Integration (CI) process.
3
The integration of the new GitLab Kubernets agent (GKA).
4
The support for automatic version control for new Terraform states files
5
Integration of GitLab Security Center (formerly GitLab Instance Security Dashboard) with reports and vulnerability settings.

Details

GitLab 13.4 incorporates other enhancements, such as allowing deployment without code access privileges to keep development and deployment tasks separate. In other words, the Deployer role follows the least privilege access concept, enabling developers to accept merge requests and deploy code in secure environments without needing access to change the code itself. This version comes also with enhancements in UX.

GitLab 13.4 released with Vault for CI variables, Kubernetes Agent, and Security Center… and we’re bringing feature flags to Starter!https://t.co/gwPJnQEbMI
— GitLab (@gitlab) September 22, 2020