Wikimedia Release Engineering Team/GitLab/Features

Below is a list of features in GitLab Enterprise Edition that may be useful but are not available in the GitLab Community Edition.

This table is sorted by importance/likelihood of need.

Feature Description Docs Workaround available Notes
Merge approvals Merge request approvals enable enforced code review by requiring specified people to approve a merge request before it can be merged. docs This feature, in some form, is making it's way to CE.

See also: "Merge Trains". tl;dr: marge-bot is in use by other large projects and may cover most of the use cases here.

Contribution Analytics Get an overview of merge requests and push events for a group. docs Applies to groups of projects - some of this info is available on a per-project basis, and could be likely be recreated from API at the group level. Usage examples in the docs mention incentivizing volume of commits, which is generally an anti-pattern.


Have this data currently from bitergia, and will with GitLab as well.

Code Review Analytics Displays a table of open merge requests that have at least one non-author comment. Review time is measured from the time the first comment was submitted. docs Could be useful for surfacing reviews that need attention and driving down cycle time.


Have this data currently from bitergia, and will with GitLab as well.

Merge Trains A queued list of merge requests, each waiting to be merged into the target branch. Many MRs can be added to the train. Each MR runs its own merged results pipeline, which includes the changes from all of the other requests in front of it on the train. docs Zuul gives us this already, but it's cross project as well. marge-bot is in use by other large projects and may cover most of the use cases here.
Merge Request Dependencies If a merge request “depends on” another, then it cannot be merged until its dependency is itself merged. docs Important for our workflows, but can be re-implemented as a CI job.
Code Quality Evaluates changes against Code Climate engines. docs (we do this differently) We evaluate code quality in CI at present, and would continue doing so.
Productivity Analytics Visualize typical merge request (MR) lifetime and statistics. docs Currently gather this information via Bitergia.
Code Owners Use a CODEOWNERS file to define who owns specific files or paths in a repository, allowing other users to understand who is responsible for each file or path. docs This can be worked around via CI and Merge Requests (see above).
Built-in and custom project templates docs This is one way to disable wikis easily without having to make some CI job that does it, but a CI job was suggested by GitLab as how they would do it.
Credentials Management docs Unclear of need. Self-managed only. Management of user's ssh keys and their access. Not entirely clear at what level. In CE an admin can see and delete user's pubkeys.


Not available for hosted/gitlab.com EE plans.

Multiple approvers in code review Rules to require multiple approvers before a merge request can land docs This can be worked around via CI and Merge Requests (see above).
CI/CD Pipelines Dashboard Provides a summary of each project’s operational health, including pipeline and alert status. docs Unclear of need. Probably useful for an overview of CI pipelines for each project, but may be partially relate to deploy / monitoring features we're unlikely to use.
Create and remove admins based on an LDAP group Specify a group CN for admin_group and all members of the LDAP group will be given administrator privileges docs Not available on hosted/gitlab.com EE plans
Approval rules for code review Require approvals from multiple groups before allowing merge. docs Advanced feature. Something we have but don't use currently. Could be reimplemented as a CI job.
Merge request reviews Submit all reviews as one email, rather than per commit. docs This has been ported to GitLab CE. Still listed on feature list.
Insights Yaml specification for individual project statistics. docs This is the kind of data we currently get from https://wikimedia.biterg.io but limited per project.
Advanced Global/Syntax Search Use advanced queries for projects to which you have access. docs, docs This isn't yet available for GitLab.com; they anticipate it Q3 2020. We have this already with https://codesearch.wmflabs.org/.

EVERYTHING BELOW THIS LINE IS NOT LIKELY TO BE A BLOCKER

edit
PostgreSQL HA High availability configuration for postgresql via consul. docs Only needed if using the omnibus GitLab install, which we are not going to use.
Group webhooks Groups of projects share a webhook docs Webhooks look useful. Managing them per group rather than per project looks useful. There are other ways to do this; this provides a UI for doing this easily.
Live upgrade assistance Support for upgrades docs GitLab can't do the upgrade for you. There are, of course, contractors.
Audit Logs Lets owners and administrators know who edited values on the server. docs This information is always available to folks with access to server logs, this presents the info in the UI.
Reject unsigned commits Rejects commits not signed by PGP key docs Could be a CI job. Could also be implemented as a server hook which is part of the CE version.
Multi-project pipeline graphs Visualization UI enhancement for pipelines that trigger other pipelines. docs Makes an svg graph to visualize what your settings are. Could be easily re-implemented in CI.
Globally distributed cloning with GitLab Geo Read-only secondary git nodes that are geographically distributed. docs Speed up clones for users outside the US where our primary datacenter is located.
Deploy Boards GitLab’s Deploy Boards offer a consolidated view of the current health and status of each CI environment running on Kubernetes docs Similar to https://integration.wikimedia.org/zuul/ but specific to k8s CI runners. Nice to have.
Browser Performance Testing Determine performance impact of changes docs Easy to reimplement as a CI job. Uses open source https://www.sitespeed.io/ on the GitLab.com version.
Pipelines for Merged Results Run tests on merged branch rather than source branch. docs Similar to zuul, our current solution. This is part of the, "Not Rocket Science Rule Of Software Engineering". Open source peers, namely freedesktop.org, use marge-bot for this.
Static Application Security Testing Static security analysis docs Easy to reimplement as a CI job. Uses open source static analysis scanners (e.g., KubeSec, phpcs-security-audit, etc) on the GitLab.com version.
Container Scanning Scans containers for vulnerabilities. docs Easy to reimplement as a CI job. Uses klar and clair on the GitLab.com version.
Dynamic Application Security Testing DAST test for code docs Easy to reimplement as a CI job. Uses zaproxy on the GitLab.com version.
License Compliance Check that licenses of your dependencies are compatible with your application, and approve or deny them. Results are then shown in the Merge Request and in the Pipeline view. docs Can be reimplemented as a CI job.
Status Detail Pages Static site for status docs Easy to create a fallback page in apache when a proxy is failing. Other types of errors less easy to communicate.