2.7 Release
We are excited to introduce R2Devops 2.7! This release introduces scheduled recurring analysis, compliance control over merge request approvals, and an enhanced analysis issues experience to improve your workflow and security.
๐ Schedule Analysisโ
Self-Managed
You can now schedule a recurrent analysis run, allowing you to enjoy an always fresh view of your organization's CI/CD pipelines' compliance with your policies.
This feature can be enabled by R2Devops Administrators and Maintainers using a
read_api GitLab token. The frequency can be set to every hour, twice per day,
once per day, or any custom schedule using cron syntax.
โ Merge Request Approval Complianceโ
Self-Managed
Only available with GitLab Premium and Ultimate instances
This feature ensures that your Merge Request approval rules and settings align with your expected compliance requirements. By controlling these configurations, this feature reduces the risk of unauthorized or unreviewed changes being merged into the codebase.
You can configure it in the Project Protection policy:
๐ Improved Analysis Issues Experienceโ
Self-Managed
The analysis issues page has been improved to help you easily see, understand, and fix issues.
1. You can now change the issue statusโ
- Each issue has a status:
Needs triage,Confirmed,Dismissed, orNo longer detected. - You can change the status and leave a comment to explain the change.
- You can view the complete status change history for each issue.
These statuses allow you to track and control the lifecycle of an issue, helping you focus on fixing the most relevant ones.
2. You can now filter the issue listโ
- By status
- By issue type (e.g., Branch protection missing, Untrusted image source, etc.)
- By policy (e.g., CI/CD Container Images, Pipeline Composition, etc.)
These filters help you focus on the most important issues and manage their resolution more efficiently.
โ๏ธ Minor Updatesโ
- The compliance percentage for pipeline composition rules now includes partial compliance
- The evolution of the compliance percentage for pipeline composition rules is now displayed in a chart
- Improved the default configuration of the Project protection policy
- Each issue has been documented in the dashboard documentation
- Renamed "Marketplace" to "CI/CD Catalog"
- Removed access to the CI/CD catalog for SaaS platform and non-connected users
- Added 3 new issue types to the analysis:
Merge request approval rule is below the minimum level of approvals requiredMerge request approval settings are not compliantNo merge request approval rule covering all protected branches
- Improved dashboard navigation
- Backend:
v2.8.0 - Frontend:
v2.6.3 - Helm chart:
v2.7.4