GitLab is a DevSecOps platform with open-source at its core

GitLab recently came into the spotlights as one of the Dutch unicorns, enterprises with a value of more than a billion dollars. Meanwhile, the company is active in 61 countries, it continues to grow, and it will even go public in 2020. Recently, the company held its first event on European soil in London. An ideal opportunity for Techzine to learn more about the strategy of the open-source company, with both Dutch and Ukrainian roots. Where does the company stand today, and what can we expect in the future?

From the keynotes at the event and conversations with the company’s CEO, as well as the Director of Products, one thing becomes clear: apart from source code management and version control, which the company started with, Gitlab aims to become a complete DevSecOps platform. This means development and operations, but with security as an integral part. The ideal is to provide a platform for managing and executing the entire DevSecOps cycle, with the familiar goals of breaking silos and drastically reducing cycle times. According to Sid Sijbrandij, the CEO, the latter is even the main way to achieve success as a business. This also makes it clear how GitLab profiles itself in relation to other open-source platforms such as GitHub or BitBucket, where the Dev(Sec)Ops approach, according to Sijbrandij, is less central to the business model.

GitLab’s DevSecOps platform and its features

GitLab’s DevSecOps platform

Above, GitLab’s platform is captured in one image. It is clear that there is a whole host of features on the platform, all of which somehow fulfil a function in the DevSecOps cycle. Eric Brinkman, Director of Product at GitLab, told us that the platform is completely modular. So if you only want to use source code management and version control, for example, you can, but all other combinations are also possible. It is also striking how many new features are planned; another indication that GitLab currently has quite a bit of momentum. The company did not raise almost 270 million dollars from investors for nothing.

Lovability

The strategy for spending that money is mainly focused on the features of the GitLab platform, and their ‘lovability’. The goal for each function is that users will love it, which is indicated in the image below with – you guessed it – a heart. It’s almost too happy-go-lucky for comfort, but the overview does show how much work GitLab believes they still have to do, to perfect their tools. So, the company is realistic but at the same time incredibly ambitious about their portfolio. Functions in the platform start as ‘viable’, then move on to ‘complete’, and eventually ‘lovable’ is the highest attainable.

Below you can see that only a handful of functions have reached the highest status. In other words, the company’s own products will only become good enough after a long time of perfecting them. On the other hand, the company does assume that eventually, all products will become ‘lovable’. As Sijbrandij himself describes it: “At GitLab we are extremely pessimistic in the short term but extremely optimistic about the long term.”

‘Lovability’, the progress of several features and the planned expansions for the platform

According to Brinkman, the unique selling point of the GitLab platform is, mainly, that it is available as a single application. The slide below shows which DevSecOps solutions are on the market; GitLab is trying to capture that functionality in one platform. This, of course, raises the question: is it at all possible to capture all this in one platform? Brinkman’s answer is that this is probably not completely possible, but that this doesn’t matter. “We don’t have to do everything right immediately. (…) If you divide the development [of the solutions] into small steps, you can continuously evaluate, and find out if you’re still on the right path.”

The constant updates and the interaction between users and GitLab ensure that missing features or weaknesses can be noticed and corrected at all times. For example, Brinkman says that there is a freely available manual for the GitLab platform, to which users can already contribute by correcting typos, so to speak. So, the open-source philosophy is certainly still leading within the company. This creates a kind of vision of a constantly changing and improving platform, which is never complete, but more complete than everyone else’s solutions.

The maze of Dev(Sec)Ops solutions with features that GitLab ultimately wants to capture in one platform

Optimism everywhere

What also struck us at GitLab Commit was the overwhelming optimism that seemed to radiate from every employee. Now, these kinds of user conferences often excel in propagating an overly positive image, because that is just good marketing. For GitLab, however, it seems to be a little more than that, because, as I said before, there is a tremendous emphasis on the cooperation between users and the company. When we spoke to random people at the event, it became almost unclear who was or was not employed by GitLab. Some users almost have more knowledge of the platform than employees, who, for example, only specialise in a particular area. It is not only the company itself that is propagating the open-source philosophy; users, in turn, are embracing this as well.

A related feature of GitLab, which is very important to the company itself, is the flexibility of employees, since all work is done remotely. In principle, there is no central office where all employees are located. Working at a central location is almost seen as old-fashioned by GitLab and its employees. This officeless way of working is also cited by Sijbrandij as one of the most important conditions for GitLabs’ success; the platform is as flexible as its employees.

Future

The GitLab platform continues to grow, and, as has been said, a whole host of new features are planned for the future. What is particularly interesting about this growth is how the balance between the open-source side and the DevOps side of the company will develop. On the one hand, with the planned IPO of the company, the focus on open-source might diminish somewhat; profits have to be made. On the other hand, GitLab Commit testified that the open-source culture is still at the core of GitLab. The complementary relationship between users and platform is one of the determining factors of the company’s growth to date, so we are curious to see how this will develop in the future.