πŸ”¬ Gitlab 15.8 analysis w. endoflife.date, grype, (x)eol πŸ‹

adriens - Mar 1 '23 - - Dev Community

❔ About

Gitlab recently released 15.9 version:

Image description

This opens a opportunity to take a closer look at upgrade opportunities, security and End of Life concerns as part of maintenance process.

so we can compare 15.8 w. 15.9 (ie. why we should invest time in upgrading).

🎯 What you'll learn

With this live demo, you will:

  • Discover with me (live) xeol
  • See the whole "behind the scene" process of maintenance and documentation process.
  • Learn how to produce charts from cli with grype-contribs :

Image description

... and also deal with very efficient DEVOPS/ DEVSECOPS tools.

🧰 Tools

πŸ‘† (Noobs) Notice about xeol

Wthin xeol, getting the message:

"No eol found"

means everything is fine for you around end of life cycle management πŸ˜…

πŸ‘Ά Better output (for noobs & newbies) when no "EOL found" πŸ™ #38

What would you like to be added:

A better message in case when no EOL found.

Why is this needed:

Hi, it would be useful to setup a nice message when no EOL found as some may intiialy thnk that beacuase ne EOL was found the report coudl not be done... while in fact.. it's a good news. Maybe a πŸ‘ or something more explicit that says to the end user that everything is ok... and optionally (when avilable how may before EOL will occure)

🎫 Related issue

Thanks to your README, I made this PR :

🎞️ (Live) Demo

πŸ’‘ xeol trick : --fail-on-eol-found

We can trigger a fail on xeol when an EOL is found:

Image description

♾️ xeol GitHub Action

If you want to check EoLs as part of the CI, just check this:

Image description

πŸ“‘ Related stuff

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .