I really wanted to like GitLab but after having used in a few BigCo's I just can't get round to it.
It's really slow and unstable. It's also constantly trying to push different messages into my face that I don't care about nor can I switch off those messages (Autodevops for example). Some of the ui tooltips constantly block the links I want to click on, search it REALLY slow and almost useless. This is the paid gitlab.com SaaS.
Also after reading one of their postmortems about an incident where someone deleted a production DB, it just did not inspire confidence.
Also they have taken a ton of VC money, not sure how long the "not Microsoft" argument is going to stand.
Current client is on GitHub and the experience is definitely much better. Not happy about their MS ties and tech-bro misogyny problems. Hopeful for sourcehut tho.
Self-hosted on-premise GitLab is much nicer to use than the SaaS gitlab.com instance.
A few years ago (when I used gitlab.com regularly), the hosted version was quite slow and felt like a buggy beta-testing environment. Not sure if it's better nowadays. On the other hand, I'm running two on-prem instances of GitLab for a few years now, and they've been working flawlessly and are fast. (One of them is now upgraded to the Premium plan.)
gitea seems pretty promising. of course there isn't one canonical instance that is "official", which puts it in a bit of a different category (but maybe that's also a good thing for its continuing openness)
So, yes. Gitlab is a bit crap, but equally it also just feels better than GitHub for self-hosted software and more importantly actually running a company.
The company I work for is in finance, but we manage a lot of things on gitlab to take advantage of git, gitlab can just about facilitate this, whereas GitHub I just don't think would be able to.
Also what's this about tech-bro misogyny? As a regular code reviewer on GitHub I actively don't really want to know anything about the contributors, so not sure what this refers to. Internal culture?
You know what works great for self-hosting? Gitea and Gogs. Personally I gave-up on even trying Gitlab after reading the docs, the hardware needs alone are in a different world from Gogs.
> Also what's this about tech-bro misogyny?
GitHub has kept some widely disliked (for good reasons) people on its board, and censored user content on several different directions by now. Including completely deleting some projects. It's the kind of thing that doesn't really matter to you, until it does, and if it eventually does, it really sucks.
But yeah, avoiding that kind of problem is one of the reasons to self-host.
github has had 30 outage incidents this year so far, few of which even acknowledge a root cause or offer any sort of lessons learned or remediation announcements.
maybe this will be the shot across the bow Microsoft needs to hopefully improve the github experience, but i doubt it. they have a track-record of splurging cash for things they really want that could absolutely drive revenue, but without much qualified ability to shepherd the product lifecycle past the initial commitment of IP and marketing.
Sourcehut & Gitea are cool, but I don't see them as being in the same market as Github & Gitlab (& Bitbucket). There's pros and cons to both "ends" of the market (minimal, efficient, light -vs- big supported corporate featureful), and there's probably room for both.
The problem is Gitlab has really gone off the deep end of "heavy", and - combined with inconsistent / confusing UX throughout - it makes it a poor fit for even the most well-resourced bigcorp install.
It's a pity Phabricator didn't take off. It seemed like a great contender in that space.
They are simply ci/cd templates for building specific types of projects. If you turn autodevops on, then it will apply the template based on files found in the repo. Like a less opinionated Heroku that can deploy to your own k8s cluster.
I have never really had a project generic enough that autodevops would work. But I think I did at one point copy one of their templates as a basis for my own gitlab-ci.yaml file.
I think it also handles automatically configuring some things that you can't configure in your ci files, like prometheus monitoring.
Arm was using GitHub for source code hosting. But most of the new core infrastructure that Arm is deploying is on proprietary hardware, and "GitHub is a black box and so we would have to work with them or let them do the work, and it wouldn't necessarily be correct," Wafaa says. "Then we'd have to do reviews. We wouldn't necessarily be able to do the patch reviews because it's all private and proprietary code… that was a big factor for us choosing GitLab."
Seems garbled, what does the proprietary nature of GitHub have to do with code review process?
Are they just saying they can’t host a lot of the code publicly?
I’d think it’s issues like CI runners and the like?
I don’t think you can handroll github dedicated runners (e.g. I read recently that there’s still no support for M1 dedicated runners).
If ARM wants to run CI directly on the ISAs they’re developing, or with complicated custom toolchains such that they can run tests on ISA under development from a host machine, they probably need pretty extensive customisations on the runner site, which would require contracting github to do that for them, or having to work directly on github code, for ARM-exclusive needs.
Either way a lot of collaboration work for something which isn’t really collaborative, or of any concern or value to github as a company. And with possible risks of information leak one way or another.
I think they are referring to on premesis GitHub Enterprise Server, which won't work for them because they are using new CPU archs like arm64 which it doesn't run on?
part of the supply chain is your source forge and builders. On GitHub, you can point the builders to your own infra.. and then maybe check cryptographically that all source code that lands on the builder is correctly signed and trusted.
But it's nearly impossible to do that for the forge itself (GitHub).
I recommend https://slsa.dev (vendor-neutral effort from the Linux Foundation) for a better picture of a secure supply chain.
I would guess they're likely referring to the proprietary / black-box nature of (one of or a combination of) the Github API for automation tasks, the Github Apps marketplace & associated APIs, and the Github actions infra & archs.
Pretty easy to understand if you have the context. They're probably using Github Enterprise (GHE). GHE may not run on their proprietary hardware. When things fail, they can't fix it because they don't have access to the source. When there is an update, they need to review the patches to make sure that stuff will work on their hardware.
Simply put, the open source is a beneficial thing for Arm here.
As a GitHub user, I don't think I see the value in Gitlab relative to what they charge. I think by chasing "DevOps" they no longer deliver a tight product offering like GitHub and instead it's a bunch of loosely integrated, opinionated technologies/processes.
Seems like by adopting Gitlab, you're adopting their view of how stuff should work. YMMV.
> most of the new core infrastructure that Arm is deploying is on proprietary hardware
GitHub offers self-hosted CI runners, but it's infamously limited. Last I checked there's still no official GH runner release for arm64-darwin (for which community, including yours truly, provided reliable workarounds through Rosetta that still lands you in an arm64-darwin bash, and now IIUC actual native builds[1]), there's no way to select anything else than x64 in the UI for Windows and macOS, which sets some tags on the runners that you can't remove, and there's no way to say "Other" with a custom value. Comparatively, gitlab-runner is a crazy adaptable piece of code, that allows for quite unique setups[0], combined with the loose way one can automatically assign jobs to runners using tags GL pipelines trounce GHA workflows†.
† GHA covers 80% of cases (from basic to a bit more involved) somewhat nicely, but when it starts to fall short it's terrible.
> A large bonus for Arm was that GitLab is open source and the company wanted to use its own tools to support its open source ecosystem.
> minimize vendor lock-in
> Because Arm is an IP company, security is paramount
When GNU-ish philosophy meets business requirements. GitHub can be self-hosted (at a price!) but GitLab is FOSS, so it can be audited, and if necessary, forked. From code to data, it can be owned, end to end.
The strength of gitlab has always been their runner setup. Arm likely want to use this to run runners on any hardware platform, unrestricted.
I'm still a strong gitlab supporter but tbh their development backlog is overflowing for the last 4 years at least. They have a TON of work to do and they seem to be focusing dev resources on what major clients want, instead of making the whole platform more robust. It's sad for us simple open source free tier users.
I'm sure they could capture more people if they had saner pricing. (Cheap single user plans, better plans for people who have a lot of users but not a lot of developers.)
There is work to do, and product and engineering are putting more focus on fixing longstanding issues, and increase reliability. Specifically for GitLab Runner, 15.0 and later bring many fixes, next to supporting podman.
Gitlab is amazing once you get into the flow of using it, especially if you self host.
Github seems to be primarily focused on becoming a social network. That might be why it’s so popular for open source and individuals, but when I’m actually working, the extensive feature set of Gitlab is much more useful.
Also Gitlab CI is a Maybach, Github CI is a PT Cruiser.
I worry a little bit. I ignore it for now but fear it may get to the point where I can’t ignore.
One thing is their org structure is weak. They don’t allow sub-orgs or any organization. So if you have a big organization, it’s just chaos and their solution is to set up profiles and complex notifications.
There’s no way to just set up groups and watch those while also being part of an overall org.
I have 500 people and 250 projects in my org. It’s all private so they expect people to use social features for team awareness. A new member has to get a list of repos worked on by their team (maybe permissions are granted based on a team) and then go star and watch them.
This is not a problem for a single coder or someone who’s on a few projects. But it’s not very good for an enterprise that already has an organization.
Instead of tidying this up, github seems to be getting worse with feeds and stuff.
working with both APIs I feel the GitHUB is way ahead of other Git Forge APIs, see for example Github APPS, integration with webhook and oauth app is nowhere the same experience
Maybe on paper, but the reality is MSFT has far more sku's. When you start bundling services/products with MSFT you're going to see big savings in other places, one of those places is likely GitHub. What if I told you I would throw in a user license for GitHub for each Visual Studio renewal based on 1K users? Now your company is saving 1.1M dollars by moving away from GitLab. I don't think the price is the same at all...
Well yea, you'll save money if you use a bunch of Microsoft products and they give you a bundle discount. But a lot of companies rarely use Microsoft products beyond GitHub
When you say a lot of companies you must be excluding every fortune 500 company. They have 1.9T market cap, lol. People are buying Microsoft products, and lots of it. I would considering your statement to be entirely false or based on limited personal experience.
> I think by chasing "DevOps" they no longer deliver a tight product offering like GitHub
I'm looking at this move/marketing of theirs as a show of being in opposition to Bitbucket which (along with other Atlassian's products) is made for managers.
main reason I use Gitlab instead of GitHub, MS. Won't touch a closed source MS project with 10 foot pole. Not after the all the backdoor they being putting in NT kernel, etc.
Really opinionated and ideological. Be sure it's what you really want before you commit. Drew writes great code but he's very philosophical about his projects.
> The technology itself is the opposite of opinionated or ideological. It's just git.
I'm a paying customer because I really like the UI and the base git.sr.ht service. However, hosted Git today is much more than Git. And so my overall experience is similar to the parent, I find it opinionated and stubbornly ideological. I'm close to being fed up with the "my way or the highway approach" at every corner.
Some examples off the top of my head:
1. I'm fine with sending patches via email, not every contributor is. So give me the option to accept pull requests. Instead, you'll be directed to tutorials teaching how to send patches. Needlessly increases the friction for a large portion of my peers.
2. I want to love build.sr.ht too. But, there's no Docker support. Instead you end up in discussions like "what did society do before Docker?". Give me the option to build some of my repos using my Dockerfile. Again, an ideological choice creating friction.
3. I want to use pages.sr.ht with Cloudflare. "Connections from CloudFlare’s reverse proxy are dropped." Why? "Do not help one private company expand its control over all internet traffic." OK.
All these small restrictions and gotchas with the finger wagging tone amount up to a very oppressive experience for the user. At least, that's my experience.
Both. And yes, true, but issue management is entirely via email and mailing lists a la savannah et al. There's no real way to interact with things from the site aside from looking at them. This is a huge hindrance to many users who are not familiar with the more classic way of working. It is certainly NOT a drop-in replacement for GitHub in most cases.
Thinking that gitlab is any more secure than Microsoft when the NSA comes knocking isn't comforting. There is no way to know. But really, is your code and access that much of a secret to the government, and if it is, do you really trust "cloud" hosting?
IMHO, Microsoft is absolute trash and their reputation isn't great, but since buying Github there have been very good improvements still being made to Github (CI.. though slowly, UI, etc). Better than being bought by Salesforce......
It’s called GitHub Enterprise Server [0] and has been around for a while. It costs the same as their saas product so there’s not much incentive to run it other than you just really want to host your own stuff.
I haven’t evaluated it in many years but it’s supposed to have all the same features as regular GitHub.
I know that one but that was just speculation, there was no proof that having a variable called NSA_KEY in your code is an automatic proof of a backdoor. Heck, I can prefix all my variables with 'NSA' for the shits.
Backdoors do exist but they're usually disguised as bugs, not so obviously in-your-face like that.
I don't know if it makes sense to compare a service with a software that could be self-hosted. But if it did, you may want to mention that gitlab can also be self-hosted.
This is a semi-offtopic complaint, but I really hate the user changes they made. I planned to add Gitlab as a secondary option in our company's stack until we saw enough value/moved enough stuff to it to justify the 12x price over Github, but with the change we're only allowed 5 free users.
There's no way we'll pay $4000/mo for something people barely use, but we'd have paid for something everyone uses. I think they really shot themselves in the foot with that change.
It wasn't so much about the price itself, as we'd pay it if necessary (though having to pay $20/mo for someone to just have access to, say, GitLab pages isn't great). The problem was mostly the removal of free users.
I had added most of the company to a GitLab org I created, and we were using more and more things there, we even have a private CI runner. It was a good way to gradually migrate the organization to GitLab. Now I have to move everything back because there's no way we'll pay thousands of dollars per month for it for the few things we use, and everyone but 5 people will lose access to it in a month.
Basically, the "only 5 free users" thing removes the trojan horse of gradually moving to GitLab until we realize it's worth paying for.
I had the same problem. Probably only 10% of our users were actually devs and they contributed 99.9% of all changes. The other 90% were people reading pages, entering issues, commenting on stuff.
I couldn’t justify paying the same per seat for an every day developer vs someone who might log in once a year (or never).
They should have concurrent users or something for the PM/analyst/browser. Paying for named seats is too much.
I talked to them a few years ago but they weren’t able to change their license. I guess there are orgs that pay $1000/user just for PMs to approve merges and stuff.
We went with GitHub over it and it’s kind of a shame because GitLab has so many great features.
I can’t bring myself to pay for 1000 seats so 50 developers can use GitLab. Not to mention for pages viewers where there’s probably 2-5k who view project docs and stuff. Paying for users to log in and view web sites is pretty crazy.
Yeah it's an interesting problem, because those PMs are contributors in some sense, but just on a much lower scale, and single pricing doesn't really reflect that.
As far as running the service goes, they do represent non-zero cost (they're going to be looking through stuff, triggering async jobs maybe, maintaining Gitlab pages setups, etc. They also represent possibly increased security burden (though I don't think anyone is pricing risk like that in the SaaS world just yet).
If you don't mind me asking, what price would you happily pay for non technical contributors? Would you want a percentage of the developer/"full contributor" rate? Or do you have a specific number that would be reasonable in your opinion?
I understand they do something, but it’s probably 1/1000th the time spent as a developer.
I don’t have a specific number, but I’d prefer to just be charged for developers and have non-dev be free since their marginal cost is so low.
Same for “system accounts” and whatnot.
The key metric should be how many developers are using so there’s not much profit in adding more users other than it makes the devs happy.
If it has to be a non-zero amount then maybe $1/year or something. I have 25,000 people in my org so that’s still a lot of money even though there’s maybe only 100-200 actual devs.
Appreciate you taking the time to respond! I have a bunch of stuff going right now but hosting Gitlab has been on my mind for a while (I already run a service that focuses on hosting the runners)...
Wondering if there's more space in this niche simply by listening to what customers here on HN and elsewhere have been saying.
Wow, gitlabhost seems also priced quite high if it's just the CE version and not EE. I was thinking some 2-4x multiplier vs just hosting it yourself - not 8x the price.
This seems anectdotal to me. I don't think gitlab could survive at even 2x the price of "equal" setups between companies given they're both perfectly usable with some training. At least not in the long run. I use gitlab for my personal stuff but have no issues with github at work either.
Edit: Dang! I just checked it is roughly 3-4x as much as listed (just going on CI minutes). So I take my "logic" back. I don't see how they can survive at those per user rates vs the competition. The software itself is certainly not 3-4X as good.
There were recent changes to user limits on the Free tier of GitLab SaaS. We are limiting the number of users per namespace on the Free tier to 5 users per namespace. Details are in this blog post: https://about.gitlab.com/blog/2022/03/24/efficient-free-tier.
I'm a huge advocate for GitLab. I used their on-premise offering at my last position (sadly have to work with GitHub now). I became quite intimate with how the CI/CD processes work on GitLab and heartily recommend it over GitHub or Atlassian offerings. I don't have experience with their cloud offering.
I'm in the process of migrating my projects to GitLab myself, away from GitHub. It was a good excuse to consolidate projects and delete some stuff that is unlikely to be of use to me.
GitHub does seem a bit simpler to use in my mind. My needs are simple, though.
I wished they would work on their search. On Github you can easily explore and find new projects based on keywords. But on Gitlab this doesn't really work for me, the search is slow, or doesn't really search public Gitlab repositories
AWS has a huge investment in Graviton processors (arm). AWS lacks a full-featured git product. GitHub == Microsoft. Curious if there’s anything happening in the background which further motivated this.
> Arm has about 200 external contributors running open source projects, "and GitLab made it appealing cost-wise," Wafaa says. "That was just the icing on the cake." Usually the number of contributors is higher but Arm had to scale it back as it migrated projects to GitLab, he adds
What does this mean? ARM needed to scale back their number of contributors because it was migrating to GitLab? I'm not sure how that can be great marketing?
I made the same half-serious joke about Gitlab since it came out: they do not understand visual contrast, and a github user coming to gitlab is instantly both overwhelmed by how much info is in their face and how blended everything is in the issue tracker (everything is white-backgrounded, no way to discern important info). Fix this and you will get people over.
It's really slow and unstable. It's also constantly trying to push different messages into my face that I don't care about nor can I switch off those messages (Autodevops for example). Some of the ui tooltips constantly block the links I want to click on, search it REALLY slow and almost useless. This is the paid gitlab.com SaaS.
Also after reading one of their postmortems about an incident where someone deleted a production DB, it just did not inspire confidence.
Also they have taken a ton of VC money, not sure how long the "not Microsoft" argument is going to stand.
Current client is on GitHub and the experience is definitely much better. Not happy about their MS ties and tech-bro misogyny problems. Hopeful for sourcehut tho.