[{"data":1,"prerenderedAt":827},["ShallowReactive",2],{"/en-us/blog/tutorial-automated-release-and-release-notes-with-gitlab":3,"navigation-en-us":47,"banner-en-us":467,"footer-en-us":477,"blog-post-authors-en-us-Ben Ridley":714,"blog-related-posts-en-us-tutorial-automated-release-and-release-notes-with-gitlab":729,"blog-promotions-en-us":764,"next-steps-en-us":817},{"id":4,"title":5,"authorSlugs":6,"authors":8,"body":10,"category":11,"categorySlug":11,"config":12,"content":16,"date":27,"description":17,"extension":29,"externalUrl":30,"featured":15,"heroImage":19,"isFeatured":15,"meta":31,"navigation":32,"path":33,"publishedDate":27,"rawbody":34,"seo":35,"slug":14,"stem":39,"tagSlugs":40,"tags":45,"template":13,"updatedDate":28,"__hash__":46},"blogPosts/en-us/blog/tutorial-automated-release-and-release-notes-with-gitlab.md","Tutorial: Automate releases and release notes with GitLab",[7],"ben-ridley",[9],"Ben Ridley","***2025 update** - The Changelog API has continued to evolve and now has some great new capabilities we don’t cover in this blog, such as the ability to provide custom changelogs with templated values from your commit history. [Discover more in the official Changelogs docs.](https://docs.gitlab.com/user/project/changelogs/)*\n\nWhen you develop software that users rely on, effective communication about changes with each release is essential. By keeping users informed about new features and any modifications or removals, you ensure they maximize the software's benefits and avoid encountering unpleasant surprises during upgrades.\n\nHistorically, creating release notes and maintaining a changelog has been a laborious task, requiring developers to monitor changes externally or release managers to sift through merge histories. With the GitLab Changelog API, you can use the rich history provided in our git repository to easily create release notes and maintain a changelog.\n\nIn this tutorial, we'll delve into automating releases with GitLab, covering the generation of release artifacts, release notes, and a comprehensive changelog detailing all user-centric software modifications.\n\n## Releases in GitLab\nFirst, let's explore how releases work in GitLab.\n\nIn GitLab, a release is a specific version of your code, identified by a git tag, that includes details about changes since the last release (and release notes) and any related artifacts built from that version of the code, such as Docker images, installation packages, and documentation.\n\nYou can create and track releases in GitLab using the UI by calling our Release API or by defining a special `release` job inside a CI pipeline. In this tutorial, we'll use the `release` job in a CI/CD pipeline, which allows us to extend the automation we're using in our pipelines for testing, code scanning, etc. to also perform automated releases.\n\nTo automate our releases, we first need to answer this question: Where are we going to get the information on changes made for our release notes and our changelog? The answer: Our git repository, which provides us with a rich history of development activity through commit messages and merge commit history. Let's see if we can leverage this rich history to automatically create our notes and changelogs.\n\n## Introducing commit trailers\n[Commit trailers](https://git-scm.com/docs/git-interpret-trailers) are structured entries in your git commits, created by adding simple `\u003CHEADER>:\u003CBODY>` format messages to the end of your commit. The `git` CLI tool can then parse and extract these for use in other systems. An example you might have already used is `git commit --sign-off` to sign off on a commit. This is implemented by adding a `Signed-off-by: \u003CYour Name>` trailer to the commit. We can add any arbitrary structured data here, which makes it a great place to store information that could be useful for our changelog.\n\nIn fact, if we use a `Changelog: \u003Cadded/changed/removed>` trailer in our commits, the GitLab Changelog API will parse these and use them to create a changelog for us automatically!\n\nLet's see this in action by making some changes to a real codebase and performing a release, and generating release notes and changelog entries.\n\n## Our example project\nFor the purposes of this blog, I'm using a simple Python web app repository. Let's pretend Version 1.0.0 of the application was just released and is the current version of the code. I've also created a 1.0.0 release in GitLab, which I did manually because we haven't created our automated release pipeline yet:\n\n![A screenshot of the GitLab UI showing a release for Version 1.0.0](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/1-0-release.png)\n\n## Making our changes\nWe're in rapid development mode, so we're going to be working on releasing Version 2.0.0 of our application today. As part of our 2.0.0 release, we're going to be adding a new feature to our app: A chatbot! And we're also going to be removing the quantum blockchain feature, because we only needed that for our first venture capital funding round. Also, we're going to be adding an automated release job to our CI/CD pipeline for our 2.0.0 release.\n\nFirst, let's remove unneeded features. I've created a merge request that contains the necessary removals. Importantly, we need to ensure we have a commit message that includes the `Changelog: removed` trailer. There's a few ways to do this, such as including it directly in a commit, or performing an interactive rebase and adding it using the CLI. But I think the easiest way in our situation is to leave it until the end and then use the `Edit commit message` button in GitLab to add the trailer to the merge commit like so:\n\n![A screenshot the GitLab UI showing a merge request removing unused features](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/remove-unused-features-mr.png)\n\nIf you use this method, you can also change the merge commit title to something more succinct. I've changed the title of my merge commit to 'Remove Unused Features', as this is what will appear in the changelog entry.\n\nNext, let's add some new functionality for the 2.0.0 release. Again, all we need to do is open another merge request that includes our new features and then edit the merge commit to include the `Changelog: added` trailer and edit the commit title to be more succinct:\n\n![A screenshot of the GitLab UI showing a merge request to add new functionality](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/add-chatbot-mr.png)\n\nNow we're pretty much ready to release 2.0.0. But we don't want to create our release manually this time. So before our release we're going to add some jobs to our `.gitlab-ci.yml` file that will perform the release for us automatically, and generate the respective release notes and changelog entries, when we tag our code with a new version like `2.0.0`.\n\n**Note:** If you want to enforce changelog trailers, consider using something like [Danger to perform automated checks for MR conventions](https://docs.gitlab.com/development/dangerbot/).\n\n## Building an automated release pipeline\nFor our pipeline to work, we need to create a project access token that will allow us to call GitLab's API to generate changelog entries. [Create a project access token with the API scope](https://docs.gitlab.com/user/project/settings/project_access_toke/ ns.html#create-a-project-access-token), and then [store the token as a CI/CD variable](https://docs.gitlab.com/ci/variables/#define-a-cicd-variable-in-the-ui) called `CI_API_TOKEN`. We'll reference this variable to authenticate to the API.\n\nNext, we're going to add two new jobs to our `gitlab-ci.yml` file:\n```yaml\nprepare_job:\n  stage: prepare\n  image: alpine:latest\n  rules:\n  - if: '$CI_COMMIT_TAG =~ /^v?\\d+\\.\\d+\\.\\d+$/'\n  script:\n    - apk add curl jq\n    - 'curl -H \"PRIVATE-TOKEN: $CI_API_TOKEN\" \"$CI_API_V4_URL/projects/$CI_PROJECT_ID/repository/changelog?version=$CI_COMMIT_TAG\" | jq -r .notes > release_notes.md'\n  artifacts:\n    paths:\n    - release_notes.md\n\nrelease_job:\n  stage: release\n  image: registry.gitlab.com/gitlab-org/release-cli:latest\n  needs:\n    - job: prepare_job\n      artifacts: true\n  rules:\n  - if: '$CI_COMMIT_TAG =~ /^v?\\d+\\.\\d+\\.\\d+$/'\n  script:\n    - echo \"Creating release\"\n  release:\n    name: 'Release $CI_COMMIT_TAG'\n    description: release_notes.md\n    tag_name: '$CI_COMMIT_TAG'\n    ref: '$CI_COMMIT_SHA'\n    assets:\n      links:\n        - name: 'Container Image $CI_COMMIT_TAG'\n          url: \"https://$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA\"\n```\n\nIn the above configuration, the `prepare_job` uses `curl` and `jq` to call the GitLab Changelog API endpoint and then passes this to our `release_job` to actually create the release. To break it down further:\n- We use the project access token created earlier to call the GitLab Changelog API, which performs the generation of the release notes and we store this as an artifact.\n- We're using the `$CI_COMMIT_TAG` variable as the version. For this to work, we need to be using semantic versioning for our tags (something like `2.0.0` for example), so you'll notice I've also restricted the release job using a `rules` section that checks for a semantic version tag.\n\t- Semantic versioning is required for the GitLab Changelog API to work. It uses this format to find the most recent release to compare to our current release.\n- We use the official `release-cli` image from GitLab. The release-cli is required to use the `release` keyword in a job.\n- We use the `release` keyword to create a release in GitLab. This is a special job keyword reserved for creating a release and populating the required fields.\n- We can pass a file as an argument to the `description` of the release. In our case, it's the file we generated in the `prepare_job`, which was passed to this job as an artifact.\n- We've also included our container image that is being built earlier in the pipeline as a release asset. You can attach any assets you'd like from your build process, such as binaries or documentation by providing a URL to wherever you've uploaded them earlier in the pipeline.\n\n## Performing an automated release\nWith this setup, all we need to do to perform a release is push a tag to our repository that follows our versioning scheme. You can simply push a tag using the CLI, this example uses GitLab's UI to create a tag on the main branch. Create a tag by selecting Code -> Tags -> New Tag on the sidebar:\n![A screenshot of the GitLab UI illustrating how to create a tag](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/create-2-tag.png)\n\nOn creation, our pipelines will start to execute. The GitLab Changelog API will automatically generate release notes for us as markdown, which contains all the changes between this release and the previous release. Here's the resulting markdown generated in our example:\n\n```md\n## 2.0.0 (2023-08-25)\n\n### added (1 change)\n\n- [Add ChatBot](gl-demo-ultimate-bridley/super-devsecops-incorporated/simply-notes-release-demo@0c3601a45af617c5481322bfce4d71db1f911b02) ([merge request](gl-demo-ultimate-bridley/super-devsecops-incorporated/simply-notes-release-demo!4))\n\n### removed (1 change)\n\n- [Remove Unused Features](gl-demo-ultimate-bridley/super-devsecops-incorporated/simply-notes-release-demo@463d453c5ae0f4fc611ea969e5442e3298bf0d8a) ([merge request](gl-demo-ultimate-bridley/super-devsecops-incorporated/simply-notes-release-demo!3))\n```\n\nAs you can see, GitLab has extracted the entries for our release notes automatically using our git commit trailers. In addition, it's helpfully provided links back to the merge request so readers can see more details and discussion around the changes.\n\nAnd now, our final release:\n![The GitLab release UI showing a release for version 2.0.0](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/2-0-release.png)\n\n## Creating the changelog\nNext, we want to update our changelog (which is basically a collated history of all your release notes). You can use a `POST` request to the changelog API endpoint we used earlier to do this.\n\nYou can do this as part of your release pipeline if you like, for example by adding this to the `script` section of your prepare job:\n```sh\n'curl -H \"PRIVATE-TOKEN: $CI_API_TOKEN\" -X POST \"$CI_API_V4_URL/projects/$CI_PROJECT_ID/repository/changelog?version=$CI_COMMIT_TAG\"\n```\n\n**Note that this will actually modify the repository.** It will create a commit to add the latest notes to a `CHANGELOG.md` file:\n![A screenshot of the repository which shows a commit updating the changelog file](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/changelog-api-commit.png)\n\nAnd we are done! By utilizing the rich history provided by `git` with some handy commit trailers, we can leverage GitLab's powerful API and CI/CD pipelines to automate our release process and generate release notes for us.\n\n> If you’d like to explore the project we used for this article, [you can find the project at this link](https://gitlab.com/gitlab-learn-labs/sample-projects/release-automation-demo).","product",{"template":13,"slug":14,"featured":15},"BlogPost","tutorial-automated-release-and-release-notes-with-gitlab",false,{"title":5,"description":17,"authors":18,"heroImage":19,"tags":20,"category":11,"date":27,"updatedDate":28,"body":10},"With the GitLab Changelog API, you can automate the generation of release artifacts, release notes, and a comprehensive changelog detailing all user-centric software modifications.",[9],"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659978/Blog/Hero%20Images/automation.png",[21,22,23,24,25,26],"tutorial","CI","CI/CD","DevOps","DevSecOps","git","2023-11-01","2025-06-05","md",null,{},true,"/en-us/blog/tutorial-automated-release-and-release-notes-with-gitlab","---\nseo:\n  title: 'Tutorial: Automate releases and release notes with GitLab'\n  description: >-\n    With the GitLab Changelog API, you can automate the generation of release\n    artifacts, release notes, and a comprehensive changelog detailing all\n    user-centric software modifications.\n  ogTitle: 'Tutorial: Automate releases and release notes with GitLab'\n  ogDescription: >-\n    With the GitLab Changelog API, you can automate the generation of release\n    artifacts, release notes, and a comprehensive changelog detailing all\n    user-centric software modifications.\n  noIndex: false\n  ogImage: >-\n    https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659978/Blog/Hero%20Images/automation.png\n  ogUrl: >-\n    https://about.gitlab.com/blog/tutorial-automated-release-and-release-notes-with-gitlab\n  ogSiteName: https://about.gitlab.com\n  ogType: article\n  canonicalUrls: >-\n    https://about.gitlab.com/blog/tutorial-automated-release-and-release-notes-with-gitlab\ntitle: 'Tutorial: Automate releases and release notes with GitLab'\ndescription: With the GitLab Changelog API, you can automate the generation of release artifacts, release notes, and a comprehensive changelog detailing all user-centric software modifications.\nauthors:\n  - Ben Ridley\nheroImage: https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659978/Blog/Hero%20Images/automation.png\ntags:\n  - tutorial\n  - CI\n  - CI/CD\n  - DevOps\n  - DevSecOps\n  - git\ncategory: product\ndate: '2023-11-01'\nupdatedDate: '2025-06-05'\nslug: tutorial-automated-release-and-release-notes-with-gitlab\nfeatured: false\ntemplate: BlogPost\n---\n\n***2025 update** - The Changelog API has continued to evolve and now has some great new capabilities we don’t cover in this blog, such as the ability to provide custom changelogs with templated values from your commit history. [Discover more in the official Changelogs docs.](https://docs.gitlab.com/user/project/changelogs/)*\n\nWhen you develop software that users rely on, effective communication about changes with each release is essential. By keeping users informed about new features and any modifications or removals, you ensure they maximize the software's benefits and avoid encountering unpleasant surprises during upgrades.\n\nHistorically, creating release notes and maintaining a changelog has been a laborious task, requiring developers to monitor changes externally or release managers to sift through merge histories. With the GitLab Changelog API, you can use the rich history provided in our git repository to easily create release notes and maintain a changelog.\n\nIn this tutorial, we'll delve into automating releases with GitLab, covering the generation of release artifacts, release notes, and a comprehensive changelog detailing all user-centric software modifications.\n\n## Releases in GitLab\nFirst, let's explore how releases work in GitLab.\n\nIn GitLab, a release is a specific version of your code, identified by a git tag, that includes details about changes since the last release (and release notes) and any related artifacts built from that version of the code, such as Docker images, installation packages, and documentation.\n\nYou can create and track releases in GitLab using the UI by calling our Release API or by defining a special `release` job inside a CI pipeline. In this tutorial, we'll use the `release` job in a CI/CD pipeline, which allows us to extend the automation we're using in our pipelines for testing, code scanning, etc. to also perform automated releases.\n\nTo automate our releases, we first need to answer this question: Where are we going to get the information on changes made for our release notes and our changelog? The answer: Our git repository, which provides us with a rich history of development activity through commit messages and merge commit history. Let's see if we can leverage this rich history to automatically create our notes and changelogs.\n\n## Introducing commit trailers\n[Commit trailers](https://git-scm.com/docs/git-interpret-trailers) are structured entries in your git commits, created by adding simple `\u003CHEADER>:\u003CBODY>` format messages to the end of your commit. The `git` CLI tool can then parse and extract these for use in other systems. An example you might have already used is `git commit --sign-off` to sign off on a commit. This is implemented by adding a `Signed-off-by: \u003CYour Name>` trailer to the commit. We can add any arbitrary structured data here, which makes it a great place to store information that could be useful for our changelog.\n\nIn fact, if we use a `Changelog: \u003Cadded/changed/removed>` trailer in our commits, the GitLab Changelog API will parse these and use them to create a changelog for us automatically!\n\nLet's see this in action by making some changes to a real codebase and performing a release, and generating release notes and changelog entries.\n\n## Our example project\nFor the purposes of this blog, I'm using a simple Python web app repository. Let's pretend Version 1.0.0 of the application was just released and is the current version of the code. I've also created a 1.0.0 release in GitLab, which I did manually because we haven't created our automated release pipeline yet:\n\n![A screenshot of the GitLab UI showing a release for Version 1.0.0](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/1-0-release.png)\n\n## Making our changes\nWe're in rapid development mode, so we're going to be working on releasing Version 2.0.0 of our application today. As part of our 2.0.0 release, we're going to be adding a new feature to our app: A chatbot! And we're also going to be removing the quantum blockchain feature, because we only needed that for our first venture capital funding round. Also, we're going to be adding an automated release job to our CI/CD pipeline for our 2.0.0 release.\n\nFirst, let's remove unneeded features. I've created a merge request that contains the necessary removals. Importantly, we need to ensure we have a commit message that includes the `Changelog: removed` trailer. There's a few ways to do this, such as including it directly in a commit, or performing an interactive rebase and adding it using the CLI. But I think the easiest way in our situation is to leave it until the end and then use the `Edit commit message` button in GitLab to add the trailer to the merge commit like so:\n\n![A screenshot the GitLab UI showing a merge request removing unused features](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/remove-unused-features-mr.png)\n\nIf you use this method, you can also change the merge commit title to something more succinct. I've changed the title of my merge commit to 'Remove Unused Features', as this is what will appear in the changelog entry.\n\nNext, let's add some new functionality for the 2.0.0 release. Again, all we need to do is open another merge request that includes our new features and then edit the merge commit to include the `Changelog: added` trailer and edit the commit title to be more succinct:\n\n![A screenshot of the GitLab UI showing a merge request to add new functionality](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/add-chatbot-mr.png)\n\nNow we're pretty much ready to release 2.0.0. But we don't want to create our release manually this time. So before our release we're going to add some jobs to our `.gitlab-ci.yml` file that will perform the release for us automatically, and generate the respective release notes and changelog entries, when we tag our code with a new version like `2.0.0`.\n\n**Note:** If you want to enforce changelog trailers, consider using something like [Danger to perform automated checks for MR conventions](https://docs.gitlab.com/development/dangerbot/).\n\n## Building an automated release pipeline\nFor our pipeline to work, we need to create a project access token that will allow us to call GitLab's API to generate changelog entries. [Create a project access token with the API scope](https://docs.gitlab.com/user/project/settings/project_access_toke/ ns.html#create-a-project-access-token), and then [store the token as a CI/CD variable](https://docs.gitlab.com/ci/variables/#define-a-cicd-variable-in-the-ui) called `CI_API_TOKEN`. We'll reference this variable to authenticate to the API.\n\nNext, we're going to add two new jobs to our `gitlab-ci.yml` file:\n```yaml\nprepare_job:\n  stage: prepare\n  image: alpine:latest\n  rules:\n  - if: '$CI_COMMIT_TAG =~ /^v?\\d+\\.\\d+\\.\\d+$/'\n  script:\n    - apk add curl jq\n    - 'curl -H \"PRIVATE-TOKEN: $CI_API_TOKEN\" \"$CI_API_V4_URL/projects/$CI_PROJECT_ID/repository/changelog?version=$CI_COMMIT_TAG\" | jq -r .notes > release_notes.md'\n  artifacts:\n    paths:\n    - release_notes.md\n\nrelease_job:\n  stage: release\n  image: registry.gitlab.com/gitlab-org/release-cli:latest\n  needs:\n    - job: prepare_job\n      artifacts: true\n  rules:\n  - if: '$CI_COMMIT_TAG =~ /^v?\\d+\\.\\d+\\.\\d+$/'\n  script:\n    - echo \"Creating release\"\n  release:\n    name: 'Release $CI_COMMIT_TAG'\n    description: release_notes.md\n    tag_name: '$CI_COMMIT_TAG'\n    ref: '$CI_COMMIT_SHA'\n    assets:\n      links:\n        - name: 'Container Image $CI_COMMIT_TAG'\n          url: \"https://$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA\"\n```\n\nIn the above configuration, the `prepare_job` uses `curl` and `jq` to call the GitLab Changelog API endpoint and then passes this to our `release_job` to actually create the release. To break it down further:\n- We use the project access token created earlier to call the GitLab Changelog API, which performs the generation of the release notes and we store this as an artifact.\n- We're using the `$CI_COMMIT_TAG` variable as the version. For this to work, we need to be using semantic versioning for our tags (something like `2.0.0` for example), so you'll notice I've also restricted the release job using a `rules` section that checks for a semantic version tag.\n\t- Semantic versioning is required for the GitLab Changelog API to work. It uses this format to find the most recent release to compare to our current release.\n- We use the official `release-cli` image from GitLab. The release-cli is required to use the `release` keyword in a job.\n- We use the `release` keyword to create a release in GitLab. This is a special job keyword reserved for creating a release and populating the required fields.\n- We can pass a file as an argument to the `description` of the release. In our case, it's the file we generated in the `prepare_job`, which was passed to this job as an artifact.\n- We've also included our container image that is being built earlier in the pipeline as a release asset. You can attach any assets you'd like from your build process, such as binaries or documentation by providing a URL to wherever you've uploaded them earlier in the pipeline.\n\n## Performing an automated release\nWith this setup, all we need to do to perform a release is push a tag to our repository that follows our versioning scheme. You can simply push a tag using the CLI, this example uses GitLab's UI to create a tag on the main branch. Create a tag by selecting Code -> Tags -> New Tag on the sidebar:\n![A screenshot of the GitLab UI illustrating how to create a tag](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/create-2-tag.png)\n\nOn creation, our pipelines will start to execute. The GitLab Changelog API will automatically generate release notes for us as markdown, which contains all the changes between this release and the previous release. Here's the resulting markdown generated in our example:\n\n```md\n## 2.0.0 (2023-08-25)\n\n### added (1 change)\n\n- [Add ChatBot](gl-demo-ultimate-bridley/super-devsecops-incorporated/simply-notes-release-demo@0c3601a45af617c5481322bfce4d71db1f911b02) ([merge request](gl-demo-ultimate-bridley/super-devsecops-incorporated/simply-notes-release-demo!4))\n\n### removed (1 change)\n\n- [Remove Unused Features](gl-demo-ultimate-bridley/super-devsecops-incorporated/simply-notes-release-demo@463d453c5ae0f4fc611ea969e5442e3298bf0d8a) ([merge request](gl-demo-ultimate-bridley/super-devsecops-incorporated/simply-notes-release-demo!3))\n```\n\nAs you can see, GitLab has extracted the entries for our release notes automatically using our git commit trailers. In addition, it's helpfully provided links back to the merge request so readers can see more details and discussion around the changes.\n\nAnd now, our final release:\n![The GitLab release UI showing a release for version 2.0.0](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/2-0-release.png)\n\n## Creating the changelog\nNext, we want to update our changelog (which is basically a collated history of all your release notes). You can use a `POST` request to the changelog API endpoint we used earlier to do this.\n\nYou can do this as part of your release pipeline if you like, for example by adding this to the `script` section of your prepare job:\n```sh\n'curl -H \"PRIVATE-TOKEN: $CI_API_TOKEN\" -X POST \"$CI_API_V4_URL/projects/$CI_PROJECT_ID/repository/changelog?version=$CI_COMMIT_TAG\"\n```\n\n**Note that this will actually modify the repository.** It will create a commit to add the latest notes to a `CHANGELOG.md` file:\n![A screenshot of the repository which shows a commit updating the changelog file](https://about.gitlab.com/images/blogimages/2023-08-22-automated-release-and-release-notes-with-gitlab/changelog-api-commit.png)\n\nAnd we are done! By utilizing the rich history provided by `git` with some handy commit trailers, we can leverage GitLab's powerful API and CI/CD pipelines to automate our release process and generate release notes for us.\n\n> If you’d like to explore the project we used for this article, [you can find the project at this link](https://gitlab.com/gitlab-learn-labs/sample-projects/release-automation-demo).\n",{"title":5,"description":17,"ogTitle":5,"ogDescription":17,"noIndex":15,"ogImage":19,"ogUrl":36,"ogSiteName":37,"ogType":38,"canonicalUrls":36},"https://about.gitlab.com/blog/tutorial-automated-release-and-release-notes-with-gitlab","https://about.gitlab.com","article","en-us/blog/tutorial-automated-release-and-release-notes-with-gitlab",[21,41,42,43,44,26],"ci","cicd","devops","devsecops",[21,22,23,24,25,26],"sGsI5GCJpewuSDBD-zAwOB1TYjTs2k9h3eEGrj85rO0",{"logo":48,"freeTrial":53,"sales":58,"login":63,"items":68,"search":387,"minimal":418,"duo":437,"switchNav":446,"pricingDeployment":457},{"config":49},{"href":50,"dataGaName":51,"dataGaLocation":52},"/","gitlab logo","header",{"text":54,"config":55},"Get free trial",{"href":56,"dataGaName":57,"dataGaLocation":52},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":59,"config":60},"Talk to sales",{"href":61,"dataGaName":62,"dataGaLocation":52},"/sales/","sales",{"text":64,"config":65},"Sign in",{"href":66,"dataGaName":67,"dataGaLocation":52},"https://gitlab.com/users/sign_in/","sign in",[69,98,197,202,306,367],{"text":70,"config":71,"menu":73},"Platform",{"dataNavLevelOne":72},"platform",{"type":74,"columns":75},"cards",[76,82,90],{"title":70,"description":77,"link":78},"The intelligent orchestration platform for DevSecOps",{"text":79,"config":80},"Explore our Platform",{"href":81,"dataGaName":72,"dataGaLocation":52},"/platform/",{"title":83,"description":84,"link":85},"GitLab Duo Agent Platform","Agentic AI for the entire software lifecycle",{"text":86,"config":87},"Meet GitLab Duo",{"href":88,"dataGaName":89,"dataGaLocation":52},"/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":91,"description":92,"link":93},"Why GitLab","See the top reasons enterprises choose GitLab",{"text":94,"config":95},"Learn more",{"href":96,"dataGaName":97,"dataGaLocation":52},"/why-gitlab/","why gitlab",{"text":99,"left":32,"config":100,"menu":102},"Product",{"dataNavLevelOne":101},"solutions",{"type":103,"link":104,"columns":108,"feature":176},"lists",{"text":105,"config":106},"View all Solutions",{"href":107,"dataGaName":101,"dataGaLocation":52},"/solutions/",[109,132,155],{"title":110,"description":111,"link":112,"items":117},"Automation","CI/CD and automation to accelerate deployment",{"config":113},{"icon":114,"href":115,"dataGaName":116,"dataGaLocation":52},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[118,121,124,128],{"text":23,"config":119},{"href":120,"dataGaLocation":52,"dataGaName":23},"/solutions/continuous-integration/",{"text":83,"config":122},{"href":88,"dataGaLocation":52,"dataGaName":123},"gitlab duo agent platform - product menu",{"text":125,"config":126},"Source Code Management",{"href":127,"dataGaLocation":52,"dataGaName":125},"/solutions/source-code-management/",{"text":129,"config":130},"Automated Software Delivery",{"href":115,"dataGaLocation":52,"dataGaName":131},"Automated software delivery",{"title":133,"description":134,"link":135,"items":140},"Security","Deliver code faster without compromising security",{"config":136},{"href":137,"dataGaName":138,"dataGaLocation":52,"icon":139},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[141,145,150],{"text":142,"config":143},"Application Security Testing",{"href":137,"dataGaName":144,"dataGaLocation":52},"Application security testing",{"text":146,"config":147},"Software Supply Chain Security",{"href":148,"dataGaLocation":52,"dataGaName":149},"/solutions/supply-chain/","Software supply chain security",{"text":151,"config":152},"Software Compliance",{"href":153,"dataGaName":154,"dataGaLocation":52},"/solutions/software-compliance/","software compliance",{"title":156,"link":157,"items":162},"Measurement",{"config":158},{"icon":159,"href":160,"dataGaName":161,"dataGaLocation":52},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[163,167,171],{"text":164,"config":165},"Visibility & Measurement",{"href":160,"dataGaLocation":52,"dataGaName":166},"Visibility and Measurement",{"text":168,"config":169},"Value Stream Management",{"href":170,"dataGaLocation":52,"dataGaName":168},"/solutions/value-stream-management/",{"text":172,"config":173},"Analytics & Insights",{"href":174,"dataGaLocation":52,"dataGaName":175},"/solutions/analytics-and-insights/","Analytics and insights",{"title":177,"type":103,"items":178},"GitLab for",[179,185,191],{"text":180,"config":181},"Enterprise",{"icon":182,"href":183,"dataGaLocation":52,"dataGaName":184},"Building","/enterprise/","enterprise",{"text":186,"config":187},"Small Business",{"icon":188,"href":189,"dataGaLocation":52,"dataGaName":190},"Work","/small-business/","small business",{"text":192,"config":193},"Public Sector",{"icon":194,"href":195,"dataGaLocation":52,"dataGaName":196},"Organization","/solutions/public-sector/","public sector",{"text":198,"config":199},"Pricing",{"href":200,"dataGaName":201,"dataGaLocation":52,"dataNavLevelOne":201},"/pricing/","pricing",{"text":203,"config":204,"menu":206},"Resources",{"dataNavLevelOne":205},"resources",{"type":103,"link":207,"columns":211,"feature":295},{"text":208,"config":209},"View all resources",{"href":210,"dataGaName":205,"dataGaLocation":52},"/resources/",[212,245,267],{"title":213,"items":214},"Getting started",[215,220,225,230,235,240],{"text":216,"config":217},"Install",{"href":218,"dataGaName":219,"dataGaLocation":52},"/install/","install",{"text":221,"config":222},"Quick start guides",{"href":223,"dataGaName":224,"dataGaLocation":52},"/get-started/","quick setup checklists",{"text":226,"config":227},"Learn",{"href":228,"dataGaLocation":52,"dataGaName":229},"https://university.gitlab.com/","learn",{"text":231,"config":232},"Product documentation",{"href":233,"dataGaName":234,"dataGaLocation":52},"https://docs.gitlab.com/","product documentation",{"text":236,"config":237},"Best practice videos",{"href":238,"dataGaName":239,"dataGaLocation":52},"/getting-started-videos/","best practice videos",{"text":241,"config":242},"Integrations",{"href":243,"dataGaName":244,"dataGaLocation":52},"/integrations/","integrations",{"title":246,"items":247},"Discover",[248,253,258,262],{"text":249,"config":250},"Customer success stories",{"href":251,"dataGaName":252,"dataGaLocation":52},"/customers/","customer success stories",{"text":254,"config":255},"Blog",{"href":256,"dataGaName":257,"dataGaLocation":52},"/blog/","blog",{"text":259,"config":260},"The Source",{"href":261,"dataGaName":257,"dataGaLocation":52},"/the-source/",{"text":263,"config":264},"Remote",{"href":265,"dataGaName":266,"dataGaLocation":52},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":268,"items":269},"Connect",[270,275,280,285,290],{"text":271,"config":272},"GitLab Services",{"href":273,"dataGaName":274,"dataGaLocation":52},"/services/","services",{"text":276,"config":277},"Community",{"href":278,"dataGaName":279,"dataGaLocation":52},"/community/","community",{"text":281,"config":282},"Forum",{"href":283,"dataGaName":284,"dataGaLocation":52},"https://forum.gitlab.com/","forum",{"text":286,"config":287},"Events",{"href":288,"dataGaName":289,"dataGaLocation":52},"/events/","events",{"text":291,"config":292},"Partners",{"href":293,"dataGaName":294,"dataGaLocation":52},"/partners/","partners",{"config":296,"title":299,"text":300,"link":301},{"background":297,"textColor":298},"url('https://res.cloudinary.com/about-gitlab-com/image/upload/v1777322348/qpq8yrgn8knii57omj0c.png')","#000","What’s new in GitLab","Stay updated with our latest features and improvements.",{"text":302,"config":303},"Read the latest",{"href":304,"dataGaName":305,"dataGaLocation":52},"/releases/whats-new/","whats new",{"text":307,"config":308,"menu":310},"Company",{"dataNavLevelOne":309},"company",{"type":103,"columns":311},[312],{"items":313},[314,319,325,327,332,337,342,347,352,357,362],{"text":315,"config":316},"About",{"href":317,"dataGaName":318,"dataGaLocation":52},"/company/","about",{"text":320,"config":321,"footerGa":324},"Jobs",{"href":322,"dataGaName":323,"dataGaLocation":52},"/jobs/","jobs",{"dataGaName":323},{"text":286,"config":326},{"href":288,"dataGaName":289,"dataGaLocation":52},{"text":328,"config":329},"Leadership",{"href":330,"dataGaName":331,"dataGaLocation":52},"/company/team/e-group/","leadership",{"text":333,"config":334},"Team",{"href":335,"dataGaName":336,"dataGaLocation":52},"/company/team/","team",{"text":338,"config":339},"Handbook",{"href":340,"dataGaName":341,"dataGaLocation":52},"https://handbook.gitlab.com/","handbook",{"text":343,"config":344},"Investor relations",{"href":345,"dataGaName":346,"dataGaLocation":52},"https://ir.gitlab.com/","investor relations",{"text":348,"config":349},"Trust Center",{"href":350,"dataGaName":351,"dataGaLocation":52},"/security/","trust center",{"text":353,"config":354},"AI Transparency Center",{"href":355,"dataGaName":356,"dataGaLocation":52},"/ai-transparency-center/","ai transparency center",{"text":358,"config":359},"Newsletter",{"href":360,"dataGaName":361,"dataGaLocation":52},"/company/contact/#contact-forms","newsletter",{"text":363,"config":364},"Press",{"href":365,"dataGaName":366,"dataGaLocation":52},"/press/","press",{"text":368,"config":369,"menu":370},"Contact us",{"dataNavLevelOne":309},{"type":103,"columns":371},[372],{"items":373},[374,377,382],{"text":59,"config":375},{"href":61,"dataGaName":376,"dataGaLocation":52},"talk to sales",{"text":378,"config":379},"Support portal",{"href":380,"dataGaName":381,"dataGaLocation":52},"https://support.gitlab.com","support portal",{"text":383,"config":384},"Customer portal",{"href":385,"dataGaName":386,"dataGaLocation":52},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":388,"login":389,"suggestions":396},"Close",{"text":390,"link":391},"To search repositories and projects, login to",{"text":392,"config":393},"gitlab.com",{"href":66,"dataGaName":394,"dataGaLocation":395},"search login","search",{"text":397,"default":398},"Suggestions",[399,401,405,407,411,415],{"text":83,"config":400},{"href":88,"dataGaName":83,"dataGaLocation":395},{"text":402,"config":403},"Code Suggestions (AI)",{"href":404,"dataGaName":402,"dataGaLocation":395},"/solutions/code-suggestions/",{"text":23,"config":406},{"href":120,"dataGaName":23,"dataGaLocation":395},{"text":408,"config":409},"GitLab on AWS",{"href":410,"dataGaName":408,"dataGaLocation":395},"/partners/technology-partners/aws/",{"text":412,"config":413},"GitLab on Google Cloud",{"href":414,"dataGaName":412,"dataGaLocation":395},"/partners/technology-partners/google-cloud-platform/",{"text":416,"config":417},"Why GitLab?",{"href":96,"dataGaName":416,"dataGaLocation":395},{"freeTrial":419,"mobileIcon":424,"desktopIcon":429,"secondaryButton":432},{"text":420,"config":421},"Start free trial",{"href":422,"dataGaName":57,"dataGaLocation":423},"https://gitlab.com/-/trials/new/","nav",{"altText":425,"config":426},"Gitlab Icon",{"src":427,"dataGaName":428,"dataGaLocation":423},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":425,"config":430},{"src":431,"dataGaName":428,"dataGaLocation":423},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":433,"config":434},"Get Started",{"href":435,"dataGaName":436,"dataGaLocation":423},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/get-started/","get started",{"freeTrial":438,"mobileIcon":442,"desktopIcon":444},{"text":439,"config":440},"Learn more about GitLab Duo",{"href":88,"dataGaName":441,"dataGaLocation":423},"gitlab duo",{"altText":425,"config":443},{"src":427,"dataGaName":428,"dataGaLocation":423},{"altText":425,"config":445},{"src":431,"dataGaName":428,"dataGaLocation":423},{"button":447,"mobileIcon":452,"desktopIcon":454},{"text":448,"config":449},"/switch",{"href":450,"dataGaName":451,"dataGaLocation":423},"#contact","switch",{"altText":425,"config":453},{"src":427,"dataGaName":428,"dataGaLocation":423},{"altText":425,"config":455},{"src":456,"dataGaName":428,"dataGaLocation":423},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1773335277/ohhpiuoxoldryzrnhfrh.png",{"freeTrial":458,"mobileIcon":463,"desktopIcon":465},{"text":459,"config":460},"Back to pricing",{"href":200,"dataGaName":461,"dataGaLocation":423,"icon":462},"back to pricing","GoBack",{"altText":425,"config":464},{"src":427,"dataGaName":428,"dataGaLocation":423},{"altText":425,"config":466},{"src":431,"dataGaName":428,"dataGaLocation":423},{"title":468,"button":469,"config":474},"See how agentic AI transforms software delivery",{"text":470,"config":471},"Sign up for GitLab Transcend on June 10",{"href":472,"dataGaName":473,"dataGaLocation":52},"/releases/whats-new/#sign-up","transcend event",{"layout":475,"icon":476,"disabled":15},"release","AiStar",{"data":478},{"text":479,"source":480,"edit":486,"contribute":491,"config":496,"items":501,"minimal":703},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":481,"config":482},"View page source",{"href":483,"dataGaName":484,"dataGaLocation":485},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":487,"config":488},"Edit this page",{"href":489,"dataGaName":490,"dataGaLocation":485},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":492,"config":493},"Please contribute",{"href":494,"dataGaName":495,"dataGaLocation":485},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":497,"facebook":498,"youtube":499,"linkedin":500},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[502,549,598,642,669],{"title":198,"links":503,"subMenu":518},[504,508,513],{"text":505,"config":506},"View plans",{"href":200,"dataGaName":507,"dataGaLocation":485},"view plans",{"text":509,"config":510},"Why Premium?",{"href":511,"dataGaName":512,"dataGaLocation":485},"/pricing/premium/","why premium",{"text":514,"config":515},"Why Ultimate?",{"href":516,"dataGaName":517,"dataGaLocation":485},"/pricing/ultimate/","why ultimate",[519],{"title":520,"links":521},"Contact Us",[522,525,527,529,534,539,544],{"text":523,"config":524},"Contact sales",{"href":61,"dataGaName":62,"dataGaLocation":485},{"text":378,"config":526},{"href":380,"dataGaName":381,"dataGaLocation":485},{"text":383,"config":528},{"href":385,"dataGaName":386,"dataGaLocation":485},{"text":530,"config":531},"Status",{"href":532,"dataGaName":533,"dataGaLocation":485},"https://status.gitlab.com/","status",{"text":535,"config":536},"Terms of use",{"href":537,"dataGaName":538,"dataGaLocation":485},"/terms/","terms of use",{"text":540,"config":541},"Privacy statement",{"href":542,"dataGaName":543,"dataGaLocation":485},"/privacy/","privacy statement",{"text":545,"config":546},"Cookie preferences",{"dataGaName":547,"dataGaLocation":485,"id":548,"isOneTrustButton":32},"cookie preferences","ot-sdk-btn",{"title":99,"links":550,"subMenu":559},[551,555],{"text":552,"config":553},"DevSecOps platform",{"href":81,"dataGaName":554,"dataGaLocation":485},"devsecops platform",{"text":556,"config":557},"AI-Assisted Development",{"href":88,"dataGaName":558,"dataGaLocation":485},"ai-assisted development",[560],{"title":561,"links":562},"Topics",[563,567,572,575,580,583,588,593],{"text":564,"config":565},"CICD",{"href":566,"dataGaName":42,"dataGaLocation":485},"/topics/ci-cd/",{"text":568,"config":569},"GitOps",{"href":570,"dataGaName":571,"dataGaLocation":485},"/topics/gitops/","gitops",{"text":24,"config":573},{"href":574,"dataGaName":43,"dataGaLocation":485},"/topics/devops/",{"text":576,"config":577},"Version Control",{"href":578,"dataGaName":579,"dataGaLocation":485},"/topics/version-control/","version control",{"text":25,"config":581},{"href":582,"dataGaName":44,"dataGaLocation":485},"/topics/devsecops/",{"text":584,"config":585},"Cloud Native",{"href":586,"dataGaName":587,"dataGaLocation":485},"/topics/cloud-native/","cloud native",{"text":589,"config":590},"AI for Coding",{"href":591,"dataGaName":592,"dataGaLocation":485},"/topics/devops/ai-for-coding/","ai for coding",{"text":594,"config":595},"Agentic AI",{"href":596,"dataGaName":597,"dataGaLocation":485},"/topics/agentic-ai/","agentic ai",{"title":599,"links":600},"Solutions",[601,603,605,610,614,617,621,624,626,629,632,637],{"text":142,"config":602},{"href":137,"dataGaName":142,"dataGaLocation":485},{"text":131,"config":604},{"href":115,"dataGaName":116,"dataGaLocation":485},{"text":606,"config":607},"Agile development",{"href":608,"dataGaName":609,"dataGaLocation":485},"/solutions/agile-delivery/","agile delivery",{"text":611,"config":612},"SCM",{"href":127,"dataGaName":613,"dataGaLocation":485},"source code management",{"text":564,"config":615},{"href":120,"dataGaName":616,"dataGaLocation":485},"continuous integration & delivery",{"text":618,"config":619},"Value stream management",{"href":170,"dataGaName":620,"dataGaLocation":485},"value stream management",{"text":568,"config":622},{"href":623,"dataGaName":571,"dataGaLocation":485},"/solutions/gitops/",{"text":180,"config":625},{"href":183,"dataGaName":184,"dataGaLocation":485},{"text":627,"config":628},"Small business",{"href":189,"dataGaName":190,"dataGaLocation":485},{"text":630,"config":631},"Public sector",{"href":195,"dataGaName":196,"dataGaLocation":485},{"text":633,"config":634},"Education",{"href":635,"dataGaName":636,"dataGaLocation":485},"/solutions/education/","education",{"text":638,"config":639},"Financial services",{"href":640,"dataGaName":641,"dataGaLocation":485},"/solutions/finance/","financial services",{"title":203,"links":643},[644,646,648,650,653,655,657,659,661,663,665,667],{"text":216,"config":645},{"href":218,"dataGaName":219,"dataGaLocation":485},{"text":221,"config":647},{"href":223,"dataGaName":224,"dataGaLocation":485},{"text":226,"config":649},{"href":228,"dataGaName":229,"dataGaLocation":485},{"text":231,"config":651},{"href":233,"dataGaName":652,"dataGaLocation":485},"docs",{"text":254,"config":654},{"href":256,"dataGaName":257,"dataGaLocation":485},{"text":249,"config":656},{"href":251,"dataGaName":252,"dataGaLocation":485},{"text":263,"config":658},{"href":265,"dataGaName":266,"dataGaLocation":485},{"text":271,"config":660},{"href":273,"dataGaName":274,"dataGaLocation":485},{"text":276,"config":662},{"href":278,"dataGaName":279,"dataGaLocation":485},{"text":281,"config":664},{"href":283,"dataGaName":284,"dataGaLocation":485},{"text":286,"config":666},{"href":288,"dataGaName":289,"dataGaLocation":485},{"text":291,"config":668},{"href":293,"dataGaName":294,"dataGaLocation":485},{"title":307,"links":670},[671,673,675,677,679,681,683,687,692,694,696,698],{"text":315,"config":672},{"href":317,"dataGaName":309,"dataGaLocation":485},{"text":320,"config":674},{"href":322,"dataGaName":323,"dataGaLocation":485},{"text":328,"config":676},{"href":330,"dataGaName":331,"dataGaLocation":485},{"text":333,"config":678},{"href":335,"dataGaName":336,"dataGaLocation":485},{"text":338,"config":680},{"href":340,"dataGaName":341,"dataGaLocation":485},{"text":343,"config":682},{"href":345,"dataGaName":346,"dataGaLocation":485},{"text":684,"config":685},"Sustainability",{"href":686,"dataGaName":684,"dataGaLocation":485},"/sustainability/",{"text":688,"config":689},"Diversity, inclusion and belonging (DIB)",{"href":690,"dataGaName":691,"dataGaLocation":485},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":348,"config":693},{"href":350,"dataGaName":351,"dataGaLocation":485},{"text":358,"config":695},{"href":360,"dataGaName":361,"dataGaLocation":485},{"text":363,"config":697},{"href":365,"dataGaName":366,"dataGaLocation":485},{"text":699,"config":700},"Modern Slavery Transparency Statement",{"href":701,"dataGaName":702,"dataGaLocation":485},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":704},[705,708,711],{"text":706,"config":707},"Terms",{"href":537,"dataGaName":538,"dataGaLocation":485},{"text":709,"config":710},"Cookies",{"dataGaName":547,"dataGaLocation":485,"id":548,"isOneTrustButton":32},{"text":712,"config":713},"Privacy",{"href":542,"dataGaName":543,"dataGaLocation":485},[715],{"id":716,"title":9,"body":30,"config":717,"content":719,"description":30,"extension":723,"meta":724,"navigation":32,"path":725,"seo":726,"stem":727,"__hash__":728},"blogAuthors/en-us/blog/authors/ben-ridley.yml",{"template":718},"BlogAuthor",{"name":9,"config":720},{"headshot":721,"ctfId":722},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659973/Blog/Author%20Headshots/bridley-headshot.jpg","bridley","yml",{},"/en-us/blog/authors/ben-ridley",{},"en-us/blog/authors/ben-ridley","jzbrM-xtuSS5JZxX-wev-ipXW7XmcYogOOxnbq1GSrs",[730,740,749],{"content":731,"config":738},{"title":732,"description":733,"heroImage":734,"date":735,"tags":736,"category":11},"GitLab Patch Release: 18.11.2, 18.10.5","Learn about this release for GitLab Community Edition and Enterprise Edition.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749661926/Blog/Hero%20Images/security-patch-blog-image-r2-0506-700x400-fy25_2x.jpg","2026-04-29",[737],"patch releases",{"featured":15,"template":13,"externalUrl":739},"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-11-2-released/",{"content":741,"config":747},{"title":742,"description":743,"heroImage":734,"date":744,"category":11,"tags":745},"GitLab Patch Release: 18.11.1, 18.10.4, 18.9.6","Discover what's in this latest patch release.","2026-04-22",[737,746],"security releases",{"featured":15,"template":13,"externalUrl":748},"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-11-1-released/",{"content":750,"config":762},{"title":751,"description":752,"body":753,"category":11,"tags":754,"date":757,"authors":758,"heroImage":761},"GitLab + Amazon: Platform orchestration on a trusted AI foundation","Pair GitLab Duo Agent Platform with Amazon Bedrock for agentic software development and orchestration.","If your team runs GitLab and has a strong AWS practice, a new combination of Duo Agent Platform and Amazon Bedrock is just for you. The model is simple: GitLab acts as your orchestration layer to help accelerate your entire software lifecycle with agentic AI, and Bedrock is designed to provide a secure, compliant foundation model layer with AI inference behind the scenes.\n\nGitLab Duo Agent Platform enables you to handle planning, merge pipelines, security scanning, vulnerability remediation, and more as part of your GitLab workflows, while the GitLab AI Gateway routes model calls to Bedrock (or GitLab-managed Bedrock-backed endpoints, depending on your setup). That means you can build on the identity and access management (IAM) policies, virtual private cloud (VPC) boundaries, regional controls, and cloud spend commitments you already have in AWS.\n\nIf you already use Amazon Bedrock and want AI to help inside the work you already do in GitLab, not in yet another standalone chat tool, this is the pairing for you.\n\n\nIn this article, we look at the real problem many teams face today: AI is fragmented, data paths are fuzzy, and Bedrock investment gets underused when AI sits outside the software development lifecycle. Then we break down your deployment options for GitLab Duo Agent Platform:\n\n* Integrated with self-hosted models on Amazon Bedrock for GitLab Self-Managed deployments and self-hosted AI gateway   \n* Integrated with GitLab-operated models on Amazon Bedrock (with GitLab-owned keys) for GitLab Self-Managed deployments and GitLab-hosted AI gateway  \n* Integrated with GitLab-operated models on Amazon Bedrock (with GitLab-owned keys) for GitLab.com instances and GitLab-hosted AI gateway\n\nWe wrap with a summary on how this approach helps avoid shadow AI and point-tool sprawl without creating a parallel tech stack for AI tooling.\n\n## AI everywhere, control nowhere\n\nSomewhere in your company right now, software teams might be using an AI tool that your security team hasn't approved. Prompt data might be leaving your environment through a path no one has fully mapped. And your organization’s Amazon Bedrock investment might be underused while individual teams expense separate AI tools, pulling workloads and cloud spend away from the platforms you’ve already committed to.\n\nInstead of being a people problem, this might be an architecture problem. And it surfaces the same three constraints in nearly every enterprise:\n\n**Operational fragmentation.** Each team, or sometimes even an individual developer, picks their own development toolset, including AI tooling and model selection. That fragmentation makes end-to-end governance within the software development lifecycle nearly impossible.\n\n**Security and sovereignty.** Where does prompt and code data actually flow? Who owns the logs?\n\n**Cloud spend optimization.** Commitments to key cloud providers like AWS are diluted as workloads and AI usage drift to point tools outside of customers’ existing agreements.\n\nGitLab Duo Agent Platform and Amazon Bedrock help solve this together. The division of labor is straightforward: Duo Agent Platform owns the workflow orchestration with agentic AI for software development, Bedrock owns the inference layer and hosts approved foundational models, and your organization has full control over the data and policy boundaries you already defined in AWS. Three jobs, three owners, no fragmentation.\n\n## GitLab Duo Agent Platform: The agentic control plane\n\nGitLab Duo Agent Platform is GitLab's agentic AI layer: a framework of specialized agents and flows that operate simultaneously and in-parallel, going beyond the traditional stage-based handoffs  and helping automate work across the entire software lifecycle. Rather than a single assistant responding to prompts, Duo Agent Platform enables teams to orchestrate many AI agents asynchronously using unified data and project context, including issues, merge requests, pipelines, and security findings. Linear workflows are turned into coordinated, continuous collaboration between software teams and their AI agents, at scale.\n\nWith that control plane in place, the natural next question is which AI foundation should power these agents. For customers who run GitLab Self-Managed on AWS and need inference traffic, prompt data, and logs to also stay within their AWS environment along with their software lifecycle data, Amazon Bedrock acting as the AI inference layer is the natural fit. \n\n## Amazon Bedrock: The trusted AI foundation\n\nAmazon Bedrock is a fully managed, serverless foundation model layer that runs entirely within your AWS environment. Customer data stays in the customer's AWS account: inputs and outputs are encrypted in transit and at rest, never shared with model providers, and never used to train base models. Bedrock carries compliance certifications across GDPR, HIPAA, and FedRAMP High, covering many regulated industry requirements out of the box. Teams can also bring fine-tuned models from elsewhere via Custom Model Import and deploy them alongside native Bedrock models through the same infrastructure, without managing separate deployment pipelines. Bedrock Guardrails adds configurable safeguards across all models for content filtering, hallucination detection, and sensitive data protection.\n\nTogether, GitLab Duo Agent Platform and Bedrock consolidate DevSecOps orchestration and AI model governance, helping eliminate the fragmentation that happens when teams roll out AI tools independently.\n\n## Choosing your deployment path\n\nThe integration delivers the same core GitLab Duo Agent Platform capabilities regardless of how it is deployed. What varies is who runs GitLab, who operates the AI Gateway, and whose Bedrock account the inference runs through. The right pattern depends on where your organization already operates.\n\nAt a high level, the integration has three main components:\n\n* **GitLab Duo Agent Platform:** agentic workflows embedded across the software development lifecycle  \n* **AI Gateway (GitLab-managed or self-hosted):** the abstraction layer between Duo Agent Platform and the foundational model backend   \n* **Amazon Bedrock:** the AI model and inference substrate\n\n![Deployment of GitLab and AWS Bedrock](https://res.cloudinary.com/about-gitlab-com/image/upload/v1776362365/udmvmv2efpmwtkxgydch.png)\n\nChoosing a deployment pattern is informed by where an organization wants to place the levers of control. The patterns below are designed to meet teams where they already are, whether that's SaaS-first, self-managed for compliance, or all-in on AWS with existing Bedrock investments.\n\n| Deployment Model | GitLab.com instance with GitLab-hosted AI Gateway with GitLab-operated Bedrock models   | GitLab Self-Managed with GitLab-hosted AI Gateway with GitLab-operated Bedrock models | GitLab Self-Managed  with self-hosted AI Gateway and customer-operated Bedrock models |\n| :---- | :---- | :---- | :---- |\n| **Ideal if you:** | Are primarily on GitLab.com and don’t want to self-host AI gateway and Bedrock models  | Need GitLab Self-Managed for compliance and operational reasons but don’t want to manage AI layer | Are AWS-centric with existing Bedrock usage and strict data/control needs  |\n| **Key Benefits** | Fastest, turnkey way to get Duo Agent Platform workflows: GitLab runs GitLab.com, the AI Gateway, integrated with Bedrock AI models. | Keep GitLab deployed in your own environment while consuming Bedrock models via a GitLab-managed AI Gateway, combining deployment control with simplified AI operations. | Run GitLab and AI Gateway in your AWS account, reuse existing IAM/VPC/regions, keep logs and data in your environment, and draw Bedrock usage from your existing AWS spend commitments. |\n\n## How customers use GitLab Duo Agent Platform with Amazon Bedrock\n\nPlatform teams can use GitLab Duo Agent Platform with Amazon Bedrock to standardize which models handle code suggestions, security analysis, and pipeline remediation. This helps enforce guardrails and logging centrally rather than letting individual teams adopt separate tools independently.\n\nSecurity workflows see particular benefit. GitLab Duo Agent Platform agents can propose and validate fixes for security findings within GitLab, helping reduce the manual triage work developers would otherwise handle outside the platform.\n\nFor enterprises already committed to AWS, routing AI workloads through Bedrock from within GitLab enables you to keep developer AI usage aligned with existing cloud agreements rather than generating separate, unplanned spend.\n\n## Closing the loop\n\nThe constraints that slow enterprise AI adoption are often not technical. They are organizational: fragmented tooling, ungoverned data flows, and cloud spend that never consolidates. Those are the problems that can stall AI programs even after the pilots succeed.\n\nGitLab Duo Agent Platform and Amazon Bedrock help address each one directly. Platform teams get consistent governance, auditability, and standardized paths for AI usage across the software development lifecycle. Development teams get streamlined, agentic workflows that feel native to GitLab. And AWS-centric organizations get to extend their existing Bedrock investment rather than build parallel AI infrastructure alongside it.\n\nThe result is an AI program that scales without fragmenting. Governance and velocity on the same stack, serving the same teams, under policies the organization already owns.\n\n\n> To explore which deployment pattern is right for your organization and how to align GitLab Duo Agent Platform and Amazon Bedrock with your existing AWS strategy, [contact the GitLab sales team](https://about.gitlab.com/sales/) and we’ll help you design and implement the best architecture for your environment. You can also [visit our AWS partner page](https://about.gitlab.com/partners/technology-partners/aws/) to learn more.",[294,755,756],"AWS","AI/ML","2026-04-21",[759,760],"Joe Mann","Mark Kriaf","https://res.cloudinary.com/about-gitlab-com/image/upload/v1776362275/ozbwn9tk0dditpnfddlz.png",{"featured":32,"template":13,"slug":763},"gitlab-amazon-platform-orchestration-on-a-trusted-ai-foundation",{"promotions":765},[766,780,791,803],{"id":767,"categories":768,"header":770,"text":771,"button":772,"image":777},"ai-modernization",[769],"ai-ml","Is AI achieving its promise at scale?","Quiz will take 5 minutes or less",{"text":773,"config":774},"Get your AI maturity score",{"href":775,"dataGaName":776,"dataGaLocation":257},"/assessments/ai-modernization-assessment/","modernization assessment",{"config":778},{"src":779},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":781,"categories":782,"header":783,"text":771,"button":784,"image":788},"devops-modernization",[11,44],"Are you just managing tools or shipping innovation?",{"text":785,"config":786},"Get your DevOps maturity score",{"href":787,"dataGaName":776,"dataGaLocation":257},"/assessments/devops-modernization-assessment/",{"config":789},{"src":790},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":792,"categories":793,"header":795,"text":771,"button":796,"image":800},"security-modernization",[794],"security","Are you trading speed for security?",{"text":797,"config":798},"Get your security maturity score",{"href":799,"dataGaName":776,"dataGaLocation":257},"/assessments/security-modernization-assessment/",{"config":801},{"src":802},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"id":804,"paths":805,"header":808,"text":809,"button":810,"image":815},"github-azure-migration",[806,807],"migration-from-azure-devops-to-gitlab","integrating-azure-devops-scm-and-gitlab","Is your team ready for GitHub's Azure move?","GitHub is already rebuilding around Azure. Find out what it means for you.",{"text":811,"config":812},"See how GitLab compares to GitHub",{"href":813,"dataGaName":814,"dataGaLocation":257},"/compare/gitlab-vs-github/github-azure-migration/","github azure migration",{"config":816},{"src":790},{"header":818,"blurb":819,"button":820,"secondaryButton":825},"Start building faster today","See what your team can do with the intelligent orchestration platform for DevSecOps.\n",{"text":821,"config":822},"Get your free trial",{"href":823,"dataGaName":57,"dataGaLocation":824},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":523,"config":826},{"href":61,"dataGaName":62,"dataGaLocation":824},1777934920179]