IT Self Service

This IT Self Service handbook page provides all of our team members with a SSOT knowledge base directory of all the processes and solutions related to IT whether you’ve just started at GitLab or have been here awhile.

We have several teams at GitLab that focus on specific functions typically handled by an IT organization. Our Tech Stack applications have a wide range of System Owners across the organization that may not be managed day-to-day by the Information Technology department outside of a security and compliance function.

Our handbook is organized per function and result, so the goal of this page is to provide cross-links to other handbook pages and sections that have the answers you’re looking for, even if it’s on a different department’s handbook page. Please contribute any crosslinks if we missed anything.

Helpdesk

If you can’t find what you’re looking for in the handbook, please ask in the #it_help Slack channel. If you do not have access to Slack (rare), please email it-help@gitlab.com.

We have IT Analysts available 24x5 to assist or fix anything you need related to your laptop, applications you use, or credentials used to sign in. You can see all of the applications that we manage in the IT Tech Stack below. We escalate to IT Systems Engineers, IT Security, or other team members as needed.

Our team uses an on-call schedule so please ask in the Slack channel instead of contacting a team member via Slack DM directly.

Product Related: For general GitLab or product questions, ask in #questions. For performance, outage, or UI bugs or breaking changes with GitLab.com (SaaS), please ask in #is-this-known. You can check the #production channel for active incidents related to the GitLab.com service.

Security Related: If you have a broader question about security topics that is not blocking you from doing your work, feel free to ask in the #security channel where security team members can help answer.

Emergency Lost Device: If you lose any device that contains your credentials or GitLab data (laptop, phone, tablet, YubiKey, thumb drive, etc.), report it using /security in Slack to engage the SIRT on-call engineer. They will take immediate action to deactivate or wipe compromised devices and/or credentials. If you do not have Slack accessible, you can email panic@gitlab.com from your work email address or personal email address (that is on file in Workday).

Emergency Personal Situation: If you need emergency support from the GitLab People (HR) Team, please follow the handbook instructions.

How Can We Help?

There is a lot of information on this page. We’ve added emoji to help you get started.

• 🆕 If you are onboarding (new to GitLab), this is a helpful section for you to check out.
• 👀 Frequently asked questions

Team Assistance

• 🆕 Ask the Helpdesk
• 👀 Account Recovery (Password and 2FA/MFA Reset)
• Create a Security Incident
• IT Compliance Issues
• IT Engineering Issues
• IT Infrastructure Issues
• IT Security Issues

Self Service

• 🆕 👀 Access Requests
• Contractors and Vendors
• Hardware Orders and Expense Reimbursements
• 🆕 👀 Laptop Configuration Checklist
• Laptop Software Upgrades
• Mobile Devices
• 🆕 Onboarding Checklist
• Offboarding Checklist
• 🆕👀 Security Policies
• Tech Stack and User Guides
  • 🆕 👀 IT Tech Stack and User Guides
  • Data Team Tech Stack
  • Finance Tech Stack
  • 👀 Infrastructure Shared Services Tech Stack
  • Infrastructure Reliability Tech Stack
  • People Tech Stack
  • Sales Tech Stack
  • Security Tech Stack

Team Handbook Pages

See the Team Directory for a list of related teams and their handbook pages.

Access Requests

• 👀 Access Requests User Guide
• Baseline Access Entitlements User Guide

Account Recovery

• 1Password Recovery
• GitLab.com Password Reset
• GitLab.com 2FA Reset
• Google Password Reset
• Okta Password Reset
• Okta 2FA Reset

Contractors and Vendors

• Contractor Onboarding User Guide
• Contractor Onboarding Manager Guide
• Contractor Onboarding Runbook

Hardware Orders and Expense Reimbursements

All laptops should be purchased by IT unless you have been granted an exception.

• Laptop Order User Guide (New Hire)
• 👀 Laptop Replacement User Guide (Refresh)
• 👀 Laptop Order and Shipping Status Runbook
• 👀 Laptop Model Standards Policy
• Laptop Exceptions Policy
• 👀 Laptop Replacement and Refresh Policy
• Laptop Replacement and Refresh Runbook
• 👀 Laptop Decommission and Return Policy
• 👀 Laptop Troubleshooting User Guide
• Laptop Repairs and Warranty User Guide

You can purchase your own monitors, peripherals, and accessories based on the guidance in the expense reimbursement policy.

• 👀 Home Office Equipment and Supplies Reimbursement Policy (Monitors and Peripherals)

When you leave GitLab, home office equipment and supplies under $1,000 USD per item don’t need to get returned and are okay for you to keep. Any reimbursed expenses greater than $1,000 USD per item (or over) is classed as company property and you will be required to return the item(s).

In most cases, this means that you get to keep your monitor(s), keyboard, mouse, headphones, webcam, standing desk, etc. See the Laptop Decommission and Return Policy to learn more about your laptop.

Laptop Configuration

After you have finished configuring your laptop, please follow the Pre-Labbing Security Checklist to ensure that you have configured your machine with all of our security best practices.

These are listed in suggested installation order.

• Mac Getting Started Checklist
• Mac System Preferences and Security Settings
• Linux Getting Started Checklist
• Okta Authentication
• Google Mail (Gmail)
• Jamf Self Service
• Asset Management Acknowledgement
• 1Password
• Touch ID MFA
• YubiKey MFA
• Slack
• Google Chrome
• GitLab.com SaaS
• Zoom
• Visual Studio (VS) Code
• NordLayer VPN
• Google Calendar
• Google Docs
• Google Drive
• iTerm
• Homebrew Package Manager
• Okta Apps
• Pre-Labbing Security Checklist

Laptop Software Upgrades

• Laptop MacOS Upgrade User Guide
• Laptop Software Upgrade User Guide

Mobile Devices

• Mobile Device Application Policy
• Other Services and Devices Policy
• iPhone/iPad Apps Setup Guide
• iPhone 2FA/MFA Guide
• Android Apps Setup Guide
• Android 2FA/MFA Guide

Onboarding

• Onboarding Laptop Hardware Orders
• Onboarding IT Helpdesk Office Hours Zoom Call
• Laptop Configuration Checklist
• GitLab.com User Ultimate License for Team Members
• GitLab.com Group Ultimate License for Demos
• Pre-Labbing Security Checklist

Offboarding

• Pre-Checkout Offboarding Checklist
• Last Day Checklist
  • Laptop Wipe Runbook
• Post-Offboarding
  • Account Deprovisioning
  • GitLab.com Username Policy
  • GitLab.com Groups Policy
  • Manager Delegation Runbook
  • Offboarding Issue Tasks Runbook
  • Slack Alumni Channel Runbook

Security Policies

These policies are a cross-collaboration between the IT and Security department.

• Acceptable Use Policy
• Data Classification Standards - RED, ORANGE, YELLOW, GREEN
• Home WiFi Configuration Policy
• Laptop Asset Management Policy
• Laptop Disk Encryption Policy
• Laptop Monitoring Policy
• Laptop System Configuration Policy
  • macOS
  • Linux
• Mobile Device Application Policy
• Other Services and Devices Policy
• Password and MFA Policy
• Personal Access Token Policy
• Security Awareness Policy
• Security Phishing User Guide

Tech Stack

The Tech Stack is a list of all the technology that GitLab currently uses to support the business.

Historically, the Tech Stack was a YAML file with a list systems/applications/tools used by all departments and details the business purpose/description, the owners, the provisioners, the teams that access the tool and other details. This is still the SSOT for a directory of applications.

• Overview
• SSOT YAML
• Managing the Tech Stack
• Change Management
• IT Engineering Issues

As we continue to iterate, we are creating public handbook pages with user guides (below), internal handbook pages with admin guides, and link architecture and security documentation/issues/reviews from the admin guide.

IT Tech Stack

• 1Password User Guide - Password management and security best practices guide
• 1Password Shared Vault Guide - Accessing and managing vaults with shared credentials
• Apple iCloud User Guide - Apple identity and sync services
• Calendly User Guide - Calendar scheduling assistant
• Domain Names and DNS Records - Domain name purchases, transfers, and DNS records
• DriveStrike
• GitLab SaaS (gitlab.com) User Guide - Getting started with using GitLab.com for work
• GitLab SaaS (gitlab.com) Team Member User Management - User provisioning, password and 2FA resets, and internal user support
• GitLab SaaS (gitlab.com) Team Member Groups - Department, team and project group/project namespace management
• GitLab SaaS (gitlab.com) Team Member Licenses
  • Ultimate license for users
  • Ultimate license for demo groups
• GitLab Dev (dev.gitlab.org) User Guide - Development builds and OAUTH for legacy services
• GitLab Ops User Guide - Infrastructure-as-code configuration repositories
• Google Calendar User Guide - Calendar
• Google Chrome User Guide - Web browser
• Google Data Studio User Guide - Business intelligence reports
• Google Drive User Guide - File storage
• Google Mail (Gmail) User Guide - Email
• Google Groups and Email Lists Guide - Group member permissions and mailing lists
• Google Workspace User Guide - Google Services
• Jamf User Guide - Asset and endpoint management
• Loom User Guide - Video recording and sharing
• LucidChart User Guide - Diagram software
• MacOS User Guide - Operating System
• Nira User Guide - Google Drive permissions
• NordLayer User Guide - Public WiFi VPN
• Okta User Guide - Identity Management (IAM and SSO)
  • Okta Verify & Okta Device Trust (Internal)
• Okta Groups Guide - Identity Management
• Okta Apps SSO Integration Guide - Identity Management
• SentinelOne User Guide - Endpoint Detection and Response (EDR) Laptop Monitoring
• Slack User Guide - Chat collaboration
• Slack Channel Guide - Chat collaboration
• Slack Groups Guide - Chat collaboration
• Slack Guest (Contractor, Customer, Vendor) Guide - Chat collaboration
• Slack Integrations (Bots, Webhooks, etc) Guide - Chat collaboration
• Slack Workspace Guide - Chat collaboration
• Zoom User Guide - Video collaboration

Data Team Tech Stack

See the Data Team handbook page to learn more.

• GitLab Data Dashboard Catalog
• GitLab Data Platform
  • Airflow
  • Fivetran
  • SiSense (formerly Periscope)
  • Snowflake
  • Snowplow
  • Stitch

Finance Tech Stack

See the Finance Ops handbook page to learn more.

• Adaptive Planning
• Avalara
• CaptivateIQ
• Coupa
• DocuSign
• EdCast
• Expensify
• FloQast
• Mavenlink
• NetSuite
• Platypus (custom built)
• Stripe
• Tipalti
• TripActions
• Workiva
• Xactly
• Z-Revenue (RevPro)
• Zuora Billing

Infrastructure Shared Services Tech Stack

This is a cross-collaboration between IT Infrastructure, Reliability Engineering, and Infrastructure Security with audit and monitoring by Security Incident Response Team (SIRT).

• Amazon Web Services (AWS)
• Domain Names and DNS Records
• GitLab Demo Systems
• GitLab Sandbox Cloud (HackyStack) - AWS Accounts & GCP Projects
• Google Cloud Platform (GCP)
• Infrastructure Standards
• Teleport Console (SSH & Database Access)

Infrastructure Reliability Tech Stack

See the Engineering Infrastructure handbook page to learn more.

• Production Architecture
• Environments handbook pages
• Runbooks repository to learn more.
• config-mgmt (Source - Limited Access)
• config-mgmt (Internal Mirror)

People Tech Stack

See the People Group Engineering handbook page to learn more.

• Career Mobility
• Employment Issues
• Greenhouse - Applicant Tracking System (ATS)
• Offboarding Automation
• Onboarding Automation
• Slack Bot: People Connect - HR Help Desk Tickets
• 👀 Slack Bot: Discretionary Bonus Nominator - Discretionary bonus submission form
• Slack Bot: Time Off by Deel - Out of office management
• Other Slack Integrations
• Workday User Guide - Human Resources Information System (HRIS)

Sales Tech Stack

See the Sales and Field Operations handbook pages to learn more.

Security Tech Stack

See the Security Tools (internal) handbook page to learn more.

Team Directory

Business Technology

• Business Technology Data Team
• Business Technology Enterprise Applications Team
  • Business Systems Analysts “BSA” Team
  • Finance Operations
• Business Technology Procurement Team
• [Business Technology Program Management (PMO) Team]

IT Department

• IT Compliance and Security
• IT Engineering
• IT Helpdesk Analysts
• IT Infrastructure

Infrastructure Shared Services

• Infrastructure Security Team
• IT Infrastructure
• Reliability Engineering Team

People Team

• People Connect Helpdesk
• People Group
• People Tools and Technology
• People Group Engineering Issue Tracker

Security Department

• 👀 Departmental Structure
  • Security Assurance Sub-department
    • Field Security
    • Security Compliance
    • Security Governance
    • Security Risk
  • Security Engineering Sub-department
    • Application Security
    • Security Automation
  • Security Operations Sub-department
    • Security Incident Response Team “SIRT”
    • Trust and Safety
    • Infrastructure Security
    • Security Logging
  • Security Threat Management Sub-department
    • Red Team
    • Security Research

How To Contribute

Did we miss something? Did you find the answer on another handbook page? Please feel free to submit an MR or let one of the code owners for this page know.