From 8a9c8b6f63a7f4b5d5eb580ea1f062e35f26590b Mon Sep 17 00:00:00 2001 From: Steven Achilles Date: Tue, 22 Aug 2023 21:18:16 +0200 Subject: [PATCH 1/2] Upgrade GitLab CE to 16.3.0 --- Changelog.md | 6 +++ Dockerfile | 8 ++-- README.md | 54 ++++++++++++------------- VERSION | 2 +- contrib/docker-swarm/docker-compose.yml | 2 +- docker-compose.swarm.yml | 2 +- docker-compose.yml | 2 +- docs/container_registry.md | 10 ++--- docs/docker-compose-keycloak.yml | 2 +- docs/docker-compose-registry.yml | 2 +- kubernetes/gitlab-rc.yml | 2 +- 11 files changed, 49 insertions(+), 43 deletions(-) diff --git a/Changelog.md b/Changelog.md index 2edc2d8b..ddd5c565 100644 --- a/Changelog.md +++ b/Changelog.md @@ -2,6 +2,12 @@ This file only reflects the changes that are made in this image. Please refer to the upstream GitLab [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/CHANGELOG.md) for the list of changes in GitLab. +**16.3.0** + +- gitlab: upgrade CE to v16.3.0 +- gitaly: upgrade to v16.3.0 +- gitlab-pages: upgrade to v16.3.0 + **16.2.4** - gitlab: upgrade CE to v16.2.4 diff --git a/Dockerfile b/Dockerfile index 1d86a5d3..e565111d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,14 +1,14 @@ FROM ubuntu:focal-20230801 -ARG VERSION=16.2.4 +ARG VERSION=16.3.0 ENV GITLAB_VERSION=${VERSION} \ RUBY_VERSION=3.0.6 \ RUBY_SOURCE_SHA256SUM="6e6cbd490030d7910c0ff20edefab4294dfcd1046f0f8f47f78b597987ac683e" \ GOLANG_VERSION=1.21.0 \ - GITLAB_SHELL_VERSION=14.23.0 \ - GITLAB_PAGES_VERSION=16.2.4 \ - GITALY_SERVER_VERSION=16.2.4 \ + GITLAB_SHELL_VERSION=14.26.0 \ + GITLAB_PAGES_VERSION=16.3.0 \ + GITALY_SERVER_VERSION=16.3.0 \ GITLAB_USER="git" \ GITLAB_HOME="/home/git" \ GITLAB_LOG_DIR="/var/log/gitlab" \ diff --git a/README.md b/README.md index 7cf9e3e9..0182c51d 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# sameersbn/gitlab:16.2.4 +# sameersbn/gitlab:16.3.0 [![CircleCI](https://circleci.com/gh/sameersbn/docker-gitlab/tree/master.svg?style=svg)](https://circleci.com/gh/sameersbn/docker-gitlab/tree/master) @@ -125,7 +125,7 @@ Your docker host needs to have 1GB or more of available RAM to run GitLab. Pleas Automated builds of the image are available on [Dockerhub](https://hub.docker.com/r/sameersbn/gitlab) and is the recommended method of installation. ```bash -docker pull sameersbn/gitlab:16.2.4 +docker pull sameersbn/gitlab:16.3.0 ``` You can also pull the `latest` tag which is built from the repository *HEAD* @@ -194,7 +194,7 @@ docker run --name gitlab -d \ --env 'GITLAB_SECRETS_SECRET_KEY_BASE=long-and-random-alpha-numeric-string' \ --env 'GITLAB_SECRETS_OTP_KEY_BASE=long-and-random-alpha-numeric-string' \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` *Please refer to [Available Configuration Parameters](#available-configuration-parameters) to understand `GITLAB_PORT` and other configuration options* @@ -229,7 +229,7 @@ Volumes can be mounted in docker by specifying the `-v` option in the docker run ```bash docker run --name gitlab -d \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` ### Database @@ -287,7 +287,7 @@ docker run --name gitlab -d \ --env 'DB_NAME=gitlabhq_production' \ --env 'DB_USER=gitlab' --env 'DB_PASS=password' \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` ##### Linking to PostgreSQL Container @@ -331,7 +331,7 @@ We are now ready to start the GitLab application. ```bash docker run --name gitlab -d --link gitlab-postgresql:postgresql \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` Here the image will also automatically fetch the `DB_NAME`, `DB_USER` and `DB_PASS` variables from the postgresql container as they are specified in the `docker run` command for the postgresql container. This is made possible using the magic of docker links and works with the following images: @@ -370,7 +370,7 @@ The image can be configured to use an external redis server. The configuration s ```bash docker run --name gitlab -it --rm \ --env 'REDIS_HOST=192.168.1.100' --env 'REDIS_PORT=6379' \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` #### Linking to Redis Container @@ -397,7 +397,7 @@ We are now ready to start the GitLab application. ```bash docker run --name gitlab -d --link gitlab-redis:redisio \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` #### Mail @@ -410,7 +410,7 @@ If you are using Gmail then all you need to do is: docker run --name gitlab -d \ --env 'SMTP_USER=USER@gmail.com' --env 'SMTP_PASS=PASSWORD' \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` Please refer the [Available Configuration Parameters](#available-configuration-parameters) section for the list of SMTP parameters that can be specified. @@ -430,7 +430,7 @@ docker run --name gitlab -d \ --env 'IMAP_USER=USER@gmail.com' --env 'IMAP_PASS=PASSWORD' \ --env 'GITLAB_INCOMING_EMAIL_ADDRESS=USER+%{key}@gmail.com' \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` Please refer the [Available Configuration Parameters](#available-configuration-parameters) section for the list of IMAP parameters that can be specified. @@ -514,7 +514,7 @@ docker run --name gitlab -d \ --env 'GITLAB_SSH_PORT=10022' --env 'GITLAB_PORT=10443' \ --env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` In this configuration, any requests made over the plain http protocol will automatically be redirected to use the https protocol. However, this is not optimal when using a load balancer. @@ -530,7 +530,7 @@ docker run --name gitlab -d \ --env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \ --env 'NGINX_HSTS_MAXAGE=2592000' \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` If you want to completely disable HSTS set `NGINX_HSTS_ENABLED` to `false`. @@ -553,7 +553,7 @@ docker run --name gitlab -d \ --env 'GITLAB_SSH_PORT=10022' --env 'GITLAB_PORT=443' \ --env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` Again, drop the `--env 'SSL_SELF_SIGNED=true'` option if you are using CA certified SSL certificates. @@ -601,7 +601,7 @@ Let's assume we want to deploy our application to '/git'. GitLab needs to know t docker run --name gitlab -it --rm \ --env 'GITLAB_RELATIVE_URL_ROOT=/git' \ --volume /srv/docker/gitlab/gitlab:/home/git/data \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` GitLab will now be accessible at the `/git` path, e.g. `http://www.example.com/git`. @@ -783,14 +783,14 @@ Also the container processes seem to be executed as the host's user/group `1000` ```bash docker run --name gitlab -it --rm [options] \ --env "USERMAP_UID=$(id -u git)" --env "USERMAP_GID=$(id -g git)" \ - sameersbn/gitlab:16.2.4 + sameersbn/gitlab:16.3.0 ``` When changing this mapping, all files and directories in the mounted data volume `/home/git/data` have to be re-owned by the new ids. This can be achieved automatically using the following command: ```bash docker run --name gitlab -d [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:sanitize + sameersbn/gitlab:16.3.0 app:sanitize ``` #### Piwik @@ -2448,7 +2448,7 @@ Execute the rake task to create a backup. ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake gitlab:backup:create + sameersbn/gitlab:16.3.0 app:rake gitlab:backup:create ``` A backup will be created in the backups folder of the [Data Store](#data-store). You can change the location of the backups using the `GITLAB_BACKUP_DIR` configuration parameter. @@ -2483,14 +2483,14 @@ you need to prepare the database: ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake db:setup + sameersbn/gitlab:16.3.0 app:rake db:setup ``` Execute the rake task to restore a backup. Make sure you run the container in interactive mode `-it`. ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake gitlab:backup:restore + sameersbn/gitlab:16.3.0 app:rake gitlab:backup:restore ``` The list of all available backups will be displayed in reverse chronological order. Select the backup you want to restore and continue. @@ -2499,7 +2499,7 @@ To avoid user interaction in the restore operation, specify the timestamp, date ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake gitlab:backup:restore BACKUP=1515629493_2020_12_06_13.0.6 + sameersbn/gitlab:16.3.0 app:rake gitlab:backup:restore BACKUP=1515629493_2020_12_06_13.0.6 ``` When using `docker-compose` you may use the following command to execute the restore. @@ -2548,7 +2548,7 @@ The `app:rake` command allows you to run gitlab rake tasks. To run a rake task s ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake gitlab:env:info + sameersbn/gitlab:16.3.0 app:rake gitlab:env:info ``` You can also use `docker exec` to run raketasks on running gitlab instance. For example, @@ -2561,7 +2561,7 @@ Similarly, to import bare repositories into GitLab project instance ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake gitlab:import:repos + sameersbn/gitlab:16.3.0 app:rake gitlab:import:repos ``` Or @@ -2592,7 +2592,7 @@ Copy all the **bare** git repositories to the `repositories/` directory of the [ ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake gitlab:import:repos + sameersbn/gitlab:16.3.0 app:rake gitlab:import:repos ``` Watch the logs and your repositories should be available into your new gitlab container. @@ -2616,12 +2616,12 @@ To upgrade to newer gitlab releases, simply follow this 4 step upgrade procedure > **Note** > -> Upgrading to `sameersbn/gitlab:16.2.4` from `sameersbn/gitlab:7.x.x` can cause issues. It is therefore required that you first upgrade to `sameersbn/gitlab:8.0.5-1` before upgrading to `sameersbn/gitlab:8.1.0` or higher. +> Upgrading to `sameersbn/gitlab:16.3.0` from `sameersbn/gitlab:7.x.x` can cause issues. It is therefore required that you first upgrade to `sameersbn/gitlab:8.0.5-1` before upgrading to `sameersbn/gitlab:8.1.0` or higher. - **Step 1**: Update the docker image. ```bash -docker pull sameersbn/gitlab:16.2.4 +docker pull sameersbn/gitlab:16.3.0 ``` - **Step 2**: Stop and remove the currently running image @@ -2646,7 +2646,7 @@ Replace `x.x.x` with the version you are upgrading from. For example, if you are > **Note**: Since GitLab `8.11.0` you need to provide the `GITLAB_SECRETS_SECRET_KEY_BASE` and `GITLAB_SECRETS_OTP_KEY_BASE` parameters while starting the image. These should initially both have the same value as the contents of the `/home/git/data/.secret` file. See [Available Configuration Parameters](#available-configuration-parameters) for more information on these parameters. ```bash -docker run --name gitlab -d [OPTIONS] sameersbn/gitlab:16.2.4 +docker run --name gitlab -d [OPTIONS] sameersbn/gitlab:16.3.0 ``` ### Shell Access @@ -2684,7 +2684,7 @@ version: '2.3' services: gitlab: - image: sameersbn/gitlab:16.2.4 + image: sameersbn/gitlab:16.3.0 healthcheck: test: ["CMD", "/usr/local/sbin/healthcheck"] interval: 1m diff --git a/VERSION b/VERSION index 3ef1174b..d9a8a357 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -16.2.4 +16.3.0 diff --git a/contrib/docker-swarm/docker-compose.yml b/contrib/docker-swarm/docker-compose.yml index cd2dd3dc..b7d63ddf 100644 --- a/contrib/docker-swarm/docker-compose.yml +++ b/contrib/docker-swarm/docker-compose.yml @@ -22,7 +22,7 @@ services: gitlab: restart: always - image: sameersbn/gitlab:16.2.4 + image: sameersbn/gitlab:16.3.0 depends_on: - redis - postgresql diff --git a/docker-compose.swarm.yml b/docker-compose.swarm.yml index 34a27f1f..67cb4c81 100644 --- a/docker-compose.swarm.yml +++ b/docker-compose.swarm.yml @@ -63,7 +63,7 @@ services: - traefik-public gitlab: - image: sameersbn/gitlab:16.2.4 + image: sameersbn/gitlab:16.3.0 depends_on: - redis - postgresql diff --git a/docker-compose.yml b/docker-compose.yml index d722fba1..fcd81b1e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -22,7 +22,7 @@ services: gitlab: restart: always - image: sameersbn/gitlab:16.2.4 + image: sameersbn/gitlab:16.3.0 depends_on: - redis - postgresql diff --git a/docs/container_registry.md b/docs/container_registry.md index 3c4775ed..629cbbad 100644 --- a/docs/container_registry.md +++ b/docs/container_registry.md @@ -289,7 +289,7 @@ docker stop registry gitlab && docker rm registry gitlab Execute the rake task with a removeable container. ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake gitlab:backup:create + sameersbn/gitlab:16.3.0 app:rake gitlab:backup:create ``` ## Restoring Backups @@ -305,7 +305,7 @@ Execute the rake task to restore a backup. Make sure you run the container in in ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake gitlab:backup:restore + sameersbn/gitlab:16.3.0 app:rake gitlab:backup:restore ``` The list of all available backups will be displayed in reverse chronological order. Select the backup you want to restore and continue. @@ -314,7 +314,7 @@ To avoid user interaction in the restore operation, specify the timestamp of the ```bash docker run --name gitlab -it --rm [OPTIONS] \ - sameersbn/gitlab:16.2.4 app:rake gitlab:backup:restore BACKUP=1417624827 + sameersbn/gitlab:16.3.0 app:rake gitlab:backup:restore BACKUP=1417624827 ``` # Upgrading from an existing GitLab installation @@ -325,7 +325,7 @@ If you want enable this feature for an existing instance of GitLab you need to d - **Step 1**: Update the docker image. ```bash -docker pull sameersbn/gitlab:16.2.4 +docker pull sameersbn/gitlab:16.3.0 ``` - **Step 2**: Stop and remove the currently running image @@ -378,7 +378,7 @@ docker run --name gitlab -d [PREVIOUS_OPTIONS] \ --env 'GITLAB_REGISTRY_CERT_PATH=/certs/registry-auth.crt' \ --env 'GITLAB_REGISTRY_KEY_PATH=/certs/registry-auth.key' \ --link registry:registry -sameersbn/gitlab:16.2.4 +sameersbn/gitlab:16.3.0 ``` diff --git a/docs/docker-compose-keycloak.yml b/docs/docker-compose-keycloak.yml index ba63f53a..21ffe020 100644 --- a/docs/docker-compose-keycloak.yml +++ b/docs/docker-compose-keycloak.yml @@ -22,7 +22,7 @@ services: gitlab: restart: always - image: sameersbn/gitlab:16.2.4 + image: sameersbn/gitlab:16.3.0 depends_on: - redis - postgresql diff --git a/docs/docker-compose-registry.yml b/docs/docker-compose-registry.yml index f0e327dc..2477e4f4 100644 --- a/docs/docker-compose-registry.yml +++ b/docs/docker-compose-registry.yml @@ -22,7 +22,7 @@ services: gitlab: restart: always - image: sameersbn/gitlab:16.2.4 + image: sameersbn/gitlab:16.3.0 volumes: - gitlab-data:/home/git/data:Z - gitlab-logs:/var/log/gitlab diff --git a/kubernetes/gitlab-rc.yml b/kubernetes/gitlab-rc.yml index 8e9f130e..a9adae1f 100644 --- a/kubernetes/gitlab-rc.yml +++ b/kubernetes/gitlab-rc.yml @@ -14,7 +14,7 @@ spec: spec: containers: - name: gitlab - image: sameersbn/gitlab:16.2.4 + image: sameersbn/gitlab:16.3.0 env: - name: TZ value: Asia/Kolkata From c51770292e1aa8f72ea89fb03eade85fa8ee04ff Mon Sep 17 00:00:00 2001 From: Steven Achilles Date: Wed, 23 Aug 2023 17:49:33 +0200 Subject: [PATCH 2/2] Add temporary patch for lfs object URL --- ...condition-for-csr-policy-allow-lfs_v16.3.0.patch | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 assets/build/patches/0002-fix-condition-for-csr-policy-allow-lfs_v16.3.0.patch diff --git a/assets/build/patches/0002-fix-condition-for-csr-policy-allow-lfs_v16.3.0.patch b/assets/build/patches/0002-fix-condition-for-csr-policy-allow-lfs_v16.3.0.patch new file mode 100644 index 00000000..ef82ccff --- /dev/null +++ b/assets/build/patches/0002-fix-condition-for-csr-policy-allow-lfs_v16.3.0.patch @@ -0,0 +1,13 @@ +diff --git a/lib/gitlab/content_security_policy/config_loader.rb b/lib/gitlab/content_security_policy/config_loader.rb +index 9fb3c7d362f..d012c8b3b7b 100644 +--- a/lib/gitlab/content_security_policy/config_loader.rb ++++ b/lib/gitlab/content_security_policy/config_loader.rb +@@ -84,7 +84,7 @@ def allow_snowplow_micro(directives) + end + + def allow_lfs(directives) +- return unless Gitlab.config.lfs.enabled && LfsObjectUploader.direct_download_enabled? ++ return unless Gitlab.config.lfs.enabled && Gitlab.config.lfs.object_store.enabled && LfsObjectUploader.direct_download_enabled? + + lfs_url = build_lfs_url + return unless lfs_url.present?