Merge branch 'sameersbn:master' into omniauth-oidc

Author: molnarpe

.circleci/config.yml

@@ -269,12 +269,12 @@ jobs:
   release:
     executor:
       name: go/default
-      tag: '1.14'
+      tag: '1.22'
     steps:
       - checkout
       - run:
           name: Installing github-release tool
-          command: go get github.com/meterup/github-release
+          command: go install github.com/meterup/github-release@latest
       - run:
           name: Creating github release
           command: |

Changelog.md

@@ -2,6 +2,19 @@
 
 This file only reflects the changes that are made in this image. Please refer to the upstream GitLab [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/CHANGELOG.md) for the list of changes in GitLab.
 
+**17.1.1**
+
+- gitlab: upgrade CE to v17.1.1
+- gitaly: upgrade to v17.1.1
+- gitlab-pages: upgrade to v17.1.1
+
+**17.1.0**
+
+- gitlab: upgrade CE to v17.1.0
+- gitaly: upgrade to v17.1.0
+- gitlab-pages: upgrade to v17.1.0
+- gitlab-shell: upgrade to v14.36.0
+
 **17.0.2**
 
 - gitlab: upgrade CE to v17.0.2

Dockerfile

@@ -1,14 +1,15 @@
 FROM ubuntu:focal-20240530
 
-ARG VERSION=17.0.2
+ARG VERSION=17.1.1
 
 ENV GITLAB_VERSION=${VERSION} \
     RUBY_VERSION=3.2.4 \
     RUBY_SOURCE_SHA256SUM="c72b3c5c30482dca18b0f868c9075f3f47d8168eaf626d4e682ce5b59c858692" \
+    RUBYGEMS_VERSION=3.5.14 \
     GOLANG_VERSION=1.22.4 \
-    GITLAB_SHELL_VERSION=14.35.0 \
-    GITLAB_PAGES_VERSION=17.0.2 \
-    GITALY_SERVER_VERSION=17.0.2 \
+    GITLAB_SHELL_VERSION=14.36.0 \
+    GITLAB_PAGES_VERSION=17.1.1 \
+    GITALY_SERVER_VERSION=17.1.1 \
     GITLAB_USER="git" \
     GITLAB_HOME="/home/git" \
     GITLAB_LOG_DIR="/var/log/gitlab" \
@@ -36,8 +37,8 @@ RUN set -ex && \
  && echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu focal main" >> /etc/apt/sources.list \
  && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \
  && echo 'deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main' > /etc/apt/sources.list.d/pgdg.list \
- && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - \
- && echo 'deb https://deb.nodesource.com/node_18.x focal main' > /etc/apt/sources.list.d/nodesource.list \
+ && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | apt-key add - \
+ && echo 'deb https://deb.nodesource.com/node_20.x nodistro main' > /etc/apt/sources.list.d/nodesource.list \
  && wget --quiet -O - https://dl.yarnpkg.com/debian/pubkey.gpg  | apt-key add - \
  && echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list \
  && set -ex \

README.md

@@ -1,4 +1,4 @@
-# sameersbn/gitlab:17.0.2
+# sameersbn/gitlab:17.1.1
 
 [![CircleCI](https://circleci.com/gh/sameersbn/docker-gitlab/tree/master.svg?style=svg)](https://circleci.com/gh/sameersbn/docker-gitlab/tree/master)
 
@@ -127,7 +127,7 @@ Your docker host needs to have 1GB or more of available RAM to run GitLab. Pleas
 Automated builds of the image are available on [Dockerhub](https://hub.docker.com/r/sameersbn/gitlab) and is the recommended method of installation.
 
 ```bash
-docker pull sameersbn/gitlab:17.0.2
+docker pull sameersbn/gitlab:17.1.1
 ```
 
 You can also pull the `latest` tag which is built from the repository *HEAD*
@@ -198,7 +198,7 @@ docker run --name gitlab -d \
     --env 'GITLAB_SECRETS_OTP_KEY_BASE=long-and-random-alpha-numeric-string' \
     --env 'GITLAB_SECRETS_ENCRYPTED_SETTINGS_KEY_BASE=long-and-random-alpha-numeric-string' \
     --volume /srv/docker/gitlab/gitlab:/home/git/data \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 *Please refer to [Available Configuration Parameters](#available-configuration-parameters) to understand `GITLAB_PORT` and other configuration options*
@@ -233,7 +233,7 @@ Volumes can be mounted in docker by specifying the `-v` option in the docker run
 ```bash
 docker run --name gitlab -d \
     --volume /srv/docker/gitlab/gitlab:/home/git/data \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 ### Database
@@ -291,7 +291,7 @@ docker run --name gitlab -d \
     --env 'DB_NAME=gitlabhq_production' \
     --env 'DB_USER=gitlab' --env 'DB_PASS=password' \
     --volume /srv/docker/gitlab/gitlab:/home/git/data \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 ##### Linking to PostgreSQL Container
@@ -335,7 +335,7 @@ We are now ready to start the GitLab application.
 ```bash
 docker run --name gitlab -d --link gitlab-postgresql:postgresql \
     --volume /srv/docker/gitlab/gitlab:/home/git/data \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 Here the image will also automatically fetch the `DB_NAME`, `DB_USER` and `DB_PASS` variables from the postgresql container as they are specified in the `docker run` command for the postgresql container. This is made possible using the magic of docker links and works with the following images:
@@ -374,7 +374,7 @@ The image can be configured to use an external redis server. The configuration s
 ```bash
 docker run --name gitlab -it --rm \
     --env 'REDIS_HOST=192.168.1.100' --env 'REDIS_PORT=6379' \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 #### Linking to Redis Container
@@ -401,7 +401,7 @@ We are now ready to start the GitLab application.
 
 ```bash
 docker run --name gitlab -d --link gitlab-redis:redisio \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 #### Mail
@@ -414,7 +414,7 @@ If you are using Gmail then all you need to do is:
 docker run --name gitlab -d \
     --env '[email protected]' --env 'SMTP_PASS=PASSWORD' \
     --volume /srv/docker/gitlab/gitlab:/home/git/data \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 Please refer the [Available Configuration Parameters](#available-configuration-parameters) section for the list of SMTP parameters that can be specified.
@@ -434,7 +434,7 @@ docker run --name gitlab -d \
     --env '[email protected]' --env 'IMAP_PASS=PASSWORD' \
     --env 'GITLAB_INCOMING_EMAIL_ADDRESS=USER+%{key}@gmail.com' \
     --volume /srv/docker/gitlab/gitlab:/home/git/data \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 Please refer the [Available Configuration Parameters](#available-configuration-parameters) section for the list of IMAP parameters that can be specified.
@@ -518,7 +518,7 @@ docker run --name gitlab -d \
     --env 'GITLAB_SSH_PORT=10022' --env 'GITLAB_PORT=10443' \
     --env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \
     --volume /srv/docker/gitlab/gitlab:/home/git/data \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 In this configuration, any requests made over the plain http protocol will automatically be redirected to use the https protocol. However, this is not optimal when using a load balancer.
@@ -534,7 +534,7 @@ docker run --name gitlab -d \
  --env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \
  --env 'NGINX_HSTS_MAXAGE=2592000' \
  --volume /srv/docker/gitlab/gitlab:/home/git/data \
- sameersbn/gitlab:17.0.2
+ sameersbn/gitlab:17.1.1
 ```
 
 If you want to completely disable HSTS set `NGINX_HSTS_ENABLED` to `false`.
@@ -557,7 +557,7 @@ docker run --name gitlab -d \
     --env 'GITLAB_SSH_PORT=10022' --env 'GITLAB_PORT=443' \
     --env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \
     --volume /srv/docker/gitlab/gitlab:/home/git/data \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 Again, drop the `--env 'SSL_SELF_SIGNED=true'` option if you are using CA certified SSL certificates.
@@ -605,7 +605,7 @@ Let's assume we want to deploy our application to '/git'. GitLab needs to know t
 docker run --name gitlab -it --rm \
     --env 'GITLAB_RELATIVE_URL_ROOT=/git' \
     --volume /srv/docker/gitlab/gitlab:/home/git/data \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 GitLab will now be accessible at the `/git` path, e.g. `http://www.example.com/git`.
@@ -811,14 +811,14 @@ Also the container processes seem to be executed as the host's user/group `1000`
 ```bash
 docker run --name gitlab -it --rm [options] \
     --env "USERMAP_UID=$(id -u git)" --env "USERMAP_GID=$(id -g git)" \
-    sameersbn/gitlab:17.0.2
+    sameersbn/gitlab:17.1.1
 ```
 
 When changing this mapping, all files and directories in the mounted data volume `/home/git/data` have to be re-owned by the new ids. This can be achieved automatically using the following command:
 
 ```bash
 docker run --name gitlab -d [OPTIONS] \
-    sameersbn/gitlab:17.0.2 app:sanitize
+    sameersbn/gitlab:17.1.1 app:sanitize
 ```
 
 #### Piwik
@@ -833,10 +833,10 @@ These options should contain something like:
 
 In this section, we talk about feature flags that administrators can change the state (See <https://docs.gitlab.com/ee/administration/feature_flags.html>). If you are looking for documentation for "Feature flags" that configured on project deploy settings, see <https://docs.gitlab.com/ee/operations/feature_flags.html>
 
-GitLab adopted feature flags strategies to deploy features in an early stage of development so that they can be incrementally rolled out. GitLab administrators with access to the [Rails console](https://docs.gitlab.com/ee/administration/feature_flags.html#how-to-enable-and-disable-features-behind-flags) or the [Feature flags API](https://docs.gitlab.com/ee/api/features.html) can control them (note that `sameersbn/gitlab` is a container image that provides GitLab installations from the source).  
-You can see all feature flags in GitLab at corresponding version of documentation: <https://docs.gitlab.com/ee/user/feature_flags.html>  
+GitLab adopted feature flags strategies to deploy features in an early stage of development so that they can be incrementally rolled out. GitLab administrators with access to the [Rails console](https://docs.gitlab.com/ee/administration/feature_flags.html#how-to-enable-and-disable-features-behind-flags) or the [Feature flags API](https://docs.gitlab.com/ee/api/features.html) can control them (note that `sameersbn/gitlab` is a container image that provides GitLab installations from the source).
+You can see all feature flags in GitLab at corresponding version of documentation: <https://docs.gitlab.com/ee/user/feature_flags.html>
 
-For `sameersbn/gitlab`, you can control them via environment parameter [`GITLAB_FEATURE_FLAGS_DISABLE_TARGETS`](#gitlab_feature_flags_disable_targets) and [`GITLAB_FEATURE_FLAGS_ENABLE_TARGETS`](#gitlab_feature_flags_enable_targets) in addition to the above methods.  
+For `sameersbn/gitlab`, you can control them via environment parameter [`GITLAB_FEATURE_FLAGS_DISABLE_TARGETS`](#gitlab_feature_flags_disable_targets) and [`GITLAB_FEATURE_FLAGS_ENABLE_TARGETS`](#gitlab_feature_flags_enable_targets) in addition to the above methods.
 This image searches yml files in [`${GITLAB_INSTALL_DIR}/config/feature_flags`](https://gitlab.com/gitlab-org/gitlab-foss/-/tree/master/config/feature_flags) (typically `/home/git/gitlab/config/feature_flags/`) recursively and use the file list as a source of active feature flags.
 
 Here is a part of example `docker-compose.yml`:
@@ -850,7 +850,7 @@ services:
     - GITLAB_FEATURE_FLAGS_ENABLE_TARGETS=git_push_create_all_pipelines,build_service_proxy
 ````
 
-Once the container up, you can see following messages in container log like below.  
+Once the container up, you can see following messages in container log like below.
 
 ````sh
 ...
@@ -1699,9 +1699,9 @@ The value of the `report-uri` directive in the `Content-Security-Policy` header
 
 ##### `GITLAB_FEATURE_FLAGS_DISABLE_TARGETS`
 
-Comma separated list of feature flag names to be disabled. No whitespace is allowed.  
-You can see all feature flags in GitLab at corresponding version of documentation: <https://docs.gitlab.com/ee/user/feature_flags.html>  
-Feature flags name and its statement will be appear to container log. Note that some of the feature flags are implicitly enabled or disabled by GitLab itself, and are not appear to container log.  
+Comma separated list of feature flag names to be disabled. No whitespace is allowed.
+You can see all feature flags in GitLab at corresponding version of documentation: <https://docs.gitlab.com/ee/user/feature_flags.html>
+Feature flags name and its statement will be appear to container log. Note that some of the feature flags are implicitly enabled or disabled by GitLab itself, and are not appear to container log.
 No defaults.
 
 ##### `GITLAB_FEATURE_FLAGS_ENABLE_TARGETS`
@@ -2482,8 +2482,8 @@ Enable/disable rack middleware for blocking & throttling abusive requests Defaul
 
 ##### `RACK_ATTACK_WHITELIST`
 
-Always allow requests from whitelisted host.   
-This should be a valid yaml sequence of host address. Each host address string must be a valid IP address that can be passed to `IPAddr.new` of ruby. See [ruby-lang reference](https://docs.ruby-lang.org/en/3.0/IPAddr.html#method-c-new) for detail.  
+Always allow requests from whitelisted host.
+This should be a valid yaml sequence of host address. Each host address string must be a valid IP address that can be passed to `IPAddr.new` of ruby. See [ruby-lang reference](https://docs.ruby-lang.org/en/3.0/IPAddr.html#method-c-new) for detail.
 If you need to set multiple hosts, set this parameter like `["1.1.1.1","192.168.0.0/24"]` for example. In docker-compose.yml, you have to quote whole value like below:
 
 ````yaml
@@ -2561,7 +2561,7 @@ Execute the rake task to create a backup.
 
 ```bash
 docker run --name gitlab -it --rm [OPTIONS] \
-    sameersbn/gitlab:17.0.2 app:rake gitlab:backup:create
+    sameersbn/gitlab:17.1.1 app:rake gitlab:backup:create
 ```
 
 A backup will be created in the backups folder of the [Data Store](#data-store). You can change the location of the backups using the `GITLAB_BACKUP_DIR` configuration parameter.
@@ -2596,14 +2596,14 @@ you need to prepare the database:
 
 ```bash
 docker run --name gitlab -it --rm [OPTIONS] \
-    sameersbn/gitlab:17.0.2 app:rake db:setup
+    sameersbn/gitlab:17.1.1 app:rake db:setup
 ```
 
 Execute the rake task to restore a backup. Make sure you run the container in interactive mode `-it`.
 
 ```bash
 docker run --name gitlab -it --rm [OPTIONS] \
-    sameersbn/gitlab:17.0.2 app:rake gitlab:backup:restore
+    sameersbn/gitlab:17.1.1 app:rake gitlab:backup:restore
 ```
 
 The list of all available backups will be displayed in reverse chronological order. Select the backup you want to restore and continue.
@@ -2612,7 +2612,7 @@ To avoid user interaction in the restore operation, specify the timestamp, date
 
 ```bash
 docker run --name gitlab -it --rm [OPTIONS] \
-    sameersbn/gitlab:17.0.2 app:rake gitlab:backup:restore BACKUP=1515629493_2020_12_06_13.0.6
+    sameersbn/gitlab:17.1.1 app:rake gitlab:backup:restore BACKUP=1515629493_2020_12_06_13.0.6
 ```
 
 When using `docker-compose` you may use the following command to execute the restore.
@@ -2661,7 +2661,7 @@ The `app:rake` command allows you to run gitlab rake tasks. To run a rake task s
 
 ```bash
 docker run --name gitlab -it --rm [OPTIONS] \
-    sameersbn/gitlab:17.0.2 app:rake gitlab:env:info
+    sameersbn/gitlab:17.1.1 app:rake gitlab:env:info
 ```
 
 You can also use `docker exec` to run raketasks on running gitlab instance. For example,
@@ -2674,7 +2674,7 @@ Similarly, to import bare repositories into GitLab project instance
 
 ```bash
 docker run --name gitlab -it --rm [OPTIONS] \
-    sameersbn/gitlab:17.0.2 app:rake gitlab:import:repos
+    sameersbn/gitlab:17.1.1 app:rake gitlab:import:repos
 ```
 
 Or
@@ -2705,7 +2705,7 @@ Copy all the **bare** git repositories to the `repositories/` directory of the [
 
 ```bash
 docker run --name gitlab -it --rm [OPTIONS] \
-    sameersbn/gitlab:17.0.2 app:rake gitlab:import:repos
+    sameersbn/gitlab:17.1.1 app:rake gitlab:import:repos
 ```
 
 Watch the logs and your repositories should be available into your new gitlab container.
@@ -2729,12 +2729,12 @@ To upgrade to newer gitlab releases, simply follow this 4 step upgrade procedure
 
 > **Note**
 >
-> Upgrading to `sameersbn/gitlab:17.0.2` from `sameersbn/gitlab:7.x.x` can cause issues. It is therefore required that you first upgrade to `sameersbn/gitlab:8.0.5-1` before upgrading to `sameersbn/gitlab:8.1.0` or higher.
+> Upgrading to `sameersbn/gitlab:17.1.1` from `sameersbn/gitlab:7.x.x` can cause issues. It is therefore required that you first upgrade to `sameersbn/gitlab:8.0.5-1` before upgrading to `sameersbn/gitlab:8.1.0` or higher.
 
 - **Step 1**: Update the docker image.
 
 ```bash
-docker pull sameersbn/gitlab:17.0.2
+docker pull sameersbn/gitlab:17.1.1
 ```
 
 - **Step 2**: Stop and remove the currently running image
@@ -2760,7 +2760,7 @@ Replace `x.x.x` with the version you are upgrading from. For example, if you are
 > **Note**: Since Gitlab 13.7 you need to provide the `GITLAB_SECRETS_ENCRYPTED_SETTINGS_KEY_BASE` parameter while starting the image.  If not provided, the key will be generated by gitlab. So you can start the image without setting this parameter. But you will lose the key when you shutting down the container without taking a backup of `secrets.yml`.
 
 ```bash
-docker run --name gitlab -d [OPTIONS] sameersbn/gitlab:17.0.2
+docker run --name gitlab -d [OPTIONS] sameersbn/gitlab:17.1.1
 ```
 
 ### Shell Access
@@ -2798,7 +2798,7 @@ version: '2.3'
 
 services:
   gitlab:
-    image: sameersbn/gitlab:17.0.2
+    image: sameersbn/gitlab:17.1.1
     healthcheck:
       test: ["CMD", "/usr/local/sbin/healthcheck"]
       interval: 1m

VERSION

@@ -1 +1 @@
-17.0.2
+17.1.1

assets/build/install.sh

@@ -56,6 +56,9 @@ make -j"$(nproc)"
 make install
 cd "$PWD_ORG" && rm -rf /tmp/ruby
 
+# upgrade rubygems on demand
+gem update --no-document --system "${RUBYGEMS_VERSION}"
+
 # PaX-mark ruby
 # Applying the mark late here does make the build usable on PaX kernels, but
 # still the build itself must be executed on a non-PaX kernel. It's done here

contrib/docker-swarm/docker-compose.yml

@@ -22,7 +22,7 @@ services:
 
   gitlab:
     restart: always
-    image: sameersbn/gitlab:17.0.2
+    image: sameersbn/gitlab:17.1.1
     depends_on:
     - redis
     - postgresql

docker-compose.swarm.yml

@@ -63,7 +63,7 @@ services:
       - traefik-public
 
   gitlab:
-    image: sameersbn/gitlab:17.0.2
+    image: sameersbn/gitlab:17.1.1
     depends_on:
     - redis
     - postgresql

docker-compose.yml

@@ -22,7 +22,7 @@ services:
 
   gitlab:
     restart: always
-    image: sameersbn/gitlab:17.0.2
+    image: sameersbn/gitlab:17.1.1
     depends_on:
     - redis
     - postgresql