diff --git a/Dockerfile b/Dockerfile index c71c546f8f68a80a9f8fffa8c4ccbcec16a188bb..0ae8a550b16a9dd970d5f179969cbed7d065b4bd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ -ARG GITLAB_VERSION=v13.10.0-ubi8 +ARG GITLAB_VERSION=v13.10.3-ubi8 ARG BASE_REGISTRY=nexus-docker-secure.levelup-nexus.svc.cluster.local:18082 ARG BASE_IMAGE=gitlab/gitlab/gitlab-rails -ARG BASE_TAG=13.10.0 +ARG BASE_TAG=13.10.3 ARG RAILS_IMAGE=${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} @@ -12,6 +12,15 @@ ARG GITLAB_VERSION ARG GITLAB_USER=git ARG DNF_OPTS +LABEL source="https://gitlab.com/gitlab-org/build/CNG/-/tree/master/gitlab-task-runner" \ + name="GitLab Task Runner" \ + maintainer="GitLab Distribution Team" \ + vendor="GitLab" \ + version=${GITLAB_VERSION} \ + release=${GITLAB_VERSION} \ + summary="Task Runner is an entry point for interaction with other containers in the cluster." \ + description="Task Runner is an entry point for interaction with other containers in the cluster. It contains scripts for running Rake tasks, backup, restore, and tools to intract with object storage." + ADD gitlab-task-runner-ee.tar.gz / ADD gitlab-python.tar.gz / diff --git a/build-scripts/build.sh b/build-scripts/build.sh index bdc2efd6768af37a046bb9b0970c819a9322e112..ecaf687f8110c3f6b26c5d4d27f0a12ee7b8e9ee 100755 --- a/build-scripts/build.sh +++ b/build-scripts/build.sh @@ -4,7 +4,7 @@ set -euxo pipefail -TAG=${1:-13.10.0} +TAG=${1:-13.10.3} REPOSITORY=${2:-} DOCKER_OPTS=${DOCKER_OPTS:-""} diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index f6b12b2dfebc7016c1dd3dda7cd10e63e2144084..14b63d96ce0d25d32825ef9e60bbccca63cbad29 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -5,12 +5,12 @@ name: "gitlab/gitlab/gitlab-task-runner" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: - - "13.10.0" + - "13.10.3" - "latest" # Build args passed to Dockerfile ARGs args: BASE_IMAGE: "gitlab/gitlab/gitlab-rails" - BASE_TAG: "13.10.0" + BASE_TAG: "13.10.3" # Docker image labels labels: org.opencontainers.image.title: "Gitlab Task Runner" @@ -22,7 +22,7 @@ labels: org.opencontainers.image.url: "https://about.gitlab.com/" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "Gitlab" - org.opencontainers.image.version: "13.10.0" + org.opencontainers.image.version: "13.10.3" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "gitlab, git, gitops" ## This value can be "opensource" or "commercial" @@ -43,13 +43,13 @@ maintainers: username: "alfontaine" email: "alan.fontaine@centauricorp.com" resources: - - url: "https://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.10.0-ubi8/gitlab-task-runner-ee.tar.gz" + - url: "https://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.10.3-ubi8/gitlab-task-runner-ee.tar.gz" filename: "gitlab-task-runner-ee.tar.gz" validation: type: "sha256" - value: "7324b972fa0c7a47dd6647ee161ded8cb6d8d9872a84244447eb9421306a7acd" - - url: "https://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.10.0-ubi8/gitlab-python.tar.gz" + value: "8dda22421e7617f76a2d3e1e3315aecde837dac7b8d987203c2eb0ceeae4077b" + - url: "https://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.10.3-ubi8/gitlab-python.tar.gz" filename: "gitlab-python.tar.gz" validation: type: "sha256" - value: "3e24e604dc632bd8ce5af666dfb2ff0b82615cc43a213cfd70d8b47700121ff9" + value: "cc08b0efbcd78877f7ed57607fdc46674871bdb94c3ec98329356fb5aafea5ba" diff --git a/scripts/lib/object_storage_backup.rb b/scripts/lib/object_storage_backup.rb index 67a78a45ecc968d929d6c7a2fe2050020b9cd21c..310393f9f3045775d870ae5db6e0323485cc1a43 100644 --- a/scripts/lib/object_storage_backup.rb +++ b/scripts/lib/object_storage_backup.rb @@ -20,7 +20,8 @@ class ObjectStorageBackup def backup if @backend == "s3" - check_bucket_cmd = %W(s3cmd ls s3://#{@remote_bucket_name}) + # Check bucket existence by listing, limit 1 to optimize + check_bucket_cmd = %W(s3cmd --limit=1 ls s3://#{@remote_bucket_name}) cmd = %W(s3cmd --stop-on-error --delete-removed sync s3://#{@remote_bucket_name}/ /srv/gitlab/tmp/#{@name}/) elsif @backend == "gcs" check_bucket_cmd = %W(gsutil ls gs://#{@remote_bucket_name})