diff --git a/Dockerfile b/Dockerfile index 2cdd640094ff50d51680ccd9fbc1bf0980d7328d..e5691c04bf9d287e26de0f952cd6e6370234d05f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ -ARG GITLAB_VERSION=v13.10.3-ubi8 +ARG GITLAB_VERSION=v13.11.0-ubi8 ARG BASE_REGISTRY=nexus-docker-secure.levelup-nexus.svc.cluster.local:18082 ARG BASE_IMAGE=gitlab/gitlab/gitlab-rails -ARG BASE_TAG=13.10.3 +ARG BASE_TAG=13.11.0 ARG RAILS_IMAGE=${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} diff --git a/build-scripts/build.sh b/build-scripts/build.sh index ecaf687f8110c3f6b26c5d4d27f0a12ee7b8e9ee..f95f38ddcb53789aef7ffa974c6a0627f2a62acf 100755 --- a/build-scripts/build.sh +++ b/build-scripts/build.sh @@ -4,7 +4,7 @@ set -euxo pipefail -TAG=${1:-13.10.3} +TAG=${1:-13.11.0} REPOSITORY=${2:-} DOCKER_OPTS=${DOCKER_OPTS:-""} diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 14b63d96ce0d25d32825ef9e60bbccca63cbad29..0e0175fc8d96ad7e8cc5f814c09212591888cc54 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -5,12 +5,12 @@ name: "gitlab/gitlab/gitlab-task-runner" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: - - "13.10.3" + - "13.11.0" - "latest" # Build args passed to Dockerfile ARGs args: BASE_IMAGE: "gitlab/gitlab/gitlab-rails" - BASE_TAG: "13.10.3" + BASE_TAG: "13.11.0" # Docker image labels labels: org.opencontainers.image.title: "Gitlab Task Runner" @@ -22,7 +22,7 @@ labels: org.opencontainers.image.url: "https://about.gitlab.com/" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "Gitlab" - org.opencontainers.image.version: "13.10.3" + org.opencontainers.image.version: "13.11.0" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "gitlab, git, gitops" ## This value can be "opensource" or "commercial" @@ -43,13 +43,13 @@ maintainers: username: "alfontaine" email: "alan.fontaine@centauricorp.com" resources: - - url: "https://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.10.3-ubi8/gitlab-task-runner-ee.tar.gz" + - url: "https://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.11.0-ubi8/gitlab-task-runner-ee.tar.gz" filename: "gitlab-task-runner-ee.tar.gz" validation: type: "sha256" - value: "8dda22421e7617f76a2d3e1e3315aecde837dac7b8d987203c2eb0ceeae4077b" - - url: "https://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.10.3-ubi8/gitlab-python.tar.gz" + value: "1675626bfd787e36e51f9410806ae663d062f3edc2311982553d7d81120a9d60" + - url: "https://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.11.0-ubi8/gitlab-python.tar.gz" filename: "gitlab-python.tar.gz" validation: type: "sha256" - value: "cc08b0efbcd78877f7ed57607fdc46674871bdb94c3ec98329356fb5aafea5ba" + value: "0ff636e520a5853c14e87e20872ea86f6714bb991730a2fec8255e2f8caa3441" diff --git a/openshift.metadata b/openshift.metadata new file mode 100644 index 0000000000000000000000000000000000000000..e803848b9a99c5200deac3737b9397e52fbaef31 --- /dev/null +++ b/openshift.metadata @@ -0,0 +1,7 @@ +io.openshift.tags=gitlab-task-runner +io.openshift.wants=gitlab-webservice +io.k8s.description=Container with tools to diagnose GitLab application +issues. +io.openshift.non-scalable=false +io.openshift-min-memory=350Mi +io.openshift.min-cpu=50m diff --git a/scripts/bin/backup-utility b/scripts/bin/backup-utility index bb53eb8cdb4a2f485793691a8ab0c2f7b9e15273..393da4d809167e2d64868dcef5b27c91b1e901cc 100755 --- a/scripts/bin/backup-utility +++ b/scripts/bin/backup-utility @@ -4,6 +4,7 @@ set -e ACTION="backup" export BACKUP_BUCKET_NAME=${BACKUP_BUCKET_NAME-gitlab-backups} export BACKUP_BACKEND=${BACKUP_BACKEND-s3} +S3_CMD_BACKUP_OPTION="" rails_dir=/srv/gitlab backups_path=$rails_dir/tmp/backups @@ -16,7 +17,7 @@ function usage() { cat << HEREDOC - Usage: backup-utility [--restore] [-f URL] [-t TIMESTAMP] [--skip COMPONENT] [--backend BACKEND] + Usage: backup-utility [--restore] [-f URL] [-t TIMESTAMP] [--skip COMPONENT] [--backend BACKEND] [--s3config CONFIG] Options: -h, --help Show this help message and exit. @@ -31,6 +32,8 @@ function usage() db, repositories, and any of the object storages (e.g. 'lfs'). --backend BACKEND Object storage backend to use for backups. Can be either 's3' or 'gcs'. + --s3config CONFIG S3 backend configuration to use for backups storage. + Special config file for s3cmd (see: https://s3tools.org/usage) --storage-class CLASSNAME Pass this storage class to the gcs or s3cmd for more cost-efficient storage of backups. HEREDOC @@ -53,7 +56,7 @@ function fetch_remote_backup(){ else # It's a timestamp file_name="$1_gitlab_backup.tar" if [ "${BACKUP_BACKEND}" = "s3" ]; then - s3cmd get "s3://$BACKUP_BUCKET_NAME/$file_name" $output_path > /dev/null + s3cmd ${S3_CMD_BACKUP_OPTION} get "s3://$BACKUP_BUCKET_NAME/$file_name" $output_path > /dev/null elif [ "${BACKUP_BACKEND}" = "gcs" ]; then gsutil cp "gs://$BACKUP_BUCKET_NAME/$file_name" $output_path > /dev/null else @@ -151,9 +154,9 @@ function backup(){ pack_backup $backup_name if [ "${BACKUP_BACKEND}" = "s3" ]; then if [ -z "${STORAGE_CLASS}" ]; then - s3cmd put ${backup_tars_path}/${backup_name}.tar s3://$BACKUP_BUCKET_NAME > /dev/null + s3cmd ${S3_CMD_BACKUP_OPTION} put ${backup_tars_path}/${backup_name}.tar s3://$BACKUP_BUCKET_NAME > /dev/null else - s3cmd put --storage-class "${STORAGE_CLASS}" ${backup_tars_path}/${backup_name}.tar s3://$BACKUP_BUCKET_NAME > /dev/null + s3cmd ${S3_CMD_BACKUP_OPTION} put --storage-class "${STORAGE_CLASS}" ${backup_tars_path}/${backup_name}.tar s3://$BACKUP_BUCKET_NAME > /dev/null fi echo "[DONE] Backup can be found at s3://$BACKUP_BUCKET_NAME/${backup_name}.tar" elif [ "${BACKUP_BACKEND}" = "gcs" ]; then @@ -247,6 +250,15 @@ do shift shift ;; + --s3config) + if [ ! -f $2 ]; then + echo "s3cmd file specified does not exist"; + exit 1; + fi + export S3_CMD_BACKUP_OPTION="--config=$2 " + shift + shift + ;; --restore) ACTION="restore" shift