forked from sameersbn/docker-gitlab
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This version contain several security fixes for several persistent Cross-site Scripting (XSS) vulnerabilities, and fixes for several information disclosure vulnerabilities. https://about.gitlab.com/2017/05/08/gitlab-9-dot-1-dot-3-security-release/
- Loading branch information
Even Holthe
committed
May 9, 2017
1 parent
298fa35
commit 6514374
Showing
7 changed files
with
41 additions
and
38 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
FROM sameersbn/ubuntu:14.04.20170503 | ||
MAINTAINER [email protected] | ||
|
||
ENV GITLAB_VERSION=9.1.2 \ | ||
ENV GITLAB_VERSION=9.1.3 \ | ||
RUBY_VERSION=2.3 \ | ||
GOLANG_VERSION=1.6.3 \ | ||
GITLAB_SHELL_VERSION=5.0.2 \ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
[![Docker Repository on Quay.io](https://quay.io/repository/sameersbn/gitlab/status "Docker Repository on Quay.io")](https://quay.io/repository/sameersbn/gitlab) | ||
[![](https://images.microbadger.com/badges/image/sameersbn/gitlab.svg)](http://microbadger.com/images/sameersbn/gitlab "Get your own image badge on microbadger.com") | ||
|
||
# sameersbn/gitlab:9.1.2 | ||
# sameersbn/gitlab:9.1.3 | ||
|
||
- [Introduction](#introduction) | ||
- [Changelog](Changelog.md) | ||
|
@@ -126,7 +126,7 @@ Automated builds of the image are available on [Dockerhub](https://hub.docker.co | |
> **Note**: Builds are also available on [Quay.io](https://quay.io/repository/sameersbn/gitlab) | ||
```bash | ||
docker pull sameersbn/gitlab:9.1.2 | ||
docker pull sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
You can also pull the `latest` tag which is built from the repository *HEAD* | ||
|
@@ -195,7 +195,7 @@ docker run --name gitlab -d \ | |
--env 'GITLAB_SECRETS_SECRET_KEY_BASE=long-and-random-alpha-numeric-string' \ | ||
--env 'GITLAB_SECRETS_OTP_KEY_BASE=long-and-random-alpha-numeric-string' \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
*Please refer to [Available Configuration Parameters](#available-configuration-parameters) to understand `GITLAB_PORT` and other configuration options* | ||
|
@@ -230,7 +230,7 @@ Volumes can be mounted in docker by specifying the `-v` option in the docker run | |
```bash | ||
docker run --name gitlab -d \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
## Database | ||
|
@@ -263,7 +263,7 @@ docker run --name gitlab -d \ | |
--env 'DB_NAME=gitlabhq_production' \ | ||
--env 'DB_USER=gitlab' --env 'DB_PASS=password' \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
#### Linking to PostgreSQL Container | ||
|
@@ -307,7 +307,7 @@ We are now ready to start the GitLab application. | |
```bash | ||
docker run --name gitlab -d --link gitlab-postgresql:postgresql \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
Here the image will also automatically fetch the `DB_NAME`, `DB_USER` and `DB_PASS` variables from the postgresql container as they are specified in the `docker run` command for the postgresql container. This is made possible using the magic of docker links and works with the following images: | ||
|
@@ -361,7 +361,7 @@ docker run --name gitlab -d \ | |
--env 'DB_NAME=gitlabhq_production' \ | ||
--env 'DB_USER=gitlab' --env 'DB_PASS=password' \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
#### Linking to MySQL Container | ||
|
@@ -404,7 +404,7 @@ We are now ready to start the GitLab application. | |
```bash | ||
docker run --name gitlab -d --link gitlab-mysql:mysql \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
Here the image will also automatically fetch the `DB_NAME`, `DB_USER` and `DB_PASS` variables from the mysql container as they are specified in the `docker run` command for the mysql container. This is made possible using the magic of docker links and works with the following images: | ||
|
@@ -431,7 +431,7 @@ The image can be configured to use an external redis server. The configuration s | |
```bash | ||
docker run --name gitlab -it --rm \ | ||
--env 'REDIS_HOST=192.168.1.100' --env 'REDIS_PORT=6379' \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
### Linking to Redis Container | ||
|
@@ -458,7 +458,7 @@ We are now ready to start the GitLab application. | |
|
||
```bash | ||
docker run --name gitlab -d --link gitlab-redis:redisio \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
|
@@ -471,7 +471,7 @@ If you are using Gmail then all you need to do is: | |
docker run --name gitlab -d \ | ||
--env '[email protected]' --env 'SMTP_PASS=PASSWORD' \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
Please refer the [Available Configuration Parameters](#available-configuration-parameters) section for the list of SMTP parameters that can be specified. | ||
|
@@ -491,7 +491,7 @@ docker run --name gitlab -d \ | |
--env '[email protected]' --env 'IMAP_PASS=PASSWORD' \ | ||
--env 'GITLAB_INCOMING_EMAIL_ADDRESS=USER+%{key}@gmail.com' \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
Please refer the [Available Configuration Parameters](#available-configuration-parameters) section for the list of IMAP parameters that can be specified. | ||
|
@@ -568,7 +568,7 @@ docker run --name gitlab -d \ | |
--env 'GITLAB_SSH_PORT=10022' --env 'GITLAB_PORT=10443' \ | ||
--env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
In this configuration, any requests made over the plain http protocol will automatically be redirected to use the https protocol. However, this is not optimal when using a load balancer. | ||
|
@@ -584,7 +584,7 @@ docker run --name gitlab -d \ | |
--env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \ | ||
--env 'NGINX_HSTS_MAXAGE=2592000' \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
If you want to completely disable HSTS set `NGINX_HSTS_ENABLED` to `false`. | ||
|
@@ -607,7 +607,7 @@ docker run --name gitlab -d \ | |
--env 'GITLAB_SSH_PORT=10022' --env 'GITLAB_PORT=443' \ | ||
--env 'GITLAB_HTTPS=true' --env 'SSL_SELF_SIGNED=true' \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
Again, drop the `--env 'SSL_SELF_SIGNED=true'` option if you are using CA certified SSL certificates. | ||
|
@@ -655,7 +655,7 @@ Let's assume we want to deploy our application to '/git'. GitLab needs to know t | |
docker run --name gitlab -it --rm \ | ||
--env 'GITLAB_RELATIVE_URL_ROOT=/git' \ | ||
--volume /srv/docker/gitlab/gitlab:/home/git/data \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
GitLab will now be accessible at the `/git` path, e.g. `http://www.example.com/git`. | ||
|
@@ -783,14 +783,14 @@ Also the container processes seem to be executed as the host's user/group `1000` | |
```bash | ||
docker run --name gitlab -it --rm [options] \ | ||
--env "USERMAP_UID=$(id -u git)" --env "USERMAP_GID=$(id -g git)" \ | ||
sameersbn/gitlab:9.1.2 | ||
sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
When changing this mapping, all files and directories in the mounted data volume `/home/git/data` have to be re-owned by the new ids. This can be achieved automatically using the following command: | ||
|
||
```bash | ||
docker run --name gitlab -d [OPTIONS] \ | ||
sameersbn/gitlab:9.1.2 app:sanitize | ||
sameersbn/gitlab:9.1.3 app:sanitize | ||
``` | ||
|
||
### Piwik | ||
|
@@ -1042,7 +1042,7 @@ Execute the rake task to create a backup. | |
|
||
```bash | ||
docker run --name gitlab -it --rm [OPTIONS] \ | ||
sameersbn/gitlab:9.1.2 app:rake gitlab:backup:create | ||
sameersbn/gitlab:9.1.3 app:rake gitlab:backup:create | ||
``` | ||
|
||
A backup will be created in the backups folder of the [Data Store](#data-store). You can change the location of the backups using the `GITLAB_BACKUP_DIR` configuration parameter. | ||
|
@@ -1070,14 +1070,14 @@ you need to prepare the database: | |
|
||
```bash | ||
docker run --name gitlab -it --rm [OPTIONS] \ | ||
sameersbn/gitlab:9.1.2 app:rake db:setup | ||
sameersbn/gitlab:9.1.3 app:rake db:setup | ||
``` | ||
|
||
Execute the rake task to restore a backup. Make sure you run the container in interactive mode `-it`. | ||
|
||
```bash | ||
docker run --name gitlab -it --rm [OPTIONS] \ | ||
sameersbn/gitlab:9.1.2 app:rake gitlab:backup:restore | ||
sameersbn/gitlab:9.1.3 app:rake gitlab:backup:restore | ||
``` | ||
|
||
The list of all available backups will be displayed in reverse chronological order. Select the backup you want to restore and continue. | ||
|
@@ -1086,7 +1086,7 @@ To avoid user interaction in the restore operation, specify the timestamp of the | |
|
||
```bash | ||
docker run --name gitlab -it --rm [OPTIONS] \ | ||
sameersbn/gitlab:9.1.2 app:rake gitlab:backup:restore BACKUP=1417624827 | ||
sameersbn/gitlab:9.1.3 app:rake gitlab:backup:restore BACKUP=1417624827 | ||
``` | ||
|
||
When using `docker-compose` you may use the following command to execute the restore. | ||
|
@@ -1135,7 +1135,7 @@ The `app:rake` command allows you to run gitlab rake tasks. To run a rake task s | |
|
||
```bash | ||
docker run --name gitlab -it --rm [OPTIONS] \ | ||
sameersbn/gitlab:9.1.2 app:rake gitlab:env:info | ||
sameersbn/gitlab:9.1.3 app:rake gitlab:env:info | ||
``` | ||
|
||
You can also use `docker exec` to run raketasks on running gitlab instance. For example, | ||
|
@@ -1148,7 +1148,7 @@ Similarly, to import bare repositories into GitLab project instance | |
|
||
```bash | ||
docker run --name gitlab -it --rm [OPTIONS] \ | ||
sameersbn/gitlab:9.1.2 app:rake gitlab:import:repos | ||
sameersbn/gitlab:9.1.3 app:rake gitlab:import:repos | ||
``` | ||
|
||
Or | ||
|
@@ -1179,7 +1179,7 @@ Copy all the **bare** git repositories to the `repositories/` directory of the [ | |
|
||
```bash | ||
docker run --name gitlab -it --rm [OPTIONS] \ | ||
sameersbn/gitlab:9.1.2 app:rake gitlab:import:repos | ||
sameersbn/gitlab:9.1.3 app:rake gitlab:import:repos | ||
``` | ||
|
||
Watch the logs and your repositories should be available into your new gitlab container. | ||
|
@@ -1201,12 +1201,12 @@ To upgrade to newer gitlab releases, simply follow this 4 step upgrade procedure | |
|
||
> **Note** | ||
> | ||
> Upgrading to `sameersbn/gitlab:9.1.2` from `sameersbn/gitlab:7.x.x` can cause issues. It is therefore required that you first upgrade to `sameersbn/gitlab:8.0.5-1` before upgrading to `sameersbn/gitlab:8.1.0` or higher. | ||
> Upgrading to `sameersbn/gitlab:9.1.3` from `sameersbn/gitlab:7.x.x` can cause issues. It is therefore required that you first upgrade to `sameersbn/gitlab:8.0.5-1` before upgrading to `sameersbn/gitlab:8.1.0` or higher. | ||
- **Step 1**: Update the docker image. | ||
|
||
```bash | ||
docker pull sameersbn/gitlab:9.1.2 | ||
docker pull sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
- **Step 2**: Stop and remove the currently running image | ||
|
@@ -1232,7 +1232,7 @@ Replace `x.x.x` with the version you are upgrading from. For example, if you are | |
> **Note**: Since GitLab `8.11.0` you need to provide the `GITLAB_SECRETS_SECRET_KEY_BASE` and `GITLAB_SECRETS_OTP_KEY_BASE` parameters while starting the image. These should initially both have the same value as the contents of the `/home/git/data/.secret` file. See [Available Configuration Parameters](#available-configuration-parameters) for more information on these parameters. | ||
```bash | ||
docker run --name gitlab -d [OPTIONS] sameersbn/gitlab:9.1.2 | ||
docker run --name gitlab -d [OPTIONS] sameersbn/gitlab:9.1.3 | ||
``` | ||
|
||
## Shell Access | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
9.1.2 | ||
9.1.3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters