Docs: Update repo directory for update keys after expiration
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7510
Merged-by: Marcin Sedlak-Jakubowski <msedlakjakubowski@gitlab.com>
Approved-by: Axel von Bertoldi <avonbertoldi@gitlab.com>
Approved-by: Marcin Sedlak-Jakubowski <msedlakjakubowski@gitlab.com>
Reviewed-by: alexgit2k <utaker2k-git@yahoo.de>
Co-authored-by: fneill <fneill@gitlab.com>
Add documentation on what happens during gitlab-ctl reconfigure
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7213
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: João Alexandre Cunha <j.a.cunha@gmail.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Reviewed-by: João Alexandre Cunha <j.a.cunha@gmail.com>
Reviewed-by: Robert Marshall <rmarshall@gitlab.com>
Reviewed-by: Evan Read <eread@gitlab.com>
Co-authored-by: Balasankar "Balu" C <balasankar@gitlab.com>
Co-authored-by: Evan Read <eread@gitlab.com>
- Adds much more detail around the process that happens
when gitlab-ctl reconfigure executes.
- Adds notes to the recipes to clarify what happens in
the context of a reconfigure run.
Signed-off-by: Balasankar "Balu" C <balasankar@gitlab.com>
Use bundler to install Omnibus gems
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7362
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Reviewed-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Reviewed-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>
Instead of calling `gem install <x>` many times, let's define the
`Gemfile` and `Gemfile.lock` and run `bundle install`. This ensures
dependencies are pinned and don't quietly move with a new invocation
of `gem install`. There is also a side benefit to using `bundler`: we
can later use the newly-introduced feature to include and verify
checksums (https://github.com/rubygems/rubygems/pull/6374).
`bundler` generally installs everything in the expected gem directory
that is used by `ruby`, but for gems installed from a Git source,
`bundler` puts those gems in a special `bundler/gems` directory.
We don't use any gems from Git sources now--`gitlab-ruby-shadow`
is now used instead of `ruby-shadow`--there is no issue.
Also, note that if we want to ensure `gitlab-ctl` doesn't try to pull
in gems from GitLab Rails, we could invoke `bundler`, but this is a
slightly riskier change.
Relates to https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8368
Changelog: changed
Switch to Lychee for link checking
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7547
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Reviewed-by: Evan Read <eread@gitlab.com>
Co-authored-by: Evan Read <eread@gitlab.com>
Remove reliable from test runs
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7562
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Vishal Patel <vpatel@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Sofia Vistas <svistas@gitlab.com>
- Adds a command to re-apply SELinux file context rules based on the
current GitLab provided SELinux policy.
- Documents the existence of this new command.
- Moves semanage tests into SELinuxHelper rspec and extends coverage for
changes made to support the new command.
Related https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/7257
Closes https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/7452
Changelog: added
Signed-off-by: Robert Marshall <rmarshall@gitlab.com>
- Update aws_amis_and_marketplace_listings.md in the
documentation to use the `owner` instead of `ownerAlias`
key in the link to GitLab AWS Marketplace AMIs.
Add doc about scoped maintainership for Build
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7246
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Reviewed-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Reviewed-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Balasankar "Balu" C <balasankar@gitlab.com>
Correctly specify where CA store comes from
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7436
Merged-by: Andrew Patterson <apatterson@gitlab.com>
Approved-by: Andrew Patterson <apatterson@gitlab.com>
Approved-by: Ryan Egesdahl <regesdahl@gitlab.com>
Co-authored-by: syvb <me@iter.ca>
CAcert.org does not make a collection of trusted root CAs.
GitLab Omnibus uses Curl's version of Mozilla's trust store:
e20cbf834f/config/software/cacerts.rb (L35)
I think this error resulted from confusing the `cacert.pem` file (which is the name for any file that contains a collection of CAs), and the `CAcert.org` non-profit (which is a non-profit CA).
Signed-off-by: syvb <me@iter.ca>
Documents the implementation model when a new component requires its own
database and the requirements for each level of support that Omnibus
GitLab may provide.
- Describes the standard when an existing component is migrated to the
new implementation model.
- Outlines the way a new component with a separate database should be
added to Omnibus GitLab.
- Defines each level of support a component may have from Omnibus GitLab.
Closes https://gitlab.com/gitlab-org/distribution/team-tasks/-/issues/1349
Signed-off-by: Hossein Pursultani <hpursultani@gitlab.com>
Marcin Sedlak-Jakubowski
Fiona Neill
Evan Read
Michael Kozono
Robert Marshall
Balasankar 'Balu' C
Suzanne Selhorn
Stan Hu
Gregorius Marco
Lysanne Pinto
Jason Plum
Alexandr Tanayno
Manoj M J
Achilleas Pipinellis
Sofia Vistas
Asmaa Hassan
Brad Sevy
Ben Prescott_
Rutger Wessels
Clemens Beck
Ashraf Khamis
Julian Paul Dasmarinas
Tony Marsh
Marcel Amirault
Ash McKenzie
Amy Qualls
Dustin Collins
Andrew Patterson
syvb
James Reed
Hossein Pursultani
Nailia Iskhakova
Ben Bodenmiller