Remove Grafana attribute and deprecation messages
Closes#8200
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7603
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Clemens Beck <cbeck@gitlab.com>
Approved-by: Andrew Patterson <apatterson@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Robert Marshall <rmarshall@gitlab.com>
- Grafana was removed in GitLab 16.3. This removes the deprecation
messages and the attribute that was left behind to enable those
messages to fire without error.
Closes https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8200
Changelog: removed
Use progress message on newer PG version check
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7596
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: João Alexandre Cunha <j.a.cunha@gmail.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Robert Marshall <rmarshall@gitlab.com>
- Ensure legacy redis sentinel master configuration for rails
gets parsed and loaded into resque with the new redis helper.
Closes https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8540
Signed-off-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Skip Gitaly storages uniqueness check if Gitaly is not enabled
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7600
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Igor <iwiedler@gitlab.com>
Approved-by: Toon Claes <toon@gitlab.com>
Approved-by: Alessio Caiazza <acaiazza@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Balasankar 'Balu' C <balasankar@gitlab.com>
- If a node has legacy `git-data` storages configured but no
longer runs the gitaly service, skip the unique storage path
validation check.
Signed-off-by: Balasankar 'Balu' C <balasankar@gitlab.com>
redis: Fix password auth with UNIX domain sockets
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7573
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Ian Baum <ibaum@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Reviewed-by: Gabriel Mazetto <gabriel@gitlab.com>
Reviewed-by: Ian Baum <ibaum@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>
Prevent Gitaly storages from using the same path
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7564
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Gabriel Mazetto <gabriel@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Reviewed-by: Gabriel Mazetto <gabriel@gitlab.com>
Reviewed-by: Will Chandler <wchandler@gitlab.com>
Reviewed-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Will Chandler <wchandler@gitlab.com>
Gitaly is making a breaking change with v17.0 to prevent multiple
storages from sharing the same local path. This is being done as part of
the work to add a write-ahead log to Gitaly, see
https://gitlab.com/gitlab-org/gitaly/-/issues/5598 for further details.
Validate that Gitaly's config does not have more than one storage using
the same path, dereferencing any symlinks.
Changelog: changed
Add documentation on what happens during gitlab-ctl reconfigure
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7213
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: João Alexandre Cunha <j.a.cunha@gmail.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Reviewed-by: João Alexandre Cunha <j.a.cunha@gmail.com>
Reviewed-by: Robert Marshall <rmarshall@gitlab.com>
Reviewed-by: Evan Read <eread@gitlab.com>
Co-authored-by: Balasankar "Balu" C <balasankar@gitlab.com>
Co-authored-by: Evan Read <eread@gitlab.com>
- Adds much more detail around the process that happens
when gitlab-ctl reconfigure executes.
- Adds notes to the recipes to clarify what happens in
the context of a reconfigure run.
Signed-off-by: Balasankar "Balu" C <balasankar@gitlab.com>
Enforce upgrade stop at 16.11
Closes#8518
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7575
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: João Alexandre Cunha <j.a.cunha@gmail.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Clemens Beck <cbeck@gitlab.com>
Remove PostgreSQL 13
Closes#8341
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7546
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Ryan Egesdahl <regesdahl@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Reviewed-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Reviewed-by: Ryan Egesdahl <regesdahl@gitlab.com>
Co-authored-by: Clemens Beck <cbeck@gitlab.com>
Previously if a Redis instance listened on a UNIX socket but a
password were set, GitLab Rails would not be able to authenticate.
This occurred because the UNIX URL doesn't contain a password.
Both Ruby and Go Redis clients support URLs in the form:
unix://<user>:<password>@</path/to/redis.sock>?db=<db_number>
Relates to work started in
https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/2194
Changelog: fixed
Remove queue_selector and negate options from Sidekiq
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7540
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Andrew Patterson <apatterson@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Gregorius Marco <gmarco@gitlab.com>
This is a small regression from
https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7247.
When the PostgreSQL upgrade times out, previously the script
would error out with `wrong number of arguments (given 0, expected 1)
(ArgumentError)`.
Changelog: fixed
Support custom auth_redirect_uri when namespace_in_path is enabled
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7516
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Mitchell Nielsen <mnielsen@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: ngala <ngala@gitlab.com>
Avoid "undefined local" error in pg-upgrade.rb#analyze_cluster
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7532
Merged-by: Andrew Patterson <apatterson@gitlab.com>
Approved-by: Ian Baum <ibaum@gitlab.com>
Approved-by: Andrew Patterson <apatterson@gitlab.com>
Co-authored-by: Katrin Leinweber (GTLB) <kleinweber@gitlab.com>
Enable KAS in FIPS mode
Closes gitlab-org/build/CNG#1948
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7528
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Vishal Patel <vpatel@gitlab.com>
Approved-by: Andrew Patterson <apatterson@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Taka Nishida <tnishida@gitlab.com>
Accept multiple bind addresses in Redis config
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7500
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Hossein Pursultani <hpursultani@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>
Support optional grpc log level config for KAS
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7518
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Gabriel Mazetto <gabriel@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Taka Nishida <tnishida@gitlab.com>
Support TLS for kas->kas communication for KAS
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7453
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Timo Furrer <tfurrer@gitlab.com>
Approved-by: João Alexandre Cunha <j.a.cunha@gmail.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Taka Nishida <tnishida@gitlab.com>
As specified in https://redis.io/docs/management/config-file/, Redis
can bind to multiple addresses with a space-separated field. Previously
attempting to do this without setting `gitlab_rails['redis_host']`
would fail because a URI could not be built with a space in the
hostname.
This commit now splits the string with the space and picks the first
address as the default Redis host.
Relates to https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8465
Changelog: added
Move Redis server information to NewRedisHelper
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7465
Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Dustin Collins <714871-dustinmm80@users.noreply.gitlab.com>
Approved-by: Andrew Patterson <apatterson@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Balasankar 'Balu' C <balasankar@gitlab.com>
- Continue conversion to the new style redis helper with
refactors against the redis server functionality methods
Signed-off-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Do not warn if nothing is set and the default empty
hash is returned for some configurations.
Signed-off-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Create git_data_dirs even if gitlab_rails is disabled
See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7459
Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Jason Plum <jplum@gitlab.com>
Approved-by: Andrew Patterson <apatterson@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Ahmad Sherif <ahmad@gitlab.com>
- Adds a command to re-apply SELinux file context rules based on the
current GitLab provided SELinux policy.
- Documents the existence of this new command.
- Moves semanage tests into SELinuxHelper rspec and extends coverage for
changes made to support the new command.
Related https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/7257
Closes https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/7452
Changelog: added
Signed-off-by: Robert Marshall <rmarshall@gitlab.com>
Currently, `gitlab_rails` service needs to be enabled in order for
`gitaly` service to function properly. Specifically, `gitlab_rails`
creates `git_data_dirs` (e.g. `/var/opt/gitlab/git-data/repositories`)
which is needed for Gitaly to start-up. If only the `gitaly` service is
enabled, then Gitaly won't start due to config validation error (i.e.
storage directories have to be present).
This MR makes the creation of these directories the responsibility of
the `gitaly` cookbook. The `gitlab` cookbook still creates the
directories as backward-compatibility measure, as I'm not sure if these
directories are needed outside of Gitaly.
This is needed as part of
https://gitlab.com/gitlab-com/gl-infra/production-engineering/-/issues/24530.
Changelog: fixed