omnibus-gitlab merge requestshttps://staging.gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests2017-09-30T04:48:55Zhttps://staging.gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1814Selectively enable GZIP when HTTP referer matches external URL of GitLab host2017-09-30T04:48:55ZStan HuSelectively enable GZIP when HTTP referer matches external URL of GitLab hostgzip is disabled for HTTPS for a number of reasons, but Rails has anti-BREACH measures in place for CSRF tokens. In addition, we can mitigate the risk of this attack further by enabling GZIP only when the HTTP referer matches the GitLab ...gzip is disabled for HTTPS for a number of reasons, but Rails has anti-BREACH measures in place for CSRF tokens. In addition, we can mitigate the risk of this attack further by enabling GZIP only when the HTTP referer matches the GitLab origin.
For more details, see:
* https://blog.qualys.com/ssllabs/2013/08/07/defending-against-the-breach-attack
* https://gitlab.com/gitlab-org/gitlab-ce/issues/3371910.0https://staging.gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1961WIP: Resolve "PostgreSQL detection and upgrading since 10.0.0-rc5 (Ubuntu 16....2017-09-25T18:05:49ZIan BaumWIP: Resolve "PostgreSQL detection and upgrading since 10.0.0-rc5 (Ubuntu 16.10)"Closes #2800Closes #280010.0https://staging.gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1951Don't run pg-upgrade on GitLab 10.0 in docker2017-09-20T20:39:01ZDJ MountneyDon't run pg-upgrade on GitLab 10.0 in dockerRunning the upgrade actually attempts an upgrade.
```bash
Checking for an omnibus managed postgresql: OK
Checking if we already upgraded: NOT OK
Checking for a newer version of PostgreSQL to install: OK
```Running the upgrade actually attempts an upgrade.
```bash
Checking for an omnibus managed postgresql: OK
Checking if we already upgraded: NOT OK
Checking for a newer version of PostgreSQL to install: OK
```10.0Ian BaumIan Baumhttps://staging.gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1953WIP: Use the default postgres as the upgrade version in GitLab 10.02017-09-20T20:38:32ZDJ MountneyWIP: Use the default postgres as the upgrade version in GitLab 10.010.0Ian BaumIan Baumhttps://staging.gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1884Cleanup package scripts2017-09-15T07:19:23ZBalasankar CCleanup package scripts1. Remove the use of posttrans script for RPMs. We can handle them in postinst itself using value of `$1`
2. Run the postinst script only if it is a successful install/upgrade. For DEB based distros, that means `$1` will be `configure`. ...1. Remove the use of posttrans script for RPMs. We can handle them in postinst itself using value of `$1`
2. Run the postinst script only if it is a successful install/upgrade. For DEB based distros, that means `$1` will be `configure`. For RPM based distros that means `$1` will be `1` or `2` for install and upgrade respectively. This is needed because DEB-based and RPM-based distros handle failure of preinst differently. In RPM based distros, if `%pre` script fails, the installation/upgrade is aborted. However, in DEB-based distros, if `preinst` fails, the execution moves as `preinst` => `postrm abort-upgrade` => `postinst abort-upgrade`. That means, even if preinst fails, postinst is being called. So the stuff in postinst script gets executed even if preinst fails. Moving them to inside the conditional will fix it.
References:
1. https://fedoraproject.org/wiki/Packaging:Scriptlets
2. https://www.debian.org/doc/debian-policy/#maintainer-script-flowcharts
Tests:
- [x] CentOS 6
- [x] Fresh Installation
- [x] Upgrade from already installed package
- [x] CentOS 7
- [x] Fresh Installation
- [x] Upgrade from already installed package
- [x] Debian 7
- [x] Fresh Installation
- [x] Upgrade from already installed package
- [x] Debian 8
- [x] Fresh Installation
- [x] Upgrade from already installed package
- [x] Debian 9
- [x] Fresh Installation
- [x] Upgrade from already installed package
- [x] OpenSUSE 42.2
- [x] Fresh Installation
- [x] Upgrade from already installed package
- [x] Ubuntu 14.04
- [x] Fresh Installation
- [x] Upgrade from already installed package
- [x] Ubuntu 16.04
- [x] Fresh Installation
- [x] Upgrade from already installed package10.0Balasankar CBalasankar Chttps://staging.gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1839Configure everything if GITLAB_URL is set2017-08-24T10:03:33ZBalasankar CConfigure everything if GITLAB_URL is setCloses #2619
ToDO
- [x] Move ASCII art and information printing to the upgrade task from postinst.Closes #2619
ToDO
- [x] Move ASCII art and information printing to the upgrade task from postinst.10.0Marin JankovskiMarin Jankovski