Download as
Browse Code »

Commit 617cc8fb983f09ebcfb19493f78039d7829e167f

Authored by Dmitriy Zaporozhets
2 parents f4173104 14bc511f
Exists in master and in 4 other branches 6-8-stable, 7-0-stable, 7-0-stable-spb, spb-stable

Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq

Showing 11 changed files with 152 additions and 11 deletions   Show diff stats
doc/update/4.2-to-5.0.md
  Diff comments   View file @617cc8f
1 # From 4.2 to 5.0 1 # From 4.2 to 5.0
2 2
  3 +## Warning
  4 +GitLab 5.0 is affected by critical security vulnerability CVE-2013-4490. Please update to GitLab 5.4 immediately.
  5 +
3 ## Important changes 6 ## Important changes
4 7
5 * We don't use `gitlab` user any more. Everything will be moved to `git` user 8 * We don't use `gitlab` user any more. Everything will be moved to `git` user
doc/update/5.0-to-5.1.md
  Diff comments   View file @617cc8f
1 # From 5.0 to 5.1 1 # From 5.0 to 5.1
2 2
  3 +## Warning
  4 +GitLab 5.1 is affected by critical security vulnerability CVE-2013-4490. Please [update to GitLab 5.4 immediately](5.1-to-5.4.md).
  5 +
3 ## Release notes: 6 ## Release notes:
4 7
5 * `unicorn` replaced with `puma` 8 * `unicorn` replaced with `puma`
doc/update/5.1-to-5.2.md
  Diff comments   View file @617cc8f
1 # From 5.1 to 5.2 1 # From 5.1 to 5.2
2 2
  3 +## Warning
  4 +GitLab 5.2 is affected by critical security vulnerabilities CVE-2013-4490 and CVE-2013-4489. Please [update to GitLab 5.4 directly](5.1-to-5.4.md).
  5 +
3 ### 0. Backup 6 ### 0. Backup
4 7
5 It's useful to make a backup just in case things go south: 8 It's useful to make a backup just in case things go south:
doc/update/5.1-to-5.4.md 0 → 100644
  Diff comments   View file @617cc8f
@@ -0,0 +1,103 @@ @@ -0,0 +1,103 @@
  1 +# From 5.1 to 5.4
  2 +Also works starting from 5.2.
  3 +
  4 +## Notice
  5 +Security vulnerabilities CVE-2013-4490 and CVE-2013-4489 have been patched in the latest version of GitLab 5.4.
  6 +
  7 +### 0. Backup
  8 +
  9 +It's useful to make a backup just in case things go south:
  10 +(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
  11 +
  12 +```bash
  13 +cd /home/git/gitlab
  14 +sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
  15 +```
  16 +
  17 +### 1. Stop server
  18 +
  19 + sudo service gitlab stop
  20 +
  21 +### 2. Get latest code
  22 +
  23 +```bash
  24 +cd /home/git/gitlab
  25 +sudo -u git -H git fetch
  26 +sudo -u git -H git checkout 5-4-stable # Latest version of 5-4-stable addresses CVE-2013-4489
  27 +```
  28 +
  29 +### 3. Update gitlab-shell
  30 +
  31 +```bash
  32 +cd /home/git/gitlab-shell
  33 +sudo -u git -H git fetch
  34 +sudo -u git -H git checkout v1.7.4 # Addresses CVE-2013-4490
  35 +```
  36 +
  37 +### 4. Install libs, migrations, etc.
  38 +
  39 +```bash
  40 +cd /home/git/gitlab
  41 +
  42 +# MySQL
  43 +sudo -u git -H bundle install --without development test postgres --deployment
  44 +
  45 +#PostgreSQL
  46 +sudo -u git -H bundle install --without development test mysql --deployment
  47 +
  48 +sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
  49 +
  50 +sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production
  51 +```
  52 +
  53 +### 5. Update config files
  54 +
  55 +* Make `/home/git/gitlab/config/gitlab.yml` same as https://github.com/gitlabhq/gitlabhq/blob/5-4-stable/config/gitlab.yml.example but with your settings.
  56 +* Make `/home/git/gitlab/config/puma.rb` same as https://github.com/gitlabhq/gitlabhq/blob/5-4-stable/config/puma.rb.example but with your settings.
  57 +
  58 +### 6. Update Init script
  59 +
  60 +```bash
  61 +sudo rm /etc/init.d/gitlab
  62 +sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
  63 +sudo chmod +x /etc/init.d/gitlab
  64 +```
  65 +
  66 +### 7. Create uploads directory
  67 +
  68 +```bash
  69 +cd /home/git/gitlab
  70 +sudo -u git -H mkdir public/uploads
  71 +sudo chmod -R u+rwX public/uploads
  72 +```
  73 +
  74 +
  75 +### 8. Start application
  76 +
  77 + sudo service gitlab start
  78 + sudo service nginx restart
  79 +
  80 +### 9. Check application status
  81 +
  82 +Check if GitLab and its environment are configured correctly:
  83 +
  84 + sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
  85 +
  86 +To make sure you didn't miss anything run a more thorough check with:
  87 +
  88 + sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
  89 +
  90 +If all items are green, then congratulations upgrade complete!
  91 +
  92 +## Things went south? Revert to previous version (5.3)
  93 +
  94 +### 1. Revert the code to the previous version
  95 +Follow the [`upgrade guide from 5.2 to 5.3`](5.2-to-5.3.md), except for the database migration
  96 +(The backup is already migrated to the previous version)
  97 +
  98 +### 2. Restore from the backup:
  99 +
  100 +```bash
  101 +cd /home/git/gitlab
  102 +sudo -u git -H bundle exec rake gitlab:backup:restore RAILS_ENV=production
  103 +```
doc/update/5.1-to-6.0.md
  Diff comments   View file @617cc8f
1 # From 5.1 to 6.0 1 # From 5.1 to 6.0
2 2
  3 +## Warning
  4 +GitLab 6.0 is affected by critical security vulnerabilities CVE-2013-4490 and CVE-2013-4489. Please [update to GitLab 6.2 immediately](6.0-to-6.2.md).
  5 +
3 ### Deprecations 6 ### Deprecations
4 7
5 #### Global projects 8 #### Global projects
doc/update/5.2-to-5.3.md
  Diff comments   View file @617cc8f
1 # From 5.2 to 5.3 1 # From 5.2 to 5.3
2 2
  3 +## Warning
  4 +GitLab 5.3 is affected by critical security vulnerabilities CVE-2013-4490 and CVE-2013-4489. Please [update to GitLab 5.4 directly](5.1-to-5.4.md).
  5 +
3 ### 0. Backup 6 ### 0. Backup
4 7
5 It's useful to make a backup just in case things go south: 8 It's useful to make a backup just in case things go south:
doc/update/5.3-to-5.4.md
  Diff comments   View file @617cc8f
1 # From 5.3 to 5.4 1 # From 5.3 to 5.4
2 2
  3 +## Notice
  4 +Security vulnerabilities CVE-2013-4490 and CVE-2013-4489 have been patched in the latest version of GitLab 5.4.
  5 +
3 ### 0. Backup 6 ### 0. Backup
4 7
5 It's useful to make a backup just in case things go south: 8 It's useful to make a backup just in case things go south:
@@ -19,7 +22,7 @@ sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production @@ -19,7 +22,7 @@ sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
19 ```bash 22 ```bash
20 cd /home/git/gitlab 23 cd /home/git/gitlab
21 sudo -u git -H git fetch 24 sudo -u git -H git fetch
22 -sudo -u git -H git checkout 5-4-stable 25 +sudo -u git -H git checkout 5-4-stable # Latest version of 5-4-stable addresses CVE-2013-4489
23 ``` 26 ```
24 27
25 ### 3. Update gitlab-shell 28 ### 3. Update gitlab-shell
@@ -27,7 +30,7 @@ sudo -u git -H git checkout 5-4-stable @@ -27,7 +30,7 @@ sudo -u git -H git checkout 5-4-stable
27 ```bash 30 ```bash
28 cd /home/git/gitlab-shell 31 cd /home/git/gitlab-shell
29 sudo -u git -H git fetch 32 sudo -u git -H git fetch
30 -sudo -u git -H git checkout v1.5.0 33 +sudo -u git -H git checkout v1.7.4 # Addresses CVE-2013-4490
31 ``` 34 ```
32 35
33 ### 4. Install libs, migrations, etc. 36 ### 4. Install libs, migrations, etc.
doc/update/5.4-to-6.0.md
  Diff comments   View file @617cc8f
1 # From 5.4 to 6.0 1 # From 5.4 to 6.0
2 2
  3 +## Warning
  4 +GitLab 6.0 is affected by critical security vulnerabilities CVE-2013-4490 and CVE-2013-4489. Please [update to GitLab 6.2 immediately](6.0-to-6.2.md).
  5 +
3 ### Deprecations 6 ### Deprecations
4 7
5 #### Global projects 8 #### Global projects
doc/update/6.0-to-6.1.md
  Diff comments   View file @617cc8f
1 # From 6.0 to 6.1 1 # From 6.0 to 6.1
2 2
  3 +## Warning
  4 +GitLab 6.1 is affected by critical security vulnerabilities CVE-2013-4490 and CVE-2013-4489. Please [update to GitLab 6.2 directly](6.0-to-6.2.md).
  5 +
3 # In 6.1 we remove a lot of deprecated code. 6 # In 6.1 we remove a lot of deprecated code.
4 # You should update to 6.0 before installing 6.1 so all the necessary conversions are run. 7 # You should update to 6.0 before installing 6.1 so all the necessary conversions are run.
5 8
doc/update/6.0-to-6.2.md
  Diff comments   View file @617cc8f
1 # From 6.0 to 6.2 1 # From 6.0 to 6.2
2 2
  3 +## Notice
  4 +Security vulnerabilities CVE-2013-4490 and CVE-2013-4489 have been patched in the latest version of GitLab 6.2.
  5 +
3 # In 6.1 we remove a lot of deprecated code. 6 # In 6.1 we remove a lot of deprecated code.
4 # You should update to 6.0 before installing 6.1 or higher so all the necessary conversions are run. 7 # You should update to 6.0 before installing 6.1 or higher so all the necessary conversions are run.
5 8
@@ -28,7 +31,7 @@ sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production @@ -28,7 +31,7 @@ sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
28 ```bash 31 ```bash
29 cd /home/git/gitlab 32 cd /home/git/gitlab
30 sudo -u git -H git fetch 33 sudo -u git -H git fetch
31 -sudo -u git -H git checkout 6-2-stable 34 +sudo -u git -H git checkout 6-2-stable # Latest version of 6-2-stable addresses CVE-2013-4489
32 ``` 35 ```
33 36
34 37
@@ -44,7 +47,7 @@ sudo apt-get install logrotate @@ -44,7 +47,7 @@ sudo apt-get install logrotate
44 ```bash 47 ```bash
45 cd /home/git/gitlab-shell 48 cd /home/git/gitlab-shell
46 sudo -u git -H git fetch 49 sudo -u git -H git fetch
47 -sudo -u git -H git checkout v1.7.4 50 +sudo -u git -H git checkout v1.7.4 # Addresses CVE-2013-4490
48 ``` 51 ```
49 52
50 ### 5. Install libs, migrations, etc. 53 ### 5. Install libs, migrations, etc.
doc/update/6.1-to-6.2.md
  Diff comments   View file @617cc8f
1 # From 6.1 to 6.2 1 # From 6.1 to 6.2
2 2
  3 +## Notice
  4 +Security vulnerabilities CVE-2013-4490 and CVE-2013-4489 have been patched in the latest version of GitLab 6.2.
  5 +
3 # You should update to 6.1 before installing 6.2 so all the necessary conversions are run. 6 # You should update to 6.1 before installing 6.2 so all the necessary conversions are run.
4 7
5 ### 0. Backup 8 ### 0. Backup
@@ -21,17 +24,25 @@ sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production @@ -21,17 +24,25 @@ sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
21 ```bash 24 ```bash
22 cd /home/git/gitlab 25 cd /home/git/gitlab
23 sudo -u git -H git fetch 26 sudo -u git -H git fetch
24 -sudo -u git -H git checkout 6-2-stable 27 +sudo -u git -H git checkout 6-2-stable # Latest version of 6-2-stable addresses CVE-2013-4489
  28 +```
  29 +
  30 +### 3. Update gitlab-shell
  31 +
  32 +```bash
  33 +cd /home/git/gitlab-shell
  34 +sudo -u git -H git fetch
  35 +sudo -u git -H git checkout v1.7.4 # Addresses CVE-2013-4490
25 ``` 36 ```
26 37
27 -### 3. Install additional packages 38 +### 4. Install additional packages
28 39
29 ```bash 40 ```bash
30 # Add support for lograte for better log file handling 41 # Add support for lograte for better log file handling
31 sudo apt-get install logrotate 42 sudo apt-get install logrotate
32 ``` 43 ```
33 44
34 -### 4. Install libs, migrations, etc. 45 +### 5. Install libs, migrations, etc.
35 46
36 ```bash 47 ```bash
37 cd /home/git/gitlab 48 cd /home/git/gitlab
@@ -49,7 +60,7 @@ sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production @@ -49,7 +60,7 @@ sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production
49 sudo -u git -H bundle exec rake cache:clear RAILS_ENV=production 60 sudo -u git -H bundle exec rake cache:clear RAILS_ENV=production
50 ``` 61 ```
51 62
52 -### 5. Update config files 63 +### 6. Update config files
53 64
54 TIP: to see what changed in gitlab.yml.example in this release use next command: 65 TIP: to see what changed in gitlab.yml.example in this release use next command:
55 66
@@ -71,7 +82,7 @@ sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers @@ -71,7 +82,7 @@ sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers
71 sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab 82 sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
72 ``` 83 ```
73 84
74 -### 6. Update Init script 85 +### 7. Update Init script
75 86
76 ```bash 87 ```bash
77 sudo rm /etc/init.d/gitlab 88 sudo rm /etc/init.d/gitlab
@@ -79,12 +90,12 @@ sudo curl --output /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlabhq/6 @@ -79,12 +90,12 @@ sudo curl --output /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlabhq/6
79 sudo chmod +x /etc/init.d/gitlab 90 sudo chmod +x /etc/init.d/gitlab
80 ``` 91 ```
81 92
82 -### 7. Start application 93 +### 8. Start application
83 94
84 sudo service gitlab start 95 sudo service gitlab start
85 sudo service nginx restart 96 sudo service nginx restart
86 97
87 -### 8. Check application status 98 +### 9. Check application status
88 99
89 Check if GitLab and its environment are configured correctly: 100 Check if GitLab and its environment are configured correctly:
90 101