From 6e6da2ac1be156712fd7462b1292588dadfc7826 Mon Sep 17 00:00:00 2001
From: Kay0u <pierre@kayou.io>
Date: Thu, 26 Aug 2021 23:49:41 +0200
Subject: [PATCH] 14.2.1

---
 conf/gitlab.rb                    | 34 +++++++++++++++++++++++++++++++
 manifest.json                     |  2 +-
 scripts/upgrade.d/upgrade.last.sh | 12 +++++------
 3 files changed, 41 insertions(+), 7 deletions(-)

diff --git a/conf/gitlab.rb b/conf/gitlab.rb
index 9efc9c8..2e0abf0 100644
--- a/conf/gitlab.rb
+++ b/conf/gitlab.rb
@@ -931,6 +931,18 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
 ##! Propagate X-Request-Id if available. Workhorse will generate a random value otherwise.
 # gitlab_workhorse['propagate_correlation_id'] = false
 
+##! A list of CIDR blocks to allow for propagation of correlation ID.
+##! propagate_correlation_id should also be set to true.
+##! For example: %w(127.0.0.1/32 192.168.0.1/32)
+# gitlab_workhorse['trusted_cidrs_for_propagation'] = nil
+
+##! A list of CIDR blocks that must match remote IP addresses to use
+##! X-Forwarded-For HTTP header for the actual client IP. Used in
+##! conjuction with propagate_correlation_id and
+##! trusted_cidrs_for_propagation.
+##! For example: %w(127.0.0.1/32 192.168.0.1/32)
+# gitlab_workhorse['trusted_cidrs_for_x_forwarded_for'] = nil
+
 ##! Log format: default is json, can also be text or none.
 # gitlab_workhorse['log_format'] = "json"
 
@@ -1416,6 +1428,7 @@ nginx['listen_https'] = false
 ### Advanced settings
 # nginx['dir'] = "/var/opt/gitlab/nginx"
 # nginx['log_directory'] = "/var/log/gitlab/nginx"
+# nginx['error_log_level'] = "error"
 # nginx['worker_processes'] = 4
 # nginx['worker_connections'] = 10240
 # nginx['log_format'] = '$remote_addr - $remote_user [$time_local] "$request_method $filtered_request_uri $server_protocol" $status $body_bytes_sent "$filtered_http_referer" "$http_user_agent" $gzip_ratio'
@@ -2647,6 +2660,9 @@ package['modify_kernel_parameters'] = __MODIFY_KERNEL_PARAMETERS__
 # patroni['use_slots'] = true
 # patroni['replication_password'] = nil
 # patroni['replication_slots'] = {}
+# patroni['callbacks'] = {}
+# patroni['recovery_conf'] = {}
+# patroni['tags'] = {}
 
 ## Standby cluster replication settings
 # patroni['standby_cluster']['enable'] = false
@@ -2705,11 +2721,29 @@ package['modify_kernel_parameters'] = __MODIFY_KERNEL_PARAMETERS__
 ## advertized and by default is the same as patroni['port'].
 # patroni['connect_port'] = '8008'
 
+## Specifies the set of hosts that are allowed to call unsafe REST API endpoints.
+## Each item can be an hostname, IP address, or CIDR address.
+## All hosts are allowed if this is unset.
+# patroni['allowlist'] = []
+# patroni['allowlist_include_members'] = false
+
 ## The username and password to use for basic auth on write commands to the
 ## Patroni API. If not specified then the API does not use basic auth.
 # patroni['username'] = nil
 # patroni['password'] = nil
 
+## TLS configuration for Patroni API. Both certificate and key files are
+## required to enable TLS. If not specified then the API uses plain HTTP.
+# patroni['tls_certificate_file'] = nil
+# patroni['tls_key_file'] = nil
+# patroni['tls_key_password'] = nil
+# patroni['tls_ca_file'] = nil
+# patroni['tls_ciphers'] = nil
+# patroni['tls_client_mode'] = nil
+# patroni['tls_client_certificate_file'] = nil
+# patroni['tls_client_key_file'] = nil
+# patroni['tls_verify'] = true
+
 ################################################################################
 # Consul (EEP only)
 ################################################################################
diff --git a/manifest.json b/manifest.json
index 6812628..0e642f6 100644
--- a/manifest.json
+++ b/manifest.json
@@ -2,7 +2,7 @@
     "name": "GitLab",
     "id": "gitlab",
     "packaging_format": 1,
-    "version": "14.1.2~ynh1",
+    "version": "14.2.1~ynh1",
     "description": {
         "en": "Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features.",
         "fr": "Gestionnaire de dépôts Git proposant des fonctionnalités de wiki, suivi de bugs et de pipeline CI/CD."
diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh
index 6bcd51c..ab21b48 100644
--- a/scripts/upgrade.d/upgrade.last.sh
+++ b/scripts/upgrade.d/upgrade.last.sh
@@ -1,15 +1,15 @@
 #!/bin/bash
 
-gitlab_version="14.1.2"
+gitlab_version="14.2.1"
 
 # sha256sum found here: https://packages.gitlab.com/gitlab
 gitlab_debian_version="buster"
 
-gitlab_x86_64_buster_source_sha256="01e1776daa7ed6062117b7c2ae9425eed6ba200f07192bd52d4fa6febe45f46d"
+gitlab_x86_64_buster_source_sha256="3e7246f2b49a9cb608714bc32f330e2b21d1b6f37cf44c31374a8817a16faf96"
 
-gitlab_arm64_buster_source_sha256="f2804db2d0286b6c22efe8671734f56e5f08fd91e2820173b833daa0efae247b"
+gitlab_arm64_buster_source_sha256="5967ee8f5b975f26a30469ea9d9492ce4cee06d958e292d1057c30fb9d3ff735"
 
-gitlab_arm_buster_source_sha256="33a33792cbdceed4e64a815997fc06df83aaaab2bac8209f6776da821d25d494"
+gitlab_arm_buster_source_sha256="f4553bb6a04fa580f2a4eb5ec5507701ae1c1cb4766cad58568d299d0ef04cae"
 
 architecture=$(ynh_app_setting_get --app="$app" --key=architecture)
 
@@ -20,8 +20,8 @@ elif [ "$architecture" = "arm64" ]; then
 elif [ "$architecture" = "arm" ]; then
 	# If the version for arm doesn't exist, then use an older one
 	if [ -z "$gitlab_arm_buster_source_sha256" ]; then
-		gitlab_version="14.1.2"
-		gitlab_arm_buster_source_sha256="33a33792cbdceed4e64a815997fc06df83aaaab2bac8209f6776da821d25d494"
+		gitlab_version="14.2.1"
+		gitlab_arm_buster_source_sha256="f4553bb6a04fa580f2a4eb5ec5507701ae1c1cb4766cad58568d299d0ef04cae"
 	fi
 	gitlab_source_sha256=$gitlab_arm_buster_source_sha256
 fi