chore(deps): update helm release gitlab to v8.1.0 #3341
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
|
Path: @@ -443,7 +443,7 @@
cp -f -v -r -L "${config_dir}/${secret}/." "${secret_dir}/${secret}/"
done
# optional
- for secret in redis minio objectstorage postgres ldap duo omniauth smtp kas pages oauth-secrets mailroom gitlab-exporter microsoft_graph_mailer suggested_reviewers zoekt clickhouse ; do
+ for secret in redis redis-sentinel minio objectstorage postgres ldap duo omniauth smtp kas pages oauth-secrets mailroom gitlab-exporter microsoft_graph_mailer suggested_reviewers zoekt clickhouse ; do
if [ -e "${config_dir}/${secret}" ]; then
mkdir -p "${secret_dir}/${secret}"
cp -f -v -r -L "${config_dir}/${secret}/." "${secret_dir}/${secret}/"
@@ -466,6 +466,9 @@
installation_type: |
gitlab-helm-chart
database.yml.erb: "\nproduction:\n main:\n adapter: postgresql\n encoding: unicode\n database: gitlabhq_production\n username: gitlab\n password: <%= File.read('/etc/gitlab/postgres/psql-password-main').strip.to_json %>\n host: \"gitlab-postgresql.default.svc\"\n port: 5432\n connect_timeout: \n keepalives: \n keepalives_idle: \n keepalives_interval: \n keepalives_count: \n tcp_user_timeout: \n application_name: \n prepared_statements: false\n database_tasks: true\n \n \n ci:\n adapter: postgresql\n encoding: unicode\n database: gitlabhq_production\n username: gitlab\n password: <%= File.read('/etc/gitlab/postgres/psql-password-ci').strip.to_json %>\n host: \"gitlab-postgresql.default.svc\"\n port: 5432\n connect_timeout: \n keepalives: \n keepalives_idle: \n keepalives_interval: \n keepalives_count: \n tcp_user_timeout: \n application_name: \n prepared_statements: false\n database_tasks: false\n \n \n"
+ session_store.yml.erb: |
+ production:
+ session_cookie_token_prefix: ""
krb5.conf: ""
smtp_settings.rb: "smtp_settings = {\n address: \"smtp.mailgun.org\",\n port: 587,\n ca_file: \"/etc/ssl/certs/ca-certificates.crt\",\n \n authentication: :login,\n user_name: \"git@${BASE_DOMAIN}\",\n password: File.read(\"/etc/gitlab/smtp/smtp-password\").strip,\n enable_starttls_auto: true,\n openssl_verify_mode: \"peer\",\n open_timeout: 30,\n read_timeout: 60\n}\n\nRails.application.config.action_mailer.delivery_method = :smtp\nActionMailer::Base.delivery_method = :smtp\n\nActionMailer::Base.smtp_settings = smtp_settings\n"
resque.yml.erb: "production:\n url: redis://:<%= ERB::Util::url_encode(File.read(\"/etc/gitlab/redis/redis-password\").strip) %>@gitlab-redis-master.default.svc:6379\n \n id:\n"
@@ -482,7 +485,7 @@
cp -f -v -r -L "${config_dir}/${secret}/." "${secret_dir}/${secret}/"
done
# optional
- for secret in redis minio objectstorage postgres ldap duo omniauth smtp kas pages oauth-secrets mailroom gitlab-exporter microsoft_graph_mailer suggested_reviewers zoekt clickhouse ; do
+ for secret in redis redis-sentinel minio objectstorage postgres ldap duo omniauth smtp kas pages oauth-secrets mailroom gitlab-exporter microsoft_graph_mailer suggested_reviewers zoekt clickhouse ; do
if [ -e "${config_dir}/${secret}" ]; then
mkdir -p "${secret_dir}/${secret}"
cp -f -v -r -L "${config_dir}/${secret}/." "${secret_dir}/${secret}/"
@@ -503,6 +506,9 @@
heritage: Helm
data:
database.yml.erb: "\nproduction:\n main:\n adapter: postgresql\n encoding: unicode\n database: gitlabhq_production\n username: gitlab\n password: <%= File.read('/etc/gitlab/postgres/psql-password-main').strip.to_json %>\n host: \"gitlab-postgresql.default.svc\"\n port: 5432\n connect_timeout: \n keepalives: \n keepalives_idle: \n keepalives_interval: \n keepalives_count: \n tcp_user_timeout: \n application_name: \n prepared_statements: false\n database_tasks: true\n \n \n ci:\n adapter: postgresql\n encoding: unicode\n database: gitlabhq_production\n username: gitlab\n password: <%= File.read('/etc/gitlab/postgres/psql-password-ci').strip.to_json %>\n host: \"gitlab-postgresql.default.svc\"\n port: 5432\n connect_timeout: \n keepalives: \n keepalives_idle: \n keepalives_interval: \n keepalives_count: \n tcp_user_timeout: \n application_name: \n prepared_statements: false\n database_tasks: false\n \n \n"
+ session_store.yml.erb: |
+ production:
+ session_cookie_token_prefix: ""
krb5.conf: ""
smtp_settings.rb: "smtp_settings = {\n address: \"smtp.mailgun.org\",\n port: 587,\n ca_file: \"/etc/ssl/certs/ca-certificates.crt\",\n \n authentication: :login,\n user_name: \"git@${BASE_DOMAIN}\",\n password: File.read(\"/etc/gitlab/smtp/smtp-password\").strip,\n enable_starttls_auto: true,\n openssl_verify_mode: \"peer\",\n open_timeout: 30,\n read_timeout: 60\n}\n\nRails.application.config.action_mailer.delivery_method = :smtp\nActionMailer::Base.delivery_method = :smtp\n\nActionMailer::Base.smtp_settings = smtp_settings\n"
resque.yml.erb: "production:\n url: redis://:<%= ERB::Util::url_encode(File.read(\"/etc/gitlab/redis/redis-password\").strip) %>@gitlab-redis-master.default.svc:6379\n \n id:\n"
@@ -519,7 +525,7 @@
cp -f -v -r -L "${config_dir}/${secret}/." "${secret_dir}/${secret}/"
done
# optional
- for secret in redis minio objectstorage postgres ldap duo omniauth smtp kas pages oauth-secrets mailroom gitlab-exporter microsoft_graph_mailer suggested_reviewers zoekt clickhouse ; do
+ for secret in redis redis-sentinel minio objectstorage postgres ldap duo omniauth smtp kas pages oauth-secrets mailroom gitlab-exporter microsoft_graph_mailer suggested_reviewers zoekt clickhouse ; do
if [ -e "${config_dir}/${secret}" ]; then
mkdir -p "${secret_dir}/${secret}"
cp -f -v -r -L "${config_dir}/${secret}/." "${secret_dir}/${secret}/"
@@ -583,6 +589,9 @@
installation_type: |
gitlab-helm-chart
database.yml.erb: "\nproduction:\n main:\n adapter: postgresql\n encoding: unicode\n database: gitlabhq_production\n username: gitlab\n password: <%= File.read('/etc/gitlab/postgres/psql-password-main').strip.to_json %>\n host: \"gitlab-postgresql.default.svc\"\n port: 5432\n connect_timeout: \n keepalives: \n keepalives_idle: \n keepalives_interval: \n keepalives_count: \n tcp_user_timeout: \n application_name: \n prepared_statements: false\n database_tasks: true\n \n \n ci:\n adapter: postgresql\n encoding: unicode\n database: gitlabhq_production\n username: gitlab\n password: <%= File.read('/etc/gitlab/postgres/psql-password-ci').strip.to_json %>\n host: \"gitlab-postgresql.default.svc\"\n port: 5432\n connect_timeout: \n keepalives: \n keepalives_idle: \n keepalives_interval: \n keepalives_count: \n tcp_user_timeout: \n application_name: \n prepared_statements: false\n database_tasks: false\n \n \n"
+ session_store.yml.erb: |
+ production:
+ session_cookie_token_prefix: ""
krb5.conf: ""
smtp_settings.rb: "smtp_settings = {\n address: \"smtp.mailgun.org\",\n port: 587,\n ca_file: \"/etc/ssl/certs/ca-certificates.crt\",\n \n authentication: :login,\n user_name: \"git@${BASE_DOMAIN}\",\n password: File.read(\"/etc/gitlab/smtp/smtp-password\").strip,\n enable_starttls_auto: true,\n openssl_verify_mode: \"peer\",\n open_timeout: 30,\n read_timeout: 60\n}\n\nRails.application.config.action_mailer.delivery_method = :smtp\nActionMailer::Base.delivery_method = :smtp\n\nActionMailer::Base.smtp_settings = smtp_settings\n"
resque.yml.erb: "production:\n url: redis://:<%= ERB::Util::url_encode(File.read(\"/etc/gitlab/redis/redis-password\").strip) %>@gitlab-redis-master.default.svc:6379\n \n id:\n"
@@ -599,7 +608,7 @@
cp -f -v -r -L "${config_dir}/${secret}/." "${secret_dir}/${secret}/"
done
# optional
- for secret in redis minio objectstorage postgres ldap duo omniauth smtp kas pages oauth-secrets mailroom gitlab-exporter microsoft_graph_mailer suggested_reviewers zoekt clickhouse ; do
+ for secret in redis redis-sentinel minio objectstorage postgres ldap duo omniauth smtp kas pages oauth-secrets mailroom gitlab-exporter microsoft_graph_mailer suggested_reviewers zoekt clickhouse ; do
if [ -e "${config_dir}/${secret}" ]; then
mkdir -p "${secret_dir}/${secret}"
cp -f -v -r -L "${config_dir}/${secret}/." "${secret_dir}/${secret}/"
@@ -1270,8 +1279,8 @@
release: gitlab
heritage: Helm
data:
- gitlabVersion: "17.0.2"
- gitlabChartVersion: "8.0.2"
+ gitlabVersion: "17.1.0"
+ gitlabChartVersion: "8.1.0"
---
# Source: gitlab/templates/initdb-configmap.yaml
apiVersion: v1
@@ -1564,13 +1573,13 @@
release: gitlab
heritage: Helm
annotations:
- checksum/config: c0d7cc475031c9e180f1b526e9cce8b42892b618d245010d7680151206a10df2
- checksum/config-sshd: bd0a28ac0f2bbac29f3d308ff90809cd0de5a053c4e495520a7900e6e4a5fe1a
+ checksum/config: 149378d72ed4d1b27c8328bc5fd98111f49d98ae9e6269f38c2f5ab099bc6b05
+ checksum/config-sshd: a0aa91391ba7132e37aa5525da212b05f752a6cc823787651635d1bee4aa36fe
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
spec:
initContainers:
- name: certificates
- image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.1.0
env:
volumeMounts:
- name: etc-ssl-certs
@@ -1584,7 +1593,7 @@
cpu: 50m
- name: configure
command: ['sh', '/config/configure']
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
env:
volumeMounts:
- name: shell-config
@@ -1615,7 +1624,7 @@
automountServiceAccountToken: false
containers:
- name: gitlab-shell
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-shell:v14.35.0"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-shell:v14.36.0"
securityContext:
runAsUser: 1000
ports:
@@ -1731,7 +1740,7 @@
heritage: Helm
queue-pod-name: all-in-1
annotations:
- checksum/configmap: 8e842321954dec96de1d37e8d01510b67e68c3767ff789f1ee7ef06eec295aac
+ checksum/configmap: 72f9fd67037f3e500a527e0a9392ebeeb57f98a58890a65d8e10c3d3c84c0d95
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
gitlab.com/prometheus_scrape: "true"
gitlab.com/prometheus_port: "3807"
@@ -1757,7 +1766,7 @@
terminationGracePeriodSeconds: 30
initContainers:
- name: certificates
- image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.1.0
env:
volumeMounts:
- name: etc-ssl-certs
@@ -1771,7 +1780,7 @@
cpu: 50m
- name: configure
command: ['sh', '/config/configure']
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
env:
volumeMounts:
- name: sidekiq-config
@@ -1787,7 +1796,7 @@
requests:
cpu: 50m
- name: dependencies
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce:v17.1.0"
args:
- /scripts/wait-for-deps
env:
@@ -1825,7 +1834,7 @@
cpu: 50m
containers:
- name: sidekiq
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce:v17.1.0"
securityContext:
runAsUser: 1000
env:
@@ -2041,7 +2050,7 @@
release: gitlab
heritage: Helm
annotations:
- checksum/config: 893cb5d26f46f16ca1588687c8f61ecd889c6fd270e4682acc1f4ebe8b04c130
+ checksum/config: 8a2f8c781de86eb52ce74809b961a107dd3c274fe7580a074949bd93e05f437d
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
spec:
securityContext:
@@ -2051,7 +2060,7 @@
automountServiceAccountToken: false
initContainers:
- name: certificates
- image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.1.0
env:
volumeMounts:
- name: etc-ssl-certs
@@ -2065,7 +2074,7 @@
cpu: 50m
- name: configure
command: ['sh', '/config/configure']
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
env:
volumeMounts:
- name: toolbox-config
@@ -2096,7 +2105,7 @@
- /bin/bash
- -c
- cp -v -r -L /etc/gitlab/.s3cfg $HOME/.s3cfg && while sleep 3600; do :; done # alpine sleep has no infinity
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-toolbox-ce:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-toolbox-ce:v17.1.0"
securityContext:
runAsUser: 1000
env:
@@ -2298,7 +2307,7 @@
heritage: Helm
gitlab.com/webservice-name: default
annotations:
- checksum/config: d658ae252e518d17f87778dc2ae68a49fcaea5139cd47348c43658def6a46053
+ checksum/config: 55d6fe4a06e035154c277caf13a1b5cd2da320af06b1576656336ee721567f1f
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
gitlab.com/prometheus_scrape: "true"
gitlab.com/prometheus_port: "8083"
@@ -2324,7 +2333,7 @@
automountServiceAccountToken: false
initContainers:
- name: certificates
- image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.1.0
env:
volumeMounts:
- name: etc-ssl-certs
@@ -2339,7 +2348,7 @@
- name: configure
command: ['sh']
args: ['-c', 'sh -x /config-webservice/configure ; sh -x /config-workhorse/configure ; mkdir -p -m 3770 /tmp/gitlab']
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
env:
volumeMounts:
- name: webservice-config
@@ -2364,7 +2373,7 @@
requests:
cpu: 50m
- name: dependencies
- image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v17.1.0
args:
- /scripts/wait-for-deps
env:
@@ -2399,7 +2408,7 @@
cpu: 50m
containers:
- name: webservice
- image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v17.1.0
securityContext:
runAsUser: 1000
ports:
@@ -2499,7 +2508,7 @@
cpu: 300m
memory: 2.5G
- name: gitlab-workhorse
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-workhorse-ce:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-workhorse-ce:v17.1.0"
ports:
- containerPort: 8181
name: http-workhorse
@@ -2746,7 +2755,7 @@
medium: "Memory"
initContainers:
- name: configure
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
command: ["sh", "/config/configure"]
volumeMounts:
- name: minio-configuration
@@ -2825,7 +2834,7 @@
automountServiceAccountToken: false
initContainers:
- name: certificates
- image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.1.0
env:
volumeMounts:
- name: etc-ssl-certs
@@ -2838,7 +2847,7 @@
requests:
cpu: 50m
- name: configure
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
command: ["sh", "/config/configure"]
volumeMounts:
- name: registry-secrets
@@ -2851,7 +2860,7 @@
env:
containers:
- name: registry
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-container-registry:v4.0.0-gitlab"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-container-registry:v4.5.0-gitlab"
securityContext:
runAsUser: 1000
env:
@@ -3045,7 +3054,7 @@
release: gitlab
heritage: Helm
annotations:
- checksum/config: d99c12ed97d5bef720e4eb0caf4855704ea93189e68858c11cda9b37e2a289fb
+ checksum/config: 084fb887a3c1d5321ee34b4e97bff9c770267a9daa7dbc4d6552095d4a59eeea
gitlab.com/prometheus_scrape: "true"
gitlab.com/prometheus_port: "9236"
gitlab.com/prometheus_path: /metrics
@@ -3056,7 +3065,7 @@
terminationGracePeriodSeconds: 30
initContainers:
- name: certificates
- image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.1.0
env:
volumeMounts:
- name: etc-ssl-certs
@@ -3070,7 +3079,7 @@
cpu: 50m
- name: configure
command: ['sh', '/config/configure']
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
env:
volumeMounts:
- name: gitaly-config
@@ -3101,7 +3110,7 @@
automountServiceAccountToken: false
containers:
- name: gitaly
- image: "registry.gitlab.com/gitlab-org/build/cng/gitaly:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitaly:v17.1.0"
securityContext:
runAsUser: 1000
ports:
@@ -3521,7 +3530,7 @@
apiVersion: batch/v1
kind: Job
metadata:
- name: gitlab-migrations-76bb7f0
+ name: gitlab-migrations-2758849
namespace: default
labels:
app: migrations
@@ -3543,7 +3552,7 @@
automountServiceAccountToken: false
initContainers:
- name: certificates
- image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.1.0
env:
volumeMounts:
- name: etc-ssl-certs
@@ -3557,7 +3566,7 @@
cpu: 50m
- name: configure
command: ['sh', '/config/configure']
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
env:
volumeMounts:
- name: migrations-config
@@ -3575,7 +3584,7 @@
restartPolicy: OnFailure
containers:
- name: migrations
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-toolbox-ce:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-toolbox-ce:v17.1.0"
args:
- /scripts/wait-for-deps
- /scripts/db-migrate
@@ -3672,7 +3681,7 @@
apiVersion: batch/v1
kind: Job
metadata:
- name: gitlab-minio-create-buckets-56c6036
+ name: gitlab-minio-create-buckets-877651d
namespace: default
labels:
app: minio
@@ -3738,11 +3747,11 @@
metadata:
labels:
app: toolbox
- chart: toolbox-8.0.2
+ chart: toolbox-8.1.0
release: gitlab
heritage: Helm
annotations:
- checksum/config: 893cb5d26f46f16ca1588687c8f61ecd889c6fd270e4682acc1f4ebe8b04c130
+ checksum/config: 8a2f8c781de86eb52ce74809b961a107dd3c274fe7580a074949bd93e05f437d
cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
spec:
restartPolicy: OnFailure
@@ -3752,7 +3761,7 @@
fsGroup: 1000
initContainers:
- name: certificates
- image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/certificates:v17.1.0
env:
volumeMounts:
- name: etc-ssl-certs
@@ -3766,7 +3775,7 @@
cpu: 50m
- name: configure
command: ['sh', '/config/configure']
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
env:
volumeMounts:
- name: toolbox-config
@@ -3787,7 +3796,7 @@
- /bin/bash
- -c
- cp /etc/gitlab/.s3cfg $HOME/.s3cfg && backup-utility # alpine sleep has no infinity
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-toolbox-ce:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-toolbox-ce:v17.1.0"
securityContext:
runAsUser: 1000
env:
@@ -4050,7 +4059,7 @@
"helm.sh/hook-weight": "-3"
"helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
data:
- generate-secrets: "# vim: set filetype=sh:\n\nnamespace=default\nrelease=gitlab\nenv=production\n\npushd $(mktemp -d)\n\n# Args pattern, length\nfunction gen_random(){\n head -c 4096 /dev/urandom | LC_CTYPE=C tr -cd $1 | head -c $2\n}\n\n# Args: yaml file, search path\nfunction fetch_rails_value(){\n local value=$(yq \".${2}\" $1)\n\n # Don't return null values\n if [ \"${value}\" != \"null\" ]; then echo \"${value}\"; fi\n}\n\n# Args: secretname\nfunction label_secret(){\n local secret_name=$1\n# Remove application labels if they exist\n kubectl --namespace=$namespace label \\\n secret $secret_name $(echo 'app.kubernetes.io/name=gitlab' | sed -E 's/=[^ ]*/-/g')\n\n kubectl --namespace=$namespace label \\\n --overwrite \\\n secret $secret_name app=gitlab chart=gitlab-8.0.2 release=gitlab heritage=Helm \n}\n\n# Args: secretname, args\nfunction generate_secret_if_needed(){\n local secret_args=( \"${@:2}\")\n local secret_name=$1\n\n if ! $(kubectl --namespace=$namespace get secret $secret_name > /dev/null 2>&1); then\n kubectl --namespace=$namespace create secret generic $secret_name ${secret_args[@]}\n else\n echo \"secret \\\"$secret_name\\\" already exists.\"\n\n for arg in \"${secret_args[@]}\"; do\n local from=$(echo -n ${arg} | cut -d '=' -f1)\n\n if [ -z \"${from##*literal*}\" ]; then\n local key=$(echo -n ${arg} | cut -d '=' -f2)\n local desiredValue=$(echo -n ${arg} | cut -d '=' -f3-)\n local flags=\"--namespace=$namespace --allow-missing-template-keys=false\"\n\n if ! $(kubectl $flags get secret $secret_name -ojsonpath=\"{.data.${key}}\" > /dev/null 2>&1); then\n echo \"key \\\"${key}\\\" does not exist. patching it in.\"\n\n if [ \"${desiredValue}\" != \"\" ]; then\n desiredValue=$(echo -n \"${desiredValue}\" | base64 -w 0)\n fi\n\n kubectl --namespace=$namespace patch secret ${secret_name} -p \"{\\\"data\\\":{\\\"$key\\\":\\\"${desiredValue}\\\"}}\"\n fi\n fi\n done\n fi\n\n label_secret $secret_name\n}\n\n# Initial root password\ngenerate_secret_if_needed \"gitlab-gitlab-initial-root-password\" --from-literal=\"password\"=$(gen_random 'a-zA-Z0-9' 64)\n\n\n# Redis password\ngenerate_secret_if_needed \"gitlab-redis-secret\" --from-literal=\"secret\"=$(gen_random 'a-zA-Z0-9' 64)\n\n\n# Postgres password\ngenerate_secret_if_needed \"gitlab-postgresql-password\" --from-literal=\"postgresql-password\"=$(gen_random 'a-zA-Z0-9' 64) --from-literal=postgresql-postgres-password=$(gen_random 'a-zA-Z0-9' 64)\n\n\n# Gitlab shell\ngenerate_secret_if_needed \"gitlab-gitlab-shell-secret\" --from-literal=\"secret\"=$(gen_random 'a-zA-Z0-9' 64)\n\n# Gitaly secret\ngenerate_secret_if_needed \"gitlab-gitaly-secret\" --from-literal=\"token\"=$(gen_random 'a-zA-Z0-9' 64)\n\n# Minio secret\ngenerate_secret_if_needed \"gitlab-minio-secret\" --from-literal=accesskey=$(gen_random 'a-zA-Z0-9' 64) --from-literal=secretkey=$(gen_random 'a-zA-Z0-9' 64)\n\n\n# Gitlab runner secret\ngenerate_secret_if_needed \"gitlab-gitlab-runner-secret\" --from-literal=runner-registration-token=$(gen_random 'a-zA-Z0-9' 64) --from-literal=runner-token=\"\"\n\n# GitLab Pages API secret\n\n\n# GitLab Pages auth secret for hashing cookie store when using access control\n\n\n# GitLab Pages OAuth secret\n\n\n\n\n# Gitlab-suggested-reviewers secret\ngenerate_secret_if_needed \"gitlab-gitlab-suggested-reviewers\" --from-literal=\"suggested_reviewers_secret\"=$(gen_random 'a-zA-Z0-9' 32 | base64)\n\n\n\n\n\n# Registry certificates\nmkdir -p certs\nopenssl req -new -newkey rsa:4096 -subj \"/CN=gitlab-issuer\" -nodes -x509 -keyout certs/registry-example-com.key -out certs/registry-example-com.crt -days 3650\ngenerate_secret_if_needed \"gitlab-registry-secret\" --from-file=registry-auth.key=certs/registry-example-com.key --from-file=registry-auth.crt=certs/registry-example-com.crt\n\n# config/secrets.yaml\nif [ -n \"$env\" ]; then\n rails_secret=\"gitlab-rails-secret\"\n\n # Fetch the values from the existing secret if it exists\n if $(kubectl --namespace=$namespace get secret $rails_secret > /dev/null 2>&1); then\n kubectl --namespace=$namespace get secret $rails_secret -o jsonpath=\"{.data.secrets\\.yml}\" | base64 --decode > secrets.yml\n secret_key_base=$(fetch_rails_value secrets.yml \"${env}.secret_key_base\")\n otp_key_base=$(fetch_rails_value secrets.yml \"${env}.otp_key_base\")\n db_key_base=$(fetch_rails_value secrets.yml \"${env}.db_key_base\")\n openid_connect_signing_key=$(fetch_rails_value secrets.yml \"${env}.openid_connect_signing_key\")\n ci_jwt_signing_key=$(fetch_rails_value secrets.yml \"${env}.ci_jwt_signing_key\")\n encrypted_settings_key_base=$(fetch_rails_value secrets.yml \"${env}.encrypted_settings_key_base\")\n fi;\n\n # Generate defaults for any unset secrets\n secret_key_base=\"${secret_key_base:-$(gen_random 'a-f0-9' 128)}\" # equavilent to secureRandom.hex(64)\n otp_key_base=\"${otp_key_base:-$(gen_random 'a-f0-9' 128)}\" # equavilent to secureRandom.hex(64)\n db_key_base=\"${db_key_base:-$(gen_random 'a-f0-9' 128)}\" # equavilent to secureRandom.hex(64)\n openid_connect_signing_key=\"${openid_connect_signing_key:-$(openssl genrsa 2048)}\"\n ci_jwt_signing_key=\"${ci_jwt_signing_key:-$(openssl genrsa 2048)}\"\n encrypted_settings_key_base=\"${encrypted_settings_key_base:-$(gen_random 'a-f0-9' 128)}\" # equavilent to secureRandom.hex(64)\n\n # Update the existing secret\n cat << EOF > rails-secrets.yml\napiVersion: v1\nkind: Secret\nmetadata:\n name: $rails_secret\ntype: Opaque\nstringData:\n secrets.yml: |-\n $env:\n secret_key_base: $secret_key_base\n otp_key_base: $otp_key_base\n db_key_base: $db_key_base\n encrypted_settings_key_base: $encrypted_settings_key_base\n openid_connect_signing_key: |\n$(echo \"${openid_connect_signing_key}\" | awk '{print \" \" $0}')\n ci_jwt_signing_key: |\n$(echo \"${ci_jwt_signing_key}\" | awk '{print \" \" $0}')\nEOF\n kubectl --validate=false --namespace=$namespace apply -f rails-secrets.yml\n label_secret $rails_secret\nfi\n\n# Shell ssh host keys\nssh-keygen -A\nmkdir -p host_keys\ncp /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_ed25519_key.pub /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub host_keys/\ngenerate_secret_if_needed \"gitlab-gitlab-shell-host-keys\" --from-file host_keys\n\n# Gitlab-workhorse secret\ngenerate_secret_if_needed \"gitlab-gitlab-workhorse-secret\" --from-literal=\"shared_secret\"=$(gen_random 'a-zA-Z0-9' 32 | base64)\n\n# Registry http.secret secret\ngenerate_secret_if_needed \"gitlab-registry-httpsecret\" --from-literal=\"secret\"=$(gen_random 'a-z0-9' 128 | base64 -w 0)\n\n# Container Registry notification_secret\ngenerate_secret_if_needed \"gitlab-registry-notification\" --from-literal=\"secret\"=[\\\"$(gen_random 'a-zA-Z0-9' 32)\\\"]\n\n\n\n# Zoekt basic auth credentials\ngenerate_secret_if_needed gitlab-zoekt-basicauth --from-literal=gitlab_username=gitlab --from-literal=gitlab_password=$(gen_random 'a-zA-Z0-9' 64)\n"
+ generate-secrets: "# vim: set filetype=sh:\n\nnamespace=default\nrelease=gitlab\nenv=production\n\npushd $(mktemp -d)\n\n# Args pattern, length\nfunction gen_random(){\n head -c 4096 /dev/urandom | LC_CTYPE=C tr -cd $1 | head -c $2\n}\n\n# Args: yaml file, search path\nfunction fetch_rails_value(){\n local value=$(yq \".${2}\" $1)\n\n # Don't return null values\n if [ \"${value}\" != \"null\" ]; then echo \"${value}\"; fi\n}\n\n# Args: secretname\nfunction label_secret(){\n local secret_name=$1\n# Remove application labels if they exist\n kubectl --namespace=$namespace label \\\n secret $secret_name $(echo 'app.kubernetes.io/name=gitlab' | sed -E 's/=[^ ]*/-/g')\n\n kubectl --namespace=$namespace label \\\n --overwrite \\\n secret $secret_name app=gitlab chart=gitlab-8.1.0 release=gitlab heritage=Helm \n}\n\n# Args: secretname, args\nfunction generate_secret_if_needed(){\n local secret_args=( \"${@:2}\")\n local secret_name=$1\n\n if ! $(kubectl --namespace=$namespace get secret $secret_name > /dev/null 2>&1); then\n kubectl --namespace=$namespace create secret generic $secret_name ${secret_args[@]}\n else\n echo \"secret \\\"$secret_name\\\" already exists.\"\n\n for arg in \"${secret_args[@]}\"; do\n local from=$(echo -n ${arg} | cut -d '=' -f1)\n\n if [ -z \"${from##*literal*}\" ]; then\n local key=$(echo -n ${arg} | cut -d '=' -f2)\n local desiredValue=$(echo -n ${arg} | cut -d '=' -f3-)\n local flags=\"--namespace=$namespace --allow-missing-template-keys=false\"\n\n if ! $(kubectl $flags get secret $secret_name -ojsonpath=\"{.data.${key}}\" > /dev/null 2>&1); then\n echo \"key \\\"${key}\\\" does not exist. patching it in.\"\n\n if [ \"${desiredValue}\" != \"\" ]; then\n desiredValue=$(echo -n \"${desiredValue}\" | base64 -w 0)\n fi\n\n kubectl --namespace=$namespace patch secret ${secret_name} -p \"{\\\"data\\\":{\\\"$key\\\":\\\"${desiredValue}\\\"}}\"\n fi\n fi\n done\n fi\n\n label_secret $secret_name\n}\n\n# Initial root password\ngenerate_secret_if_needed \"gitlab-gitlab-initial-root-password\" --from-literal=\"password\"=$(gen_random 'a-zA-Z0-9' 64)\n\n\n# Redis password\ngenerate_secret_if_needed \"gitlab-redis-secret\" --from-literal=\"secret\"=$(gen_random 'a-zA-Z0-9' 64)\n\n\n# Postgres password\ngenerate_secret_if_needed \"gitlab-postgresql-password\" --from-literal=\"postgresql-password\"=$(gen_random 'a-zA-Z0-9' 64) --from-literal=postgresql-postgres-password=$(gen_random 'a-zA-Z0-9' 64)\n\n\n# Gitlab shell\ngenerate_secret_if_needed \"gitlab-gitlab-shell-secret\" --from-literal=\"secret\"=$(gen_random 'a-zA-Z0-9' 64)\n\n# Gitaly secret\ngenerate_secret_if_needed \"gitlab-gitaly-secret\" --from-literal=\"token\"=$(gen_random 'a-zA-Z0-9' 64)\n\n# Minio secret\ngenerate_secret_if_needed \"gitlab-minio-secret\" --from-literal=accesskey=$(gen_random 'a-zA-Z0-9' 64) --from-literal=secretkey=$(gen_random 'a-zA-Z0-9' 64)\n\n\n# Gitlab runner secret\ngenerate_secret_if_needed \"gitlab-gitlab-runner-secret\" --from-literal=runner-registration-token=$(gen_random 'a-zA-Z0-9' 64) --from-literal=runner-token=\"\"\n\n# GitLab Pages API secret\n\n\n# GitLab Pages auth secret for hashing cookie store when using access control\n\n\n# GitLab Pages OAuth secret\n\n\n\n\n# Gitlab-suggested-reviewers secret\ngenerate_secret_if_needed \"gitlab-gitlab-suggested-reviewers\" --from-literal=\"suggested_reviewers_secret\"=$(gen_random 'a-zA-Z0-9' 32 | base64)\n\n\n\n\n\n# Registry certificates\nmkdir -p certs\nopenssl req -new -newkey rsa:4096 -subj \"/CN=gitlab-issuer\" -nodes -x509 -keyout certs/registry-example-com.key -out certs/registry-example-com.crt -days 3650\ngenerate_secret_if_needed \"gitlab-registry-secret\" --from-file=registry-auth.key=certs/registry-example-com.key --from-file=registry-auth.crt=certs/registry-example-com.crt\n\n# config/secrets.yaml\nif [ -n \"$env\" ]; then\n rails_secret=\"gitlab-rails-secret\"\n\n # Fetch the values from the existing secret if it exists\n if $(kubectl --namespace=$namespace get secret $rails_secret > /dev/null 2>&1); then\n kubectl --namespace=$namespace get secret $rails_secret -o jsonpath=\"{.data.secrets\\.yml}\" | base64 --decode > secrets.yml\n secret_key_base=$(fetch_rails_value secrets.yml \"${env}.secret_key_base\")\n otp_key_base=$(fetch_rails_value secrets.yml \"${env}.otp_key_base\")\n db_key_base=$(fetch_rails_value secrets.yml \"${env}.db_key_base\")\n openid_connect_signing_key=$(fetch_rails_value secrets.yml \"${env}.openid_connect_signing_key\")\n ci_jwt_signing_key=$(fetch_rails_value secrets.yml \"${env}.ci_jwt_signing_key\")\n encrypted_settings_key_base=$(fetch_rails_value secrets.yml \"${env}.encrypted_settings_key_base\")\n fi;\n\n # Generate defaults for any unset secrets\n secret_key_base=\"${secret_key_base:-$(gen_random 'a-f0-9' 128)}\" # equavilent to secureRandom.hex(64)\n otp_key_base=\"${otp_key_base:-$(gen_random 'a-f0-9' 128)}\" # equavilent to secureRandom.hex(64)\n db_key_base=\"${db_key_base:-$(gen_random 'a-f0-9' 128)}\" # equavilent to secureRandom.hex(64)\n openid_connect_signing_key=\"${openid_connect_signing_key:-$(openssl genrsa 2048)}\"\n ci_jwt_signing_key=\"${ci_jwt_signing_key:-$(openssl genrsa 2048)}\"\n encrypted_settings_key_base=\"${encrypted_settings_key_base:-$(gen_random 'a-f0-9' 128)}\" # equavilent to secureRandom.hex(64)\n\n # Update the existing secret\n cat << EOF > rails-secrets.yml\napiVersion: v1\nkind: Secret\nmetadata:\n name: $rails_secret\ntype: Opaque\nstringData:\n secrets.yml: |-\n $env:\n secret_key_base: $secret_key_base\n otp_key_base: $otp_key_base\n db_key_base: $db_key_base\n encrypted_settings_key_base: $encrypted_settings_key_base\n openid_connect_signing_key: |\n$(echo \"${openid_connect_signing_key}\" | awk '{print \" \" $0}')\n ci_jwt_signing_key: |\n$(echo \"${ci_jwt_signing_key}\" | awk '{print \" \" $0}')\nEOF\n kubectl --validate=false --namespace=$namespace apply -f rails-secrets.yml\n label_secret $rails_secret\nfi\n\n# Shell ssh host keys\nssh-keygen -A\nmkdir -p host_keys\ncp /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_ed25519_key.pub /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub host_keys/\ngenerate_secret_if_needed \"gitlab-gitlab-shell-host-keys\" --from-file host_keys\n\n# Gitlab-workhorse secret\ngenerate_secret_if_needed \"gitlab-gitlab-workhorse-secret\" --from-literal=\"shared_secret\"=$(gen_random 'a-zA-Z0-9' 32 | base64)\n\n# Registry http.secret secret\ngenerate_secret_if_needed \"gitlab-registry-httpsecret\" --from-literal=\"secret\"=$(gen_random 'a-z0-9' 128 | base64 -w 0)\n\n# Container Registry notification_secret\ngenerate_secret_if_needed \"gitlab-registry-notification\" --from-literal=\"secret\"=[\\\"$(gen_random 'a-zA-Z0-9' 32)\\\"]\n\n\n\n# Zoekt basic auth credentials\ngenerate_secret_if_needed gitlab-zoekt-basicauth --from-literal=gitlab_username=gitlab --from-literal=gitlab_password=$(gen_random 'a-zA-Z0-9' 64)\n"
---
# Source: gitlab/templates/upgrade_check_hook.yaml
apiVersion: v1
@@ -4200,7 +4209,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: gitlab-webservice-test-runner-rok2h
+ name: gitlab-webservice-test-runner-a0y3c
namespace: default
annotations:
"helm.sh/hook": test
@@ -4212,7 +4221,7 @@
spec:
containers:
- name: test-runner
- image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v17.1.0
command: ['sh', '/tests/test_login']
volumeMounts:
- name: tests
@@ -4237,7 +4246,7 @@
apiVersion: batch/v1
kind: Job
metadata:
- name: gitlab-shared-secrets-7444b04
+ name: gitlab-shared-secrets-4ac6bf0
namespace: default
labels:
app: gitlab
@@ -4262,7 +4271,7 @@
restartPolicy: Never
containers:
- name: gitlab
- image: registry.gitlab.com/gitlab-org/build/cng/kubectl:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/kubectl:v17.1.0
command: ['/bin/bash', '/scripts/generate-secrets']
volumeMounts:
- name: scripts
@@ -4283,7 +4292,7 @@
apiVersion: batch/v1
kind: Job
metadata:
- name: gitlab-shared-secrets-7444b04-selfsign
+ name: gitlab-shared-secrets-4ac6bf0-selfsign
namespace: default
labels:
app: gitlab
@@ -4307,7 +4316,7 @@
restartPolicy: Never
initContainers:
- name: cfssl-self-sign
- image: registry.gitlab.com/gitlab-org/build/cng/cfssl-self-sign:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/cfssl-self-sign:v17.1.0
env:
- name: CA_SUBJECT
value: "GitLab Helm Chart" # defaults to GitLab in container
@@ -4333,11 +4342,11 @@
cpu: 50m
containers:
- name: kubectl
- image: registry.gitlab.com/gitlab-org/build/cng/kubectl:v17.0.2
+ image: registry.gitlab.com/gitlab-org/build/cng/kubectl:v17.1.0
command:
- /bin/bash
- -exc
- - "certname=gitlab-wildcard-tls\n# create wildcard certificate secret\nkubectl create secret tls $certname \\\n --cert=/output/wildcard.pem --key=/output/wildcard-key.pem || true\nkubectl --namespace=$namespace label \\\n secret $certname $(echo 'app.kubernetes.io/name=gitlab' | sed -E 's/=[^ ]*/-/g')\nkubectl --namespace=$namespace label --overwrite \\\n secret $certname app=gitlab chart=gitlab-8.0.2 release=gitlab heritage=Helm \n# create CA certificate secret\nkubectl create secret generic ${certname}-ca \\\n --from-file=cfssl_ca=/output/ca.pem || true\nkubectl --namespace=$namespace label \\\n secret ${certname}-ca $(echo 'app.kubernetes.io/name=gitlab' | sed -E 's/=[^ ]*/-/g')\nkubectl --namespace=$namespace label --overwrite \\\n secret ${certname}-ca app=gitlab chart=gitlab-8.0.2 release=gitlab heritage=Helm \n# create certificate chain for GitLab Runner\ncat /output/ca.pem /output/wildcard.pem > /tmp/git.${BASE_DOMAIN}.crt\nkubectl create secret generic ${certname}-chain \\\n --from-file=/tmp/git.${BASE_DOMAIN}.crt || true\nkubectl --namespace=$namespace label \\\n secret ${certname}-chain $(echo 'app.kubernetes.io/name=gitlab' | sed -E 's/=[^ ]*/-/g')\nkubectl --namespace=$namespace label --overwrite \\\n secret ${certname}-chain app=gitlab chart=gitlab-8.0.2 release=gitlab heritage=Helm \n"
+ - "certname=gitlab-wildcard-tls\n# create wildcard certificate secret\nkubectl create secret tls $certname \\\n --cert=/output/wildcard.pem --key=/output/wildcard-key.pem || true\nkubectl --namespace=$namespace label \\\n secret $certname $(echo 'app.kubernetes.io/name=gitlab' | sed -E 's/=[^ ]*/-/g')\nkubectl --namespace=$namespace label --overwrite \\\n secret $certname app=gitlab chart=gitlab-8.1.0 release=gitlab heritage=Helm \n# create CA certificate secret\nkubectl create secret generic ${certname}-ca \\\n --from-file=cfssl_ca=/output/ca.pem || true\nkubectl --namespace=$namespace label \\\n secret ${certname}-ca $(echo 'app.kubernetes.io/name=gitlab' | sed -E 's/=[^ ]*/-/g')\nkubectl --namespace=$namespace label --overwrite \\\n secret ${certname}-ca app=gitlab chart=gitlab-8.1.0 release=gitlab heritage=Helm \n# create certificate chain for GitLab Runner\ncat /output/ca.pem /output/wildcard.pem > /tmp/git.${BASE_DOMAIN}.crt\nkubectl create secret generic ${certname}-chain \\\n --from-file=/tmp/git.${BASE_DOMAIN}.crt || true\nkubectl --namespace=$namespace label \\\n secret ${certname}-chain $(echo 'app.kubernetes.io/name=gitlab' | sed -E 's/=[^ ]*/-/g')\nkubectl --namespace=$namespace label --overwrite \\\n secret ${certname}-chain app=gitlab chart=gitlab-8.1.0 release=gitlab heritage=Helm \n"
volumeMounts:
- name: certs-path
mountPath: /output
@@ -4376,13 +4385,13 @@
restartPolicy: Never
containers:
- name: run-check
- image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.0.2"
+ image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-base:v17.1.0"
command: ['/bin/sh', '/scripts/runcheck']
env:
- name: GITLAB_VERSION
- value: '17.0.2'
+ value: '17.1.0'
- name: CHART_VERSION
- value: '8.0.2'
+ value: '8.1.0'
volumeMounts:
- name: chart-info
mountPath: /chart-info |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
8.0.2->8.1.0Release Notes
gitlab-org/charts/gitlab (gitlab)
v8.1.0Compare Source
Added (6 changes)
Fixed (1 change)
Changed (11 changes)
Removed (1 change)
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.