v4 VS gitlab-foss

#!/bin/bash # list-tags.sh # List all Gitlab tags for a given project. # $CI_PROJECT_ID is a Gitlab pre-defined variable # $GITLAB_TOKEN is a project access token that needs to be # a defined CI/CD variable. GITLAB_API_URL="https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}" curl -k --header "PRIVATE-TOKEN: $GITLAB_TOKEN" "${GITLAB_API_URL}/repository/tags"

# ~/.npmrc @doppelmutzi:registry=https://gitlab.com/api/v4/projects//packages/npm/ //gitlab.com/api/v4/projects//packages/npm/:_authToken=

GITLAB_API_URL = "https://gitlab.com/api/v4" PRIVATE_TOKEN = "" NAMESPACE = "mycompany" PROJECT_NAME = "test-project"

import requests app = FastAPI() # GitLab API configuration GITLAB_API_URL = "https://gitlab.com/api/v4" PRIVATE_TOKEN = "" PROJECT_ID = "vinod827_1391/awesome" def grant_developer_access(username: str): # Get user details from GitLab user_url = f"{GITLAB_API_URL}/users?username={username}" response = requests.get(user_url, headers={"PRIVATE-TOKEN": PRIVATE_TOKEN}) user_data = response.json() if not user_data: raise HTTPException(status_code=404, detail=f"User {username} not found.") user_id = user_data[0]["id"] # Grant developer access to the project access_data = {"user_id": user_id, "access_level": 30} # 30 is the access level for developer access_url = f"{GITLAB_API_URL}/projects/{PROJECT_ID}/access_requests" response = requests.post(access_url, headers={"PRIVATE-TOKEN": PRIVATE_TOKEN}, json=access_data) print('response->', response) if response.status_code != 201: raise HTTPException(status_code=response.status_code, detail=response.text)

Invoke-RestMethod -Uri "https://gitlab.com/api/v4/projects/12345/repository/tags" -Headers $headers -Method POST -Body $jsonBody

Hello everyone i'm trying to install Librewolf on my M1 MBA running fedora39 with gnome on wayland, I downloaded librewolf's compressed archive from https://gitlab.com/api/v4/projects/44042130/packages/generic/librewolf/120.0.1-1/librewolf-120.0.1-1-linux-arm64-package.tar.bz2

repositories { maven { url "https://gitlab.com/api/v4/projects/PROJEC-ID/packages/maven" credentials(HttpHeaderCredentials) { name = "Private-Token" value = gitLabPrivateToken } authentication { header(HttpHeaderAuthentication) } } } }

Pagina da Gitlab: https://gitlab.com/api/v4/projects/44042130/packages/generic/librewolf/116.0-1/librewolf-116.0-1-windows-x86_64-setup.exe

.base: image: alpine:3.18 before_script: - echo "Project is $CI_PROJECT_NAME" script: - apk update - apk --no-cache add git openssl ca-certificates curl perl https://$GITLAB_USER_NAME:$SVC_ACCESS_TOKEN@$CI_SERVER_HOST/$CI_PROJECT_PATH.git - mkdir -p /usr/local/share/ca-certificates/extra - openssl s_client -connect ${CI_SERVER_HOST}:${CI_SERVER_PORT} -servername ${CI_SERVER_HOST} -showcerts /dev/null | sed -e '/-----BEGIN/,/-----END/!d' | tee "/usr/local/share/ca-certificates/${CI_SERVER_HOST}.crt" >/dev/null - update-ca-certificates - curl --location --output /usr/local/bin/release-cli "https://gitlab.com/api/v4/projects/gitlab-org%2Frelease-cli/packages/generic/release-cli/latest/release-cli-linux-amd64" - chmod +x /usr/local/bin/release-cli - release-cli -v Versioning: stage: Version extends: - .base script: - if [[ "$CI_COMMIT_BRANCH" == *"feature/"* ]]; then IMAGE_TAG="nightly" ; elif [ "$CI_COMMIT_BRANCH" == "develop" ]; then IMAGE_TAG="devel"; else echo "Master/Main branch"; fi - echo "Version found is ${IMAGE_TAG}" allow_failure: false rules: - if: '$CI_COMMIT_BRANCH =~ /^(develop|main|feature.*$)$/' artifacts: paths: - $IMAGE_TAG expire_in: 1 minute

image: name: hashicorp/terraform:1.5 entrypoint: - '/usr/bin/env' - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' stages: - Test and Lint - Build and Push - Staging Plan - Staging Apply - Staging Update App - Production Plan - Production Apply - Destroy before_script: - alias convert_report="jq -r '([.resource_changes[]?.change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'" - apk add openssh-client - eval $(ssh-agent -s) - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - - mkdir -p ~/.ssh - chmod 700 ~/.ssh - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa - ls ~/.ssh Test and Lint: image: docker:19.03.5 .............. Validate Terraform: stage: Test and Lint script: - echo "Validate Terraform" - cd deploy/ - terraform init --backend=false - terraform validate rules: - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /^(main|production)$/ || $CI_COMMIT_BRANCH =~ /^(main|production)$/' Build and Push: stage: Build and Push ............... Staging Plan: stage: Staging Plan script: - echo "Run Terraform Plan for Staging" - cd deploy/ - export TF_VAR_image_api=$CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA - export GITLAB_ACCESS_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXX - export STATE_NAME=Staging - terraform init -backend-config="address=https://gitlab.com/api/v4/projects/47021553/terraform/state/$STATE_NAME" -backend-config="lock_address=https://gitlab.com/api/v4/projects/47021553/terraform/state/$STATE_NAME/lock" -backend-config="unlock_address=https://gitlab.com/api/v4/projects/47021553/terraform/state/$STATE_NAME/lock" -backend-config="username=XXXXXXXXX" -backend-config="password=$GITLAB_ACCESS_TOKEN" -backend-config="lock_method=POST" -backend-config="unlock_method=DELETE" -backend-config="retry_wait_min=5" #- terraform workspace select staging || terraform workspace new staging - terraform plan rules: - if: '$CI_COMMIT_BRANCH =~ /^(main|production)$/' Staging Apply: stage: Staging Apply environment: name: Staging url: XXXXXXXXXXXXXXXXX on_stop: Staging Destroy script: - echo "Run Terraform Apply for Staging" - cd deploy/ - export TF_VAR_image_api=$CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA - export GITLAB_ACCESS_TOKEN=XXXXXXXXXXXXXXXXXXXXXXX - export STATE_NAME=Staging - terraform init -backend-config="address=https://gitlab.com/api/v4/projects/47021553/terraform/state/$STATE_NAME" -backend-config="lock_address=https://gitlab.com/api/v4/projects/47021553/terraform/state/$STATE_NAME/lock" -backend-config="unlock_address=https://gitlab.com/api/v4/projects/47021553/terraform/state/$STATE_NAME/lock" -backend-config="username=XXXXXXXXXXXXX" -backend-config="password=$GITLAB_ACCESS_TOKEN" -backend-config="lock_method=POST" -backend-config="unlock_method=DELETE" -backend-config="retry_wait_min=5" - terraform apply -auto-approve -input=false rules: - if: '$CI_COMMIT_BRANCH =~ /^(main|production)$/' Staging Update App: stage: Staging Update App ............... Production Plan: stage: Production Plan ............. Production Apply: stage: Production Apply .......... Staging Destroy: stage: Destroy ............... Production Destroy: stage: Destroy ...............

* Gitlab EE (enterprise edition) is closed, but Gitlab CE (community edition) is open source (https://gitlab.com/gitlab-org/gitlab-foss/)

* I didn't follow the Gitea drama too closely, but my understanding is that Forgejo was a fork born out of that situation

* I've heard the SourceHut guy is a controversial figure, so avoiding it because of that isn't unreasonable. I will just say that "spite forks" tend not to last very long

Gitlab uses an UrlBlocker class to prevent malicious users from exploiting SSRF via the webhook URL. This class validates the URL and blocks everything which is a local network, but before the 11.5.1 version, they didn't think about an IPv6 format, which maps to IPv4: [0:0:0:0:0:ffff:127.0.0.1]. Replacing the part of 127.0.0.1 to any IP address also worked, and this vulnerability made it possible to send requests to the internal network of a GitLab instance. You can read the issue report here: (https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53242 )[https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53242]

I recommend Auto DevOps and hooking your project up to the Kubernetes cluster. Auto DevOps is a standard CI/CD template that GitLab uses by default when .gitlab-ci.yml is not present. It can automatically package up certain types of applications, including those with a Dockerfile in the root of the repo. If the project is hooked up to a Kubernetes cluster and all the right variables are present, it builds that docker image and then fills in a Helm chart template containing that image and deploys it to the cluster.

Thanks. This was also requested for the UI 7 years ago

https://gitlab.com/gitlab-org/gitlab-foss/-/issues/12776

and then closed with the claim that this was implemented, when in fact, it was not.

Similar to fsync, these are designed to ensure data integrity, but in a test setup, they don't matter. You can read more about these in the Postgres doc on non-durability. and explore some benchmarks from Gitlab here. Interestingly, CircleCI's old Postgres images had these features disabled by default, but the newer ones don't seem to.

Most all of those things are possible with Argo Workflows or Tekton with very great effort. But a sustainable system with all the features built-in.

If you wish to clone a copy of GitLab without proprietary code, you can use the read-only mirror of GitLab located at https://gitlab.com/gitlab-org/gitlab-foss/. However, please do not submit any issues and/or merge requests to that project.

GitLab versions 10.7 and later, allow the HTTP(S) protocol for Git clone or fetch requests done by GitLab Runner from CI/CD jobs, even if you select Only SSH.

it sure does