Skip to content

WIP: A new version of gitlab (13.7.0) is available

FDO helm bot requested to merge upgrade-to-13.7.0 into master

current diff:

--- current-deployment.yaml
+++ future-deployment.yaml
@@ -60,7 +60,7 @@
   namespace: gitlab
   labels:
     app: gitaly
-    chart: gitaly-4.6.3
+    chart: gitaly-4.7.0
     release: gitlab-test
     heritage: Helm
 spec:
@@ -78,7 +78,7 @@
   namespace: gitlab
   labels:
     app: gitlab-shell
-    chart: gitlab-shell-4.6.3
+    chart: gitlab-shell-4.7.0
     release: gitlab-test
     heritage: Helm
 spec:
@@ -96,7 +96,7 @@
   namespace: gitlab
   labels:
     app: praefect
-    chart: praefect-4.6.3
+    chart: praefect-4.7.0
     release: gitlab-test
     heritage: Helm
 spec:
@@ -114,7 +114,7 @@
   namespace: gitlab
   labels:
     app: sidekiq
-    chart: sidekiq-4.6.3
+    chart: sidekiq-4.7.0
     release: gitlab-test
     heritage: Helm
 spec:
@@ -129,19 +129,22 @@
 apiVersion: policy/v1beta1
 kind: PodDisruptionBudget
 metadata:
-  name: gitlab-test-webservice
+  name: gitlab-test-webservice-default
   namespace: gitlab
   labels:
     app: webservice
-    chart: webservice-4.6.3
+    chart: webservice-4.7.0
     release: gitlab-test
     heritage: Helm
+    gitlab.com/webservice-name: default
 spec:
   maxUnavailable: 1
   selector:
     matchLabels:
       app: webservice
       release: gitlab-test
+      
+      gitlab.com/webservice-name: default
 ---
 # Source: gitlab/charts/minio/templates/pdb.yaml
 apiVersion: policy/v1beta1
@@ -166,20 +169,25 @@
 apiVersion: policy/v1beta1
 kind: PodDisruptionBudget
 metadata:
-  name: gitlab-test-nginx-ingress-controller-1
-  namespace: gitlab
   labels:
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
     component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: controller
+  name: gitlab-test-nginx-ingress-controller
 spec:
   selector:
     matchLabels:
-      app: nginx-ingress
-      release: gitlab-test
-      component: "controller"
+      app.kubernetes.io/name: nginx-ingress
+      app.kubernetes.io/instance: gitlab-test
+      app.kubernetes.io/component: controller
   minAvailable: 1
 ---
 # Source: gitlab/charts/registry/templates/pdb.yaml
@@ -252,17 +260,41 @@
   name: gitlab-test-grafana
   namespace: gitlab
 ---
-# Source: gitlab/charts/nginx-ingress/templates/serviceaccount.yaml
+# Source: gitlab/charts/nginx-ingress/templates/controller-serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
 metadata:
+  labels:
+    app: nginx-ingress
+    chart: nginx-ingress-3.11.1
+    release: gitlab-test
+    heritage: Helm
+    component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: controller
   name: gitlab-test-nginx-ingress
-  namespace: gitlab
+---
+# Source: gitlab/charts/nginx-ingress/templates/default-backend-serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
   labels:
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
+    component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: default-backend
+  name: gitlab-test-nginx-ingress-backend
 ---
 # Source: gitlab/charts/prometheus/templates/node-exporter-serviceaccount.yaml
 apiVersion: v1
@@ -350,7 +382,7 @@
   namespace: gitlab
   labels:
     app: gitaly
-    chart: gitaly-4.6.3
+    chart: gitaly-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -404,7 +436,7 @@
     # location of shared secret for GitLab Shell / API interaction
     secret_file = "/etc/gitlab-secrets/shell/.gitlab_shell_secret"
     # URL of API
-    url = "http://gitlab-test-webservice.gitlab.svc:8181/"
+    url = "http://gitlab-test-webservice-default.gitlab.svc:8181/"
 
     [gitlab.http-settings]
     # read_timeout = 300
@@ -427,7 +459,7 @@
   namespace: gitlab
   labels:
     app: gitlab-exporter
-    chart: gitlab-exporter-4.6.3
+    chart: gitlab-exporter-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -453,6 +485,9 @@
         rows_count:
           class_name: Database::RowCountProber
           <<: *db_common
+      database_bloat:
+        class_name: Database::BloatProber
+        <<: *db_common
 
       sidekiq: &sidekiq
         methods:
@@ -505,7 +540,7 @@
   labels:
     gitlab_grafana_datasource: "true"
     app: gitlab-grafana
-    chart: gitlab-grafana-4.6.3
+    chart: gitlab-grafana-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -531,7 +566,7 @@
   namespace: gitlab
   labels:
     app: gitlab-grafana
-    chart: gitlab-grafana-4.6.3
+    chart: gitlab-grafana-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -561,7 +596,7 @@
   namespace: gitlab
   labels:
     app: gitlab-shell
-    chart: gitlab-shell-4.6.3
+    chart: gitlab-shell-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -656,7 +691,6 @@
     #ClientAliveInterval 0
     #ClientAliveCountMax 3
     #UseDNS no
-    UsePrivilegeSeparation no
     PidFile /srv/sshd/sshd.pid
     #PermitTunnel no
     #ChrootDirectory none
@@ -721,7 +755,7 @@
   namespace: gitlab
   labels:
     app: gitlab-shell
-    chart: gitlab-shell-4.6.3
+    chart: gitlab-shell-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -748,7 +782,7 @@
     user: git
 
     # Url to gitlab instance. Used for api calls. Should end with a slash.
-    gitlab_url: "http://gitlab-test-webservice.gitlab.svc:8181/"
+    gitlab_url: "http://gitlab-test-webservice-default.gitlab.svc:8181/"
 
     secret_file: /etc/gitlab-secrets/shell/.gitlab_shell_secret
 
@@ -779,11 +813,11 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: gitlab-test-nginx-ingress-tcp
+  name: gitlab-test-ingress-nginx-tcp
   namespace: gitlab
   labels:
     app: gitlab-shell
-    chart: gitlab-shell-4.6.3
+    chart: gitlab-shell-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -797,7 +831,7 @@
   namespace: gitlab
   labels:
     app: migrations
-    chart: migrations-4.6.3
+    chart: migrations-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -813,6 +847,7 @@
       host: "gitlab-test-postgresql.gitlab.svc"
       port: 5432
       connect_timeout: 
+      application_name: 
       prepared_statements: false
       
       
@@ -841,7 +876,7 @@
         storages: # You must have at least a `default` storage path.
           default:
             path: /var/opt/gitlab/repo
-            gitaly_address: tcp://gitlab-test-praefect:8075
+            gitaly_address: tcp://gitlab-test-praefect.gitlab.svc:8075
       
   configure: |
     set -e
@@ -871,7 +906,7 @@
   namespace: gitlab
   labels:
     app: praefect
-    chart: praefect-4.6.3
+    chart: praefect-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -904,15 +939,15 @@
     name = 'default'
     [[virtual_storage.node]]
     storage = 'gitlab-test-gitaly-0'
-    address = 'tcp://gitlab-test-gitaly-0.gitlab-test-gitaly:8075'
+    address = 'tcp://gitlab-test-gitaly-0.gitlab-test-gitaly.gitlab.svc:8075'
     token = "<%= gitaly_token %>"
     [[virtual_storage.node]]
     storage = 'gitlab-test-gitaly-1'
-    address = 'tcp://gitlab-test-gitaly-1.gitlab-test-gitaly:8075'
+    address = 'tcp://gitlab-test-gitaly-1.gitlab-test-gitaly.gitlab.svc:8075'
     token = "<%= gitaly_token %>"
     [[virtual_storage.node]]
     storage = 'gitlab-test-gitaly-2'
-    address = 'tcp://gitlab-test-gitaly-2.gitlab-test-gitaly:8075'
+    address = 'tcp://gitlab-test-gitaly-2.gitlab-test-gitaly.gitlab.svc:8075'
     token = "<%= gitaly_token %>"
 
     [database]
@@ -931,7 +966,7 @@
   namespace: gitlab
   labels:
     app: praefect
-    chart: praefect-4.6.3
+    chart: praefect-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -951,7 +986,7 @@
   namespace: gitlab
   labels:
     app: sidekiq
-    chart: sidekiq-4.6.3
+    chart: sidekiq-4.7.0
     release: gitlab-test
     heritage: Helm
     queue_pod_name: native-chart
@@ -976,7 +1011,7 @@
   namespace: gitlab
   labels:
     app: sidekiq
-    chart: sidekiq-4.6.3
+    chart: sidekiq-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -992,6 +1027,7 @@
       host: "gitlab-test-postgresql.gitlab.svc"
       port: 5432
       connect_timeout: 
+      application_name: 
       prepared_statements: false
       
       
@@ -1046,55 +1082,79 @@
         
         
         
-
-      # Consolidated object storage configuration
-      ## property local configuration will override object_store
-      object_store:
-        enabled: true
-        direct_upload: true
-        background_upload: false
-        proxy_download: true 
-        connection:
-          provider: AWS
-          region: us-east-1
-          host: minio.test.freedesktop.org
-          endpoint: http://gitlab-test-minio-svc.gitlab.svc:9000
-          path_style: true
-          aws_access_key_id: "<%= File.read('/etc/gitlab/minio/accesskey').strip.dump[1..-2] %>"
-          aws_secret_access_key: "<%= File.read('/etc/gitlab/minio/secretkey').strip.dump[1..-2] %>"
-        objects:
-          artifacts:
-            bucket: gitlab-artifacts
-          lfs:
-            bucket: git-lfs
-          uploads:
-            bucket: gitlab-uploads
-          packages:
-            bucket: gitlab-packages
-          external_diffs:
-            bucket: gitlab-mr-diffs
-          terraform_state:
-            bucket: gitlab-terraform-state
-          dependency_proxy:
-            bucket: gitlab-dependency-proxy
-          pages:
-            bucket: fdo-gitlab-pages
-      # Individual object storage backed feature properties configuration
       artifacts:
         enabled: true
+        object_store:
+          enabled: true
+          remote_directory: gitlab-artifacts
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
+          connection:
+            provider: AWS
+            region: us-east-1
+            host: minio.test.freedesktop.org
+            endpoint: http://gitlab-test-minio-svc.gitlab.svc:9000
+            path_style: true
+            aws_access_key_id: "<%= File.read('/etc/gitlab/minio/accesskey').strip.dump[1..-2] %>"
+            aws_secret_access_key: "<%= File.read('/etc/gitlab/minio/secretkey').strip.dump[1..-2] %>"
       lfs:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: git-lfs
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       uploads:
         enabled: true
+        object_store:
+          enabled: true
+          remote_directory: gitlab-uploads
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
+          connection:
+            provider: AWS
+            region: us-east-1
+            host: minio.test.freedesktop.org
+            endpoint: http://gitlab-test-minio-svc.gitlab.svc:9000
+            path_style: true
+            aws_access_key_id: "<%= File.read('/etc/gitlab/minio/accesskey').strip.dump[1..-2] %>"
+            aws_secret_access_key: "<%= File.read('/etc/gitlab/minio/secretkey').strip.dump[1..-2] %>"
       packages:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: gitlab-packages
+          direct_upload: true
+          background_upload: false
+          proxy_download: false
       external_diffs:
-        enabled: 
+        enabled: false
         when: 
+        object_store:
+          enabled: false
+          remote_directory: gitlab-mr-diffs
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       terraform_state:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: gitlab-terraform-state
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       dependency_proxy:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: gitlab-dependency-proxy
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       pseudonymizer:
         manifest: config/pseudonymizer.yml
         upload:
@@ -1159,7 +1219,7 @@
         storages: # You must have at least a `default` storage path.
           default:
             path: /var/opt/gitlab/repo
-            gitaly_address: tcp://gitlab-test-praefect:8075
+            gitaly_address: tcp://gitlab-test-praefect.gitlab.svc:8075
       backup:
         path: "tmp/backups"   # Relative paths are relative to Rails.root (default: tmp/backups/)
       
@@ -1209,7 +1269,7 @@
   namespace: gitlab
   labels:
     app: task-runner
-    chart: task-runner-4.6.3
+    chart: task-runner-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -1223,6 +1283,7 @@
       host: "gitlab-test-postgresql.gitlab.svc"
       port: 5432
       connect_timeout: 
+      application_name: 
       prepared_statements: false
       
       
@@ -1270,55 +1331,79 @@
         email_reply_to: "noreply@test.freedesktop.org"
         email_subject_suffix: ""
       
-
-      # Consolidated object storage configuration
-      ## property local configuration will override object_store
-      object_store:
-        enabled: true
-        direct_upload: true
-        background_upload: false
-        proxy_download: true 
-        connection:
-          provider: AWS
-          region: us-east-1
-          host: minio.test.freedesktop.org
-          endpoint: http://gitlab-test-minio-svc.gitlab.svc:9000
-          path_style: true
-          aws_access_key_id: "<%= File.read('/etc/gitlab/minio/accesskey').strip.dump[1..-2] %>"
-          aws_secret_access_key: "<%= File.read('/etc/gitlab/minio/secretkey').strip.dump[1..-2] %>"
-        objects:
-          artifacts:
-            bucket: gitlab-artifacts
-          lfs:
-            bucket: git-lfs
-          uploads:
-            bucket: gitlab-uploads
-          packages:
-            bucket: gitlab-packages
-          external_diffs:
-            bucket: gitlab-mr-diffs
-          terraform_state:
-            bucket: gitlab-terraform-state
-          dependency_proxy:
-            bucket: gitlab-dependency-proxy
-          pages:
-            bucket: fdo-gitlab-pages
-      # Individual object storage backed feature properties configuration
       artifacts:
         enabled: true
+        object_store:
+          enabled: true
+          remote_directory: gitlab-artifacts
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
+          connection:
+            provider: AWS
+            region: us-east-1
+            host: minio.test.freedesktop.org
+            endpoint: http://gitlab-test-minio-svc.gitlab.svc:9000
+            path_style: true
+            aws_access_key_id: "<%= File.read('/etc/gitlab/minio/accesskey').strip.dump[1..-2] %>"
+            aws_secret_access_key: "<%= File.read('/etc/gitlab/minio/secretkey').strip.dump[1..-2] %>"
       lfs:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: git-lfs
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       uploads:
         enabled: true
+        object_store:
+          enabled: true
+          remote_directory: gitlab-uploads
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
+          connection:
+            provider: AWS
+            region: us-east-1
+            host: minio.test.freedesktop.org
+            endpoint: http://gitlab-test-minio-svc.gitlab.svc:9000
+            path_style: true
+            aws_access_key_id: "<%= File.read('/etc/gitlab/minio/accesskey').strip.dump[1..-2] %>"
+            aws_secret_access_key: "<%= File.read('/etc/gitlab/minio/secretkey').strip.dump[1..-2] %>"
       packages:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: gitlab-packages
+          direct_upload: true
+          background_upload: false
+          proxy_download: false
       external_diffs:
-        enabled: 
+        enabled: false
         when: 
+        object_store:
+          enabled: false
+          remote_directory: gitlab-mr-diffs
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       terraform_state:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: gitlab-terraform-state
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       dependency_proxy:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: gitlab-dependency-proxy
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       pseudonymizer:
         manifest: config/pseudonymizer.yml
         upload:
@@ -1378,7 +1463,7 @@
         storages: # You must have at least a `default` storage path.
           default:
             path: /var/opt/gitlab/repo
-            gitaly_address: tcp://gitlab-test-praefect:8075
+            gitaly_address: tcp://gitlab-test-praefect.gitlab.svc:8075
       backup:
         path: "tmp/backups"   # Relative paths are relative to Rails.root (default: tmp/backups/)
       
@@ -1432,7 +1517,7 @@
   namespace: gitlab
   labels:
     app: webservice
-    chart: webservice-4.6.3
+    chart: webservice-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -1448,6 +1533,7 @@
       host: "gitlab-test-postgresql.gitlab.svc"
       port: 5432
       connect_timeout: 
+      application_name: 
       prepared_statements: false
       
       
@@ -1502,54 +1588,79 @@
         
         
         
-      # Consolidated object storage configuration
-      ## property local configuration will override object_store
-      object_store:
-        enabled: true
-        direct_upload: true
-        background_upload: false
-        proxy_download: true 
-        connection:
-          provider: AWS
-          region: us-east-1
-          host: minio.test.freedesktop.org
-          endpoint: http://gitlab-test-minio-svc.gitlab.svc:9000
-          path_style: true
-          aws_access_key_id: "<%= File.read('/etc/gitlab/minio/accesskey').strip.dump[1..-2] %>"
-          aws_secret_access_key: "<%= File.read('/etc/gitlab/minio/secretkey').strip.dump[1..-2] %>"
-        objects:
-          artifacts:
-            bucket: gitlab-artifacts
-          lfs:
-            bucket: git-lfs
-          uploads:
-            bucket: gitlab-uploads
-          packages:
-            bucket: gitlab-packages
-          external_diffs:
-            bucket: gitlab-mr-diffs
-          terraform_state:
-            bucket: gitlab-terraform-state
-          dependency_proxy:
-            bucket: gitlab-dependency-proxy
-          pages:
-            bucket: fdo-gitlab-pages
-      # Individual object storage backed feature properties configuration
       artifacts:
         enabled: true
+        object_store:
+          enabled: true
+          remote_directory: gitlab-artifacts
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
+          connection:
+            provider: AWS
+            region: us-east-1
+            host: minio.test.freedesktop.org
+            endpoint: http://gitlab-test-minio-svc.gitlab.svc:9000
+            path_style: true
+            aws_access_key_id: "<%= File.read('/etc/gitlab/minio/accesskey').strip.dump[1..-2] %>"
+            aws_secret_access_key: "<%= File.read('/etc/gitlab/minio/secretkey').strip.dump[1..-2] %>"
       lfs:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: git-lfs
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       uploads:
         enabled: true
+        object_store:
+          enabled: true
+          remote_directory: gitlab-uploads
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
+          connection:
+            provider: AWS
+            region: us-east-1
+            host: minio.test.freedesktop.org
+            endpoint: http://gitlab-test-minio-svc.gitlab.svc:9000
+            path_style: true
+            aws_access_key_id: "<%= File.read('/etc/gitlab/minio/accesskey').strip.dump[1..-2] %>"
+            aws_secret_access_key: "<%= File.read('/etc/gitlab/minio/secretkey').strip.dump[1..-2] %>"
       packages:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: gitlab-packages
+          direct_upload: true
+          background_upload: false
+          proxy_download: false
       external_diffs:
-        enabled: 
+        enabled: false
         when: 
+        object_store:
+          enabled: false
+          remote_directory: gitlab-mr-diffs
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       terraform_state:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: gitlab-terraform-state
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       dependency_proxy:
         enabled: false
+        object_store:
+          enabled: false
+          remote_directory: gitlab-dependency-proxy
+          direct_upload: true
+          background_upload: false
+          proxy_download: true
       
       sentry:
         enabled: false
@@ -1595,7 +1706,7 @@
         storages: # You must have at least a `default` storage path.
           default:
             path: /var/opt/gitlab/repo
-            gitaly_address: tcp://gitlab-test-praefect:8075
+            gitaly_address: tcp://gitlab-test-praefect.gitlab.svc:8075
       backup:
         path: "tmp/backups"   # Relative paths are relative to Rails.root (default: tmp/backups/)
       
@@ -1661,7 +1772,7 @@
   namespace: gitlab
   labels:
     app: webservice
-    chart: webservice-4.6.3
+    chart: webservice-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -1911,6 +2022,7 @@
     createBucket gitlab-mr-diffs none false
     createBucket gitlab-terraform-state none false
     createBucket gitlab-dependency-proxy none false
+    createBucket gitlab-pages none false
     
   configure: |-
     sed -e 's@ACCESS_KEY@'"$(cat /config/accesskey)"'@' -e 's@SECRET_KEY@'"$(cat /config/secretkey)"'@' /config/config.json > /minio/config.json
@@ -2040,22 +2152,47 @@
     }
 # Blank line to signal end of Block
 ---
+# Source: gitlab/charts/nginx-ingress/templates/controller-configmap-addheaders.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    app: nginx-ingress
+    chart: nginx-ingress-3.11.1
+    release: gitlab-test
+    heritage: Helm
+    component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: controller
+  name: gitlab-test-nginx-ingress-custom-add-headers
+data: 
+  Referrer-Policy: strict-origin-when-cross-origin
+---
 # Source: gitlab/charts/nginx-ingress/templates/controller-configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: gitlab-test-nginx-ingress-controller
-  namespace: gitlab
   labels:
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
     component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: controller
+  name: gitlab-test-nginx-ingress-controller
 data:
-  enable-vts-status: "true"
-  proxy-set-headers: gitlab/gitlab-test-nginx-ingress-custom-headers
-  enable-vts-status: "true"
+  add-headers: gitlab/gitlab-test-nginx-ingress-custom-add-headers
+  
+  hsts: "false"
   hsts-include-subdomains: "false"
   log-format-stream: $remote_addr - [$time_local] TCP
   log-format-upstream: $remote_addr - $remote_user [$time_local] "$request" $status
@@ -2064,25 +2201,10 @@
     $upstream_response_time $upstream_status $req_id
   server-name-hash-bucket-size: "256"
   server-tokens: "false"
-  ssl-ciphers: ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
+  ssl-ciphers: ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
   ssl-protocols: TLSv1.3 TLSv1.2
   use-http2: "true"
 ---
-# Source: gitlab/charts/nginx-ingress/templates/headers-configmap.yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: gitlab-test-nginx-ingress-custom-headers
-  namespace: gitlab
-  labels:
-    app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
-    release: gitlab-test
-    heritage: Helm
-    component: "controller"
-data:
-  Referrer-Policy: strict-origin-when-cross-origin
----
 # Source: gitlab/charts/postgresql/templates/extended-config-configmap.yaml
 apiVersion: v1
 kind: ConfigMap
@@ -2477,12 +2599,12 @@
   namespace: gitlab
   labels:
     app: gitlab
-    chart: gitlab-4.6.3
+    chart: gitlab-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
-  gitlabVersion: "13.6.3"
-  gitlabChartVersion: "4.6.3"
+  gitlabVersion: "13.7.0"
+  gitlabChartVersion: "4.7.0"
 ---
 # Source: gitlab/templates/initdb-configmap.yaml
 apiVersion: v1
@@ -2492,7 +2614,7 @@
   namespace: gitlab
   labels:
     app: gitlab
-    chart: gitlab-4.6.3
+    chart: gitlab-4.7.0
     release: gitlab-test
     heritage: Helm
 data:
@@ -10614,17 +10736,23 @@
   verbs:          ['use']
   resourceNames:  [gitlab-test-grafana]
 ---
-# Source: gitlab/charts/nginx-ingress/templates/role.yaml
+# Source: gitlab/charts/nginx-ingress/templates/controller-role.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: gitlab-test-nginx-ingress
-  namespace: gitlab
   labels:
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
+    component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: controller
+  name: gitlab-test-nginx-ingress
 rules:
   - apiGroups:
       - ""
@@ -10654,6 +10782,7 @@
       - watch
   - apiGroups:
       - extensions
+      - "networking.k8s.io" # k8s 1.14+
     resources:
       - ingresses
     verbs:
@@ -10662,11 +10791,20 @@
       - watch
   - apiGroups:
       - extensions
+      - "networking.k8s.io" # k8s 1.14+
     resources:
       - ingresses/status
     verbs:
       - update
   - apiGroups:
+      - "networking.k8s.io" # k8s 1.14+
+    resources:
+      - ingressclasses
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
       - ""
     resources:
       - configmaps
@@ -10737,17 +10875,23 @@
   name: gitlab-test-grafana
   namespace: gitlab
 ---
-# Source: gitlab/charts/nginx-ingress/templates/rolebinding.yaml
+# Source: gitlab/charts/nginx-ingress/templates/controller-rolebinding.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: gitlab-test-nginx-ingress
-  namespace: gitlab
   labels:
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
+    component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: controller
+  name: gitlab-test-nginx-ingress
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
@@ -10787,7 +10931,7 @@
   namespace: gitlab
   labels:
     app: gitaly
-    chart: gitaly-4.6.3
+    chart: gitaly-4.7.0
     release: gitlab-test
     heritage: Helm
     
@@ -10818,7 +10962,7 @@
   namespace: gitlab
   labels:
     app: gitlab-exporter
-    chart: gitlab-exporter-4.6.3
+    chart: gitlab-exporter-4.7.0
     release: gitlab-test
     heritage: Helm
     
@@ -10843,7 +10987,7 @@
   namespace: gitlab
   labels:
     app: gitlab-shell
-    chart: gitlab-shell-4.6.3
+    chart: gitlab-shell-4.7.0
     release: gitlab-test
     heritage: Helm
     
@@ -10868,10 +11012,13 @@
   namespace: gitlab
   labels:
     app: praefect
-    chart: praefect-4.6.3
+    chart: praefect-4.7.0
     release: gitlab-test
     heritage: Helm
+    
   annotations:
+    gitlab.com/prometheus_scrape: "true"
+    gitlab.com/prometheus_port: ""
     prometheus.io/scrape: "true"
     prometheus.io/port: ""
     
@@ -10879,7 +11026,7 @@
   type: ClusterIP
   clusterIP: None
   ports:
-  - name: gitlab-test-praefect
+  - name: praefect
     port: 8075
     protocol: TCP
     targetPort: 8075
@@ -10895,14 +11042,15 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: gitlab-test-webservice
+  name: gitlab-test-webservice-default
   namespace: gitlab
   labels:
     app: webservice
-    chart: webservice-4.6.3
+    chart: webservice-4.7.0
     release: gitlab-test
     heritage: Helm
     
+    gitlab.com/webservice-name: default
   annotations:
     
 spec:
@@ -10919,6 +11067,8 @@
   selector:
     app: webservice
     release: gitlab-test
+    
+    gitlab.com/webservice-name: default
 ---
 # Source: gitlab/charts/grafana/templates/service.yaml
 apiVersion: v1
@@ -10968,25 +11118,30 @@
       targetPort: 9000
       protocol: TCP
 ---
-# Source: gitlab/charts/nginx-ingress/templates/controller-metrics-service.yaml
+# Source: gitlab/charts/nginx-ingress/templates/controller-service-metrics.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: gitlab-test-nginx-ingress-controller-metrics
-  namespace: gitlab
-  annotations:
+  annotations: 
     gitlab.com/prometheus_port: "10254"
     gitlab.com/prometheus_scrape: "true"
     prometheus.io/port: "10254"
     prometheus.io/scrape: "true"
   labels:
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
     component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: controller
+  name: gitlab-test-nginx-ingress-controller-metrics
 spec:
-  
+  type: ClusterIP
   ports:
     - name: metrics
       port: 9913
@@ -10995,23 +11150,28 @@
     app: nginx-ingress
     component: "controller"
     release: gitlab-test
-  type: "ClusterIP"
 ---
 # Source: gitlab/charts/nginx-ingress/templates/controller-service.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: gitlab-test-nginx-ingress-controller
-  namespace: gitlab
+  annotations:
   labels:
-    component: "controller"
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
+    component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: controller
+  name: gitlab-test-nginx-ingress-controller
 spec:
-  
-  externalTrafficPolicy: "Local"
+  type: LoadBalancer
+  externalTrafficPolicy: Local
   ports:
     - name: http
       port: 80
@@ -11029,46 +11189,26 @@
     app: nginx-ingress
     component: "controller"
     release: gitlab-test
-  type: "LoadBalancer"
 ---
-# Source: gitlab/charts/nginx-ingress/templates/controller-stats-service.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: gitlab-test-nginx-ingress-controller-stats
-  namespace: gitlab
-  labels:
-    app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
-    release: gitlab-test
-    heritage: Helm
-    component: "controller"
-spec:
-  
-  ports:
-    - name: stats
-      port: 18080
-      targetPort: stats
-  selector:
-    app: nginx-ingress
-    component: "controller"
-    release: gitlab-test
-  type: "ClusterIP"
----
 # Source: gitlab/charts/nginx-ingress/templates/default-backend-service.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: gitlab-test-nginx-ingress-default-backend
-  namespace: gitlab
   labels:
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
     component: "default-backend"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: default-backend
+  name: gitlab-test-nginx-ingress-default-backend
 spec:
-  
+  type: ClusterIP
   ports:
     - name: http
       port: 80
@@ -11078,7 +11218,6 @@
     app: nginx-ingress
     component: "default-backend"
     release: gitlab-test
-  type: "ClusterIP"
 ---
 # Source: gitlab/charts/postgresql/templates/metrics-svc.yaml
 apiVersion: v1
@@ -11452,7 +11591,7 @@
   namespace: gitlab
   labels:
     app: gitlab-exporter
-    chart: gitlab-exporter-4.6.3
+    chart: gitlab-exporter-4.7.0
     release: gitlab-test
     heritage: Helm
   annotations:
@@ -11470,7 +11609,7 @@
         release: gitlab-test
         
       annotations:
-        checksum/config: 52ae736ec6da6c5ec7aadb9f20d2db9f5887fbc6e6bcfbf46fafdc48a579582c
+        checksum/config: 4975969dae5c8d0fb4b939f917b06c6792155c218e6adef9db3fd494740b7da8
         gitlab.com/prometheus_path: /metrics
         gitlab.com/prometheus_port: "9168"
         gitlab.com/prometheus_scrape: "true"
@@ -11530,7 +11669,7 @@
       containers:
         
         - name: gitlab-exporter
-          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-exporter:7.0.6"
+          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-exporter:7.1.2"
           
           env:
             - name: CONFIG_TEMPLATE_DIRECTORY
@@ -11609,7 +11748,7 @@
   namespace: gitlab
   labels:
     app: gitlab-shell
-    chart: gitlab-shell-4.6.3
+    chart: gitlab-shell-4.7.0
     release: gitlab-test
     heritage: Helm
   annotations:
@@ -11626,8 +11765,8 @@
         release: gitlab-test
         
       annotations:
-        checksum/config: a327e229a91437a623be134acb3bde77ebf5b7f5afc469fdc1ec45ffed4342a5
-        checksum/config-sshd: ce88b8f00a9271dc869dfc296a26ff75edb7472693a9a31d37fd60744c620063
+        checksum/config: 48426d836caef69f2353c71b2db9211041a8be95351e3b2517feea770143f0fe
+        checksum/config-sshd: b9fc175b0dee8b833637a0798270d7c12f42f6e0123db87088ed66562f041fad
         cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
     spec:
       initContainers:
@@ -11680,7 +11819,7 @@
       containers:
         
         - name: gitlab-shell
-          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-shell:v13.13.0"
+          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-shell:v13.14.0"
           
           ports:
             - containerPort: 2222
@@ -11766,7 +11905,7 @@
   namespace: gitlab
   labels:
     app: sidekiq
-    chart: sidekiq-4.6.3
+    chart: sidekiq-4.7.0
     release: gitlab-test
     heritage: Helm
     queue-pod-name: native-chart
@@ -11786,9 +11925,9 @@
         queue-pod-name: native-chart
         
       annotations:
-        checksum/configmap: a6dbd36d4f347b60b9592542b4f9ba583c3ad0daf682228a7c48260c445c6abd
+        checksum/configmap: 86fd2be6211b76f61f8d8b70f0050f7528c07a8c3d695586cc282248c77f97b9
         cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
-        checksum/configmap-pod: d82173817f4f43c2eb77862582fda5be5c38ffb71816a11eb394a69746d96737
+        checksum/configmap-pod: a250d2132340391751d888d17e46338faa2cbdfc93c97e3c576dcd3fe6f952a5
         co.elastic.logs/json.add_error_key: "true"
         co.elastic.logs/json.keys_under_root: "false"
         gitlab.com/prometheus_port: "3807"
@@ -11847,7 +11986,7 @@
             requests:
               cpu: 50m
         - name: dependencies
-          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce:v13.6.3"
+          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce:v13.7.0"
           
           args:
             - /scripts/wait-for-deps
@@ -11884,7 +12023,7 @@
       containers:
         
         - name: sidekiq
-          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce:v13.6.3"
+          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce:v13.7.0"
           
           env:
             - name: prometheus_multiproc_dir
@@ -12045,6 +12184,7 @@
           # mount secret for external_diffs
           # mount secret for terraform_state
           # mount secret for dependency_proxy
+          # mount secret for pages
           # mount secret for pseudonymizer
           # mount secrets for LDAP
           
@@ -12064,7 +12204,7 @@
   namespace: gitlab
   labels:
     app: task-runner
-    chart: task-runner-4.6.3
+    chart: task-runner-4.7.0
     release: gitlab-test
     heritage: Helm
   annotations:
@@ -12085,7 +12225,7 @@
         release: gitlab-test
         
       annotations:
-        checksum/config: ea3f8e3e89208bff01f0f25c9667fd2522858ab2fef19fda966c4d49f4b468c7
+        checksum/config: 6191de71356d55021142a9426d09a6a561f54971fab731f3620c13d89d345520
         cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
     spec:
       securityContext:
@@ -12144,7 +12284,7 @@
             - /bin/bash
             - -c
             - sh /var/opt/gitlab/templates/configure-gsutil && while sleep 3600; do :; done
-          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-task-runner-ce:v13.6.3"
+          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-task-runner-ce:v13.7.0"
           
           env:
             - name: ARTIFACTS_BUCKET_NAME
@@ -12282,6 +12422,7 @@
           # mount secret for external_diffs
           # mount secret for terraform_state
           # mount secret for dependency_proxy
+          # mount secret for pages
           # mount secret for pseudonymizer
           # mount secrets for LDAP
           
@@ -12297,29 +12438,33 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: gitlab-test-webservice
+  name: gitlab-test-webservice-default
   namespace: gitlab
   labels:
     app: webservice
-    chart: webservice-4.6.3
+    chart: webservice-4.7.0
     release: gitlab-test
     heritage: Helm
+    gitlab.com/webservice-name: default
   annotations:
     
 spec:
-  replicas: 
+  replicas: 2
   selector:
     matchLabels:
       app: webservice
       release: gitlab-test
+      
+      gitlab.com/webservice-name: default
   template:
     metadata:
       labels:
         app: webservice
         release: gitlab-test
         
+        gitlab.com/webservice-name: default
       annotations:
-        checksum/config: a1363ded74c225aa13fa8faa00b8bd5b149f0765cff6758f7d193ebbb6438998
+        checksum/config: 1311f743505f8071025bf34f5a7a26c9f8e955a434b566b4e5385999fd0c636d
         cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
         co.elastic.logs/json.add_error_key: "true"
         co.elastic.logs/json.keys_under_root: "false"
@@ -12343,6 +12488,7 @@
                 matchLabels:
                   app: webservice
                   release: gitlab-test
+                  gitlab.com/webservice-name: default
       initContainers:
         
         
@@ -12363,7 +12509,7 @@
           args: [ '-c', 'sh -x /config-webservice/configure ; sh -x /config-workhorse/configure ; mkdir -p -m 3770 /tmp/gitlab']
           image: "busybox:latest"
           env:
-          
+            
           volumeMounts:
           
           
@@ -12390,7 +12536,7 @@
             requests:
               cpu: 50m
         - name: dependencies
-          image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v13.6.3
+          image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v13.7.0
           
           args:
             - /scripts/wait-for-deps
@@ -12423,7 +12569,7 @@
       containers:
         
         - name: webservice
-          image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v13.6.3
+          image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v13.7.0
           
           ports:
             - containerPort: 8080
@@ -12517,7 +12663,7 @@
               cpu: 300m
               memory: 2.5G
         - name: gitlab-workhorse
-          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-workhorse-ce:v13.6.3"
+          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-workhorse-ce:v13.7.0"
           
           ports:
             - containerPort: 8181
@@ -12655,6 +12801,7 @@
           # mount secret for external_diffs
           # mount secret for terraform_state
           # mount secret for dependency_proxy
+          # mount secret for pages
           # mount secrets for LDAP
           
       - name: webservice-secrets
@@ -12913,27 +13060,30 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: gitlab-test-nginx-ingress-controller
-  namespace: gitlab
   labels:
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
     component: "controller"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: controller
+  name: gitlab-test-nginx-ingress-controller
   annotations:
     
 spec:
-  replicas: 2
-  revisionHistoryLimit: 10
-  strategy:
-    {}
-  minReadySeconds: 0
   selector:
     matchLabels:
       app: nginx-ingress
       component: "controller"
       release: gitlab-test
+  replicas: 2
+  revisionHistoryLimit: 10
+  minReadySeconds: 0
   template:
     metadata:
       annotations:
@@ -12945,27 +13095,32 @@
     spec:
       dnsPolicy: ClusterFirst
       containers:
-        - name: nginx-ingress-controller
-          image: "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.21.0"
-          imagePullPolicy: "IfNotPresent"
+        - name: controller
+          image: "k8s.gcr.io/ingress-nginx/controller:v0.41.2@sha256:1f4f402b9c14f3ae92b11ada1dfe9893a88f0faeb0b2f4b903e2c67a0c3bf0de"
+          imagePullPolicy: IfNotPresent
+          lifecycle: 
+            preStop:
+              exec:
+                command:
+                - /wait-shutdown
           args:
             - /nginx-ingress-controller
-            - --default-backend-service=gitlab/gitlab-test-nginx-ingress-default-backend
-            - --publish-service=gitlab/gitlab-test-nginx-ingress-controller
+            - --default-backend-service=$(POD_NAMESPACE)/gitlab-test-nginx-ingress-default-backend
+            - --publish-service=$(POD_NAMESPACE)/gitlab-test-nginx-ingress-controller
             - --election-id=ingress-controller-leader
             - --ingress-class=nginx
-            - --configmap=gitlab/gitlab-test-nginx-ingress-controller
-            - --tcp-services-configmap=gitlab/gitlab-test-nginx-ingress-tcp
-            - --watch-namespace=gitlab
+            - --configmap=$(POD_NAMESPACE)/gitlab-test-nginx-ingress-controller
+            - --tcp-services-configmap=gitlab/gitlab-test-ingress-nginx-tcp
+            - --watch-namespace=$(POD_NAMESPACE)
             - --enable-ssl-chain-completion=false
-            - --force-namespace-isolation
           securityContext:
             capabilities:
                 drop:
                 - ALL
                 add:
                 - NET_BIND_SERVICE
-            runAsUser: 33
+            runAsUser: 101
+            allowPrivilegeEscalation: true
           env:
             - name: POD_NAME
               valueFrom:
@@ -12975,6 +13130,8 @@
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
+            - name: LD_PRELOAD
+              value: /usr/local/lib/libmimalloc.so
           livenessProbe:
             httpGet:
               path: /healthz
@@ -12984,6 +13141,16 @@
             periodSeconds: 10
             timeoutSeconds: 1
             successThreshold: 1
+            failureThreshold: 5
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: 10254
+              scheme: HTTP
+            initialDelaySeconds: 10
+            periodSeconds: 10
+            timeoutSeconds: 1
+            successThreshold: 1
             failureThreshold: 3
           ports:
             - name: http
@@ -12992,66 +13159,48 @@
             - name: https
               containerPort: 443
               protocol: TCP
-            - name: stats
-              containerPort: 18080
-              protocol: TCP
             - name: metrics
               containerPort: 10254
               protocol: TCP
             - name: gitlab-shell
               containerPort: 22
               protocol: TCP
-          readinessProbe:
-            httpGet:
-              path: /healthz
-              port: 10254
-              scheme: HTTP
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            timeoutSeconds: 1
-            successThreshold: 1
-            failureThreshold: 3
-          resources:
+          resources: 
             requests:
               cpu: 100m
               memory: 100Mi
-      hostNetwork: false
-      affinity:
-        podAntiAffinity:
-          preferredDuringSchedulingIgnoredDuringExecution:
-          - weight: 1
-            podAffinityTerm:
-              topologyKey: kubernetes.io/hostname
-              labelSelector:
-                matchLabels:
-                  app: nginx-ingress
-                  component: controller
-                  release: gitlab-test
+      nodeSelector: 
+        kubernetes.io/os: linux
       serviceAccountName: gitlab-test-nginx-ingress
-      terminationGracePeriodSeconds: 60
+      terminationGracePeriodSeconds: 300
 ---
 # Source: gitlab/charts/nginx-ingress/templates/default-backend-deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: gitlab-test-nginx-ingress-default-backend
-  namespace: gitlab
   labels:
     app: nginx-ingress
-    chart: nginx-ingress-0.30.0-1
+    chart: nginx-ingress-3.11.1
     release: gitlab-test
     heritage: Helm
     component: "default-backend"
+    helm.sh/chart: nginx-ingress-3.11.1
+    app.kubernetes.io/name: nginx-ingress
+    app.kubernetes.io/instance: gitlab-test
+    app.kubernetes.io/version: "0.41.2"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/component: default-backend
+  name: gitlab-test-nginx-ingress-default-backend
   annotations:
     
 spec:
-  replicas: 1
-  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app: nginx-ingress
       component: "default-backend"
       release: gitlab-test
+  replicas: 1
+  revisionHistoryLimit: 10
   template:
     metadata:
       labels:
@@ -13061,24 +13210,45 @@
     spec:
       containers:
         - name: nginx-ingress-default-backend
-          image: "k8s.gcr.io/defaultbackend:1.4"
-          imagePullPolicy: "IfNotPresent"
-          args:
+          image: "k8s.gcr.io/defaultbackend-amd64:1.5"
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            capabilities:
+              drop:
+              - ALL
+            runAsUser: 65534
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
           livenessProbe:
             httpGet:
               path: /healthz
               port: 8080
               scheme: HTTP
             initialDelaySeconds: 30
+            periodSeconds: 10
             timeoutSeconds: 5
+            successThreshold: 1
+            failureThreshold: 3
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 0
+            periodSeconds: 5
+            timeoutSeconds: 5
+            successThreshold: 1
+            failureThreshold: 6
           ports:
             - name: http
               containerPort: 8080
               protocol: TCP
-          resources:
+          resources: 
             requests:
               cpu: 5m
               memory: 5Mi
+      serviceAccountName: gitlab-test-nginx-ingress-backend
       terminationGracePeriodSeconds: 60
 ---
 # Source: gitlab/charts/prometheus/templates/server-deployment.yaml
@@ -13245,7 +13415,7 @@
               cpu: 50m      
       containers:
         - name: registry
-          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-container-registry:v2.11.0-gitlab"
+          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-container-registry:v2.12.0-gitlab"
           imagePullPolicy: "IfNotPresent"
           volumeMounts:
           - name: registry-server-config
@@ -13314,7 +13484,7 @@
   namespace: gitlab
   labels:
     app: gitlab-shell
-    chart: gitlab-shell-4.6.3
+    chart: gitlab-shell-4.7.0
     release: gitlab-test
     heritage: Helm
 spec:
@@ -13338,7 +13508,7 @@
   namespace: gitlab
   labels:
     app: sidekiq
-    chart: sidekiq-4.6.3
+    chart: sidekiq-4.7.0
     release: gitlab-test
     heritage: Helm
 spec:
@@ -13358,18 +13528,19 @@
 apiVersion: autoscaling/v2beta1
 kind: HorizontalPodAutoscaler
 metadata:
-  name: gitlab-test-webservice
+  name: gitlab-test-webservice-default
   namespace: gitlab
   labels:
     app: webservice
-    chart: webservice-4.6.3
+    chart: webservice-4.7.0
     release: gitlab-test
     heritage: Helm
+    gitlab.com/webservice-name: default
 spec:
   scaleTargetRef:
     apiVersion: apps/v1
     kind: Deployment
-    name: gitlab-test-webservice
+    name: gitlab-test-webservice-default
   minReplicas: 2
   maxReplicas: 10
   metrics:
@@ -13429,7 +13600,7 @@
         release: gitlab-test
         
       annotations:
-        checksum/config: 202d42e3e550d44db35636ce5b0263eaa6d7adf4e3f729e805b3c24c5dead74a
+        checksum/config: 94f1310e00bbb0780cc9470d8099f3eb9a991abbb0721db8ee9c93b20aaf7d17
         co.elastic.logs/json.add_error_key: "true"
         co.elastic.logs/json.keys_under_root: "false"
     spec:
@@ -13484,7 +13655,7 @@
       containers:
         
         - name: gitaly
-          image: "registry.gitlab.com/gitlab-org/build/cng/gitaly:v13.6.3"
+          image: "registry.gitlab.com/gitlab-org/build/cng/gitaly:v13.7.0"
           
           ports:
             - containerPort: 8075
@@ -13582,7 +13753,7 @@
   namespace: gitlab
   labels:
     app: praefect
-    chart: praefect-4.6.3
+    chart: praefect-4.7.0
     release: gitlab-test
     heritage: Helm
 spec:
@@ -13600,7 +13771,7 @@
         release: gitlab-test
         
       annotations:
-        checksum/config: 027a2068879083edb8dddec647021d695a9bafa97ad3dc9d607d6a4a6a4af5ba
+        checksum/config: d33f18ac366961270ba38e4da1e491ef63e085d13faabf304f179a54cb814ebc
     spec:
       affinity:
         podAntiAffinity:
@@ -13650,7 +13821,7 @@
       containers:
       
       - name: praefect
-        image: "registry.gitlab.com/gitlab-org/build/cng/gitaly:v13.6.3"
+        image: "registry.gitlab.com/gitlab-org/build/cng/gitaly:v13.7.0"
         
         ports:
           - containerPort: 8075
@@ -14094,7 +14265,7 @@
   namespace: gitlab
   labels:
     app: migrations
-    chart: migrations-4.6.3
+    chart: migrations-4.7.0
     release: gitlab-test
     heritage: Helm
 spec:
@@ -14150,7 +14321,7 @@
       containers:
         
         - name: migrations
-          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-task-runner-ce:v13.6.3"
+          image: "registry.gitlab.com/gitlab-org/build/cng/gitlab-task-runner-ce:v13.7.0"
           args:
             - /scripts/wait-for-deps
             - /scripts/db-migrate
@@ -14290,7 +14461,7 @@
   namespace: gitlab
   labels:
     app: gitlab-grafana
-    chart: gitlab-grafana-4.6.3
+    chart: gitlab-grafana-4.7.0
     release: gitlab-test
     heritage: Helm
   annotations:
@@ -14504,6 +14675,7 @@
         db_key_base=$(fetch_rails_value secrets.yml "${env}.db_key_base")
         openid_connect_signing_key=$(fetch_rails_value secrets.yml "${env}.openid_connect_signing_key")
         ci_jwt_signing_key=$(fetch_rails_value secrets.yml "${env}.ci_jwt_signing_key")
+        encrypted_settings_key_base=$(fetch_rails_value secrets.yml "${env}.encrypted_settings_key_base")
       fi;
     
       # Generate defaults for any unset secrets
@@ -14512,6 +14684,7 @@
       db_key_base="${db_key_base:-$(gen_random 'a-f0-9' 128)}" # equavilent to secureRandom.hex(64)
       openid_connect_signing_key="${openid_connect_signing_key:-$(openssl genrsa 2048)}"
       ci_jwt_signing_key="${ci_jwt_signing_key:-$(openssl genrsa 2048)}"
+      encrypted_settings_key_base="${encrypted_settings_key_base:-$(gen_random 'a-f0-9' 128)}" # equavilent to secureRandom.hex(64)
     
       # Update the existing secret
       cat << EOF > rails-secrets.yml
@@ -14526,6 +14699,7 @@
           secret_key_base: $secret_key_base
           otp_key_base: $otp_key_base
           db_key_base: $db_key_base
+          encrypted_settings_key_base: $encrypted_settings_key_base
           openid_connect_signing_key: |
     $(echo "${openid_connect_signing_key}" | awk '{print "        " $0}')
           ci_jwt_signing_key: |
@@ -14566,7 +14740,7 @@
   namespace: gitlab
   labels:
     app: gitlab
-    chart: gitlab-4.6.3
+    chart: gitlab-4.7.0
     release: gitlab-test
     heritage: Helm
   annotations:
@@ -14700,14 +14874,14 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: gitlab-test-webservice-test-runner-kww4y
+  name: gitlab-test-webservice-test-runner-zjdx2
   namespace: gitlab
   annotations:
     "helm.sh/hook": test-success
 spec:
   containers:
   - name: test-runner
-    image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v13.6.3
+    image: registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ce:v13.7.0
     command: ['sh', '/tests/test_login']
     volumeMounts:
       - name: tests
@@ -14732,7 +14906,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: gitlab-test-shared-secrets-1-1vo
+  name: gitlab-test-shared-secrets-1-fq6
   namespace: gitlab
   labels:
     app: shared-secrets
@@ -14784,7 +14958,7 @@
   namespace: gitlab
   labels:
     app: gitlab
-    chart: gitlab-4.6.3
+    chart: gitlab-4.7.0
     release: gitlab-test
     heritage: Helm
   annotations:
@@ -14811,9 +14985,9 @@
           
           env:
             - name: GITLAB_VERSION
-              value: '13.6.3'
+              value: '13.7.0'
             - name: CHART_VERSION
-              value: '4.6.3'
+              value: '4.7.0'
           volumeMounts:
             - name: chart-info
               mountPath: /chart-info
@@ -15217,7 +15391,7 @@
           requests:
             memory: "1Gi"
             cpu: "1"
-        image: gitlab/gitlab-ce:13.6.3-ce.0
+        image: gitlab/gitlab-ce:13.7.0-ce.0
         imagePullPolicy: IfNotPresent
         command: ["/bin/bash", "-c",
           "sed -i \"s/environment ({'GITLAB_ROOT_PASSWORD' => initial_root_password }) if initial_root_password/environment ({'GITLAB_ROOT_PASSWORD' => initial_root_password, 'GITLAB_SHARED_RUNNERS_REGISTRATION_TOKEN' => node['gitlab']['gitlab-rails']['initial_shared_runners_registration_token'] })/g\" /opt/gitlab/embedded/cookbooks/gitlab/recipes/database_migrations.rb && exec /assets/wrapper"]

Merge request reports

Loading