Keep update Gitlab

2020-11-16 | fingerfood dev devops hacking

Reading time 2 minutes | Word count 412 | Fundor 333

Some time ago I had a problem with a selfhosted Gitlab instances. I had a new user, johnyj12345, which create a repo and an issiue and log off. This is an attack made to my instance because I don’t upgraded it for some time so I cleanit and remove all the trace of this user and update all.¹

After this I was ready to tacle the elephant in the room: how to check if my self hosted GitLab.

How to check if GitLab is updated

Official documentation of GitLab² say that the /help page where there is, if logged, a label with

Up to date
new version out
update asap

And with it decide what you need to do.

So I decide to hack the system and make an allert for me.

Hack the GitLab help page

First ve need to understand how the label work. A rapid ispection of the page show that the label is a responde of a get at the url version.gitlab.com/check.svg with some parameters.

In particolar we need the GitLab version installed. So we need it too. And for them we need the token from the self hosted installation³.

Get the version of GitLab

For this project we only need python and requests

def get_gitlab_version():
	url = BASE_GITLAB_URL + "/api/v4/version"
    headers = {"Private-Token": GITLAB_PERSONAL_TOKEN}
    req = requests.get(url, headers=headers)
    return req.json()

and this return a json like this as python dict

{
  "version": "8.13.0-pre",
  "revision": "4e963fe"
}

From this json we know the version of GitLab for the next step.

Get the label of the Help GitLab page

def last_version_gitlab():
	response = get_gitlab_version()
    url = BASE_GITLAB_URL
    ver = response["version"]
    gfg = urlsafe_b64encode(str.encode('{"version":"' + str(ver) + '"}'))
    logger.debug(gfg)
    r = requests.get(url="https://version.gitlab.com/check.svg", params={'gitlab_info': gfg}, headers={'Referer': url})
	return r.text

In this way you return a string with the label as xml img. So if you want a feedback when is to update it you can do this.

def gitlab_check():
	return "up-to-date" in last_version_gitlab()

In this way you return False if you need to update, True elsewhere.

Conclusion

Whith this you can make another function for sending a notification or a mail for the update. I make all this code into a cronjob with mail sender for getting at the start of my work hours a mail for unupdated gitlab installation. I also suggest Slack or Telegram for the notification for the unupgraded GitLab.

Link of a guide for clean. Update following the guide of GitLab. ↩︎
Official documentation Version Check ↩︎
Official documentation Acess Token ↩︎

Mentions and response

Respond to this post on your own site. If you do, send me a webmention here.

Find out more about webmentions on the IndieWeb.