Keep update Gitlab

home ~ Keep update Gitlab

Card image cap

devops hacking
2020-11-16

Some time ago I had a problem with a selfhosted Gitlab instances. I had a new user, johnyj12345, which create a repo and an issiue and log off. This is an attack made to my instance because I don’t upgraded it for some time so I cleanit and remove all the trace of this user and update all.1

After this I was ready to tacle the elephant in the room: how to check if my self hosted GitLab.

How to check if GitLab is updated

Official documentation of GitLab2 say that the /help page where there is, if logged, a label with

  • Up to date
  • new version out
  • update asap

And with it decide what you need to do.

So I decide to hack the system and make an allert for me.

Hack the GitLab help page

First ve need to understand how the label work. A rapid ispection of the page show that the label is a responde of a get at the url https://version.gitlab.com/check.svg with some parameters.

In particolar we need the GitLab version installed. So we need it too. And for them we need the token from the self hosted installation3.

Get the version of GitLab

For this project we only need python and requests

1
2
3
4
5
def get_gitlab_version():
	url = BASE_GITLAB_URL + "/api/v4/version"
    headers = {"Private-Token": GITLAB_PERSONAL_TOKEN}
    req = requests.get(url, headers=headers)
    return req.json()

and this return a json like this as python dict

1
2
3
4
{
  "version": "8.13.0-pre",
  "revision": "4e963fe"
}

From this json we know the version of GitLab for the next step.

Get the label of the Help GitLab page

1
2
3
4
5
6
7
8
def last_version_gitlab():
	response = get_gitlab_version()
    url = BASE_GITLAB_URL
    ver = response["version"]
    gfg = urlsafe_b64encode(str.encode('{"version":"' + str(ver) + '"}'))
    logger.debug(gfg)
    r = requests.get(url="https://version.gitlab.com/check.svg", params={'gitlab_info': gfg}, headers={'Referer': url})
	return r.text

In this way you return a string with the label as xml img. So if you want a feedback when is to update it you can do this.

1
2
def gitlab_check():
	return "up-to-date" in last_version_gitlab()

In this way you return False if you need to update, True elsewhere.

Conclusion

Whith this you can make another function for sending a notification or a mail for the update. I make all this code into a cronjob with mail sender for getting at the start of my work hours a mail for unupdated gitlab installation. I also suggest Slack or Telegram for the notification for the unupgraded GitLab.


  1. Link of a guide for clean. Update following the guide of GitLab. ↩︎

  2. Official documentation Version Check ↩︎

  3. Official documentation Acess Token ↩︎

by Fundor333


See Also




comments powered by Disqus