Some time ago I had a problem with a selfhosted Gitlab instances. I had a new user, johnyj12345, which create a repo and an issiue and log off. This is an attack made to my instance because I don’t upgraded it for some time so I cleanit and remove all the trace of this user and update all.1
After this I was ready to tacle the elephant in the room: how to check if my self hosted GitLab.
How to check if GitLab is updated
Official documentation of GitLab2 say that the /help page where there is, if logged, a label with
- Up to date
- new version out
- update asap
And with it decide what you need to do.
So I decide to hack the system and make an allert for me.
Hack the GitLab help page
First ve need to understand how the label work. A rapid ispection of the page show that the label is a responde of a get at the url https://version.gitlab.com/check.svg with some parameters.
In particolar we need the GitLab version installed. So we need it too. And for them we need the token from the self hosted installation3.
Get the version of GitLab
For this project we only need python and requests
and this return a json like this as python dict
From this json we know the version of GitLab for the next step.
Get the label of the Help GitLab page
In this way you return a string with the label as xml img. So if you want a feedback when is to update it you can do this.
In this way you return False if you need to update, True elsewhere.
Whith this you can make another function for sending a notification or a mail for the update. I make all this code into a cronjob with mail sender for getting at the start of my work hours a mail for unupdated gitlab installation. I also suggest Slack or Telegram for the notification for the unupgraded GitLab.