4 Security vulnerabilities CVE-2013-4490 and CVE-2013-4489 have been patched in the latest version of GitLab 6.2.
6 # In 6.1 we remove a lot of deprecated code.
7 # You should update to 6.0 before installing 6.1 or higher so all the necessary conversions are run.
11 #### Global issue numbers
13 As of 6.1 issue numbers are project specific. This means all issues are renumbered and get a new number in their url. If you use an old issue number url and the issue number does not exist yet you are redirected to the new one. This conversion does not trigger if the old number already exists for this project, this is unlikely but will happen with old issues and large projects.
17 It's useful to make a backup just in case things go south:
18 (With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
22 sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
27 sudo service gitlab stop
29 ### 2. Get latest code
33 sudo -u git -H git fetch
34 sudo -u git -H git checkout 6-2-stable # Latest version of 6-2-stable addresses CVE-2013-4489
38 ### 3. Install additional packages
41 # Add support for lograte for better log file handling
42 sudo apt-get install logrotate
45 ### 4. Update gitlab-shell
48 cd /home/git/gitlab-shell
49 sudo -u git -H git fetch
50 sudo -u git -H git checkout v1.7.9 # Addresses multiple critical security vulnerabilities
53 ### 5. Install libs, migrations, etc.
59 sudo -u git -H bundle install --without development test postgres --deployment
62 sudo -u git -H bundle install --without development test mysql --deployment
65 sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
66 sudo -u git -H bundle exec rake migrate_iids RAILS_ENV=production
67 sudo -u git -H bundle exec rake assets:clean RAILS_ENV=production
68 sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production
69 sudo -u git -H bundle exec rake cache:clear RAILS_ENV=production
72 ### 6. Update config files
74 TIP: to see what changed in gitlab.yml.example in this release use next command:
77 git diff 6-0-stable:config/gitlab.yml.example 6-2-stable:config/gitlab.yml.example
80 * Make `/home/git/gitlab/config/gitlab.yml` same as https://github.com/gitlabhq/gitlabhq/blob/6-2-stable/config/gitlab.yml.example but with your settings.
81 * Make `/home/git/gitlab/config/unicorn.rb` same as https://github.com/gitlabhq/gitlabhq/blob/6-2-stable/config/unicorn.rb.example but with your settings.
82 * Copy rack attack middleware config
85 sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
87 * Uncomment `config.middleware.use Rack::Attack` in `/home/git/gitlab/config/application.rb`
91 sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
94 ### 7. Update Init script
97 sudo rm /etc/init.d/gitlab
98 sudo curl --output /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlabhq/6-2-stable/lib/support/init.d/gitlab
99 sudo chmod +x /etc/init.d/gitlab
102 ### 8. Start application
104 sudo service gitlab start
105 sudo service nginx restart
107 ### 9. Check application status
109 Check if GitLab and its environment are configured correctly:
112 sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
114 To make sure you didn't miss anything run a more thorough check with:
116 sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
118 If all items are green, then congratulations upgrade complete!
120 ## Things went south? Revert to previous version (6.0)
122 ### 1. Revert the code to the previous version
123 Follow the [`upgrade guide from 5.4 to 6.0`](5.4-to-6.0.md), except for the database migration
124 (The backup is already migrated to the previous version)
126 ### 2. Restore from the backup:
130 sudo -u git -H bundle exec rake gitlab:backup:restore RAILS_ENV=production