GitLab Maintenance 12.08

Maintenance for both GitLab instances is scheduled for the 12.08. GitLab will be partially unavailable during the day and should not be used, as there is a risk of data loss in case of a rollback.

The maintenance includes the upgrade of the host operating system, the upgrade of GitLab to version 14.1 and the activation of GitLab Pages access control feature.

Edit: 08:15
Planned maintenance has started.

Edit 12:15
Maintenance has been completed.

Hi EL-Team

Congrats on the successful upgrade.

GitLab Pages now requests full access to my personal API - read and write.
Should this be granted, or will it be re-configured to only require a sub set of permissions?
I don’t know the system architecture and don’t have the sufficient information to reason out - but it seems odd, that a write access to my user’s API is required as gitlab pages only needs to consume data from gitlab - AFAIK…

Thank you

The request by GitLab Pages pops up in relation to the new GitLab Pages access control feature we enabled today. The default settings of this feature shamelessly requests full API access. There is also the option to use a reduced authentication scope, though the documentation is IMO not quite clear on the impact of using such a configuration. I’ll need to look into the details…

If you’re not using any GitLab Pages with restricted access, you can simply decline the request for now.

thx for the info.

We have some gitlab pages that stopped working since the update - respectively, they request full API access now and won’t work without for now:

If we can find a solution without full write access to my user account, that’d be great.

also, all the links in the emails I receive from this forum point to invalid locations:

Thanks

So I looked at the relevant merge request and it looks like both ‘api’ and ‘read_api’ can be used for access control without any changes in functionality. I’ll modify the GitLab config later tonight when there is little to no activity.

The messed up forum links are a new occurence and are probably related to the upgrade we did earlier this week. The Bitnami docker image we use changed a bunch of environment vars with the upgrade from 2.6 to 2.7 seemingly without keeping the old vars compatibtle (WHY?). Thanks for pointing it out!

I just reconfigured the authentication scope and GitLab Pages now only asks for read_api permissions when trying to access restricted sites.