upgrade to 18.1.1

Author: ErinaInit

.gitlab-version

@@ -1 +1 @@
-18.0.1
+18.1.1

Dockerfile

@@ -1,4 +1,4 @@
-FROM sameersbn/gitlab:18.0.1
+FROM sameersbn/gitlab:18.1.1
 
 # Override files
 COPY assets/runtime/config/gitlabhq/gitlab.yml ${GITLAB_RUNTIME_DIR}/config/gitlabhq/gitlab.yml

assets/runtime/config/gitlabhq/gitlab.yml

@@ -937,7 +937,7 @@ production: &base
                   login_url: '{{OAUTH_CAS3_LOGIN_URL}}',
                   service_validate_url: '{{OAUTH_CAS3_VALIDATE_URL}}',
                   logout_url: '{{OAUTH_CAS3_LOGOUT_URL}}'} }
-       - { name: 'authentiq',
+      - { name: 'authentiq',
           app_id: '{{OAUTH_AUTHENTIQ_CLIENT_ID}}',
           app_secret: 'OAUTH_AUTHENTIQ_CLIENT_SECRET',
           args: { scope: {{OAUTH_AUTHENTIQ_SCOPE}}, redirect_uri: '{{OAUTH_AUTHENTIQ_REDIRECT_URI}}' } }
@@ -1043,6 +1043,16 @@ production: &base
               identifier: '{{OAUTH_OIDC_CLIENT_ID}}',
               secret: '{{OAUTH_OIDC_CLIENT_SECRET}}',
               redirect_uri: '{{OAUTH_OIDC_REDIRECT_URI}}' } } }
+      - { name: 'jwt',
+          label: '{{OAUTH_JWT_LABEL}}',
+          args: {
+            secret: '{{OAUTH_JWT_SECRET}}',
+            algorithm: '{{OAUTH_JWT_ALGORITHM}}',
+            uid_claim: '{{OAUTH_JWT_UID_CLAIM}}',
+            required_claims: {{OAUTH_JWT_REQUIRED_CLAIMS}},
+            info_map: { name: '{{OAUTH_JWT_INFO_MAP_NAME}}', email: '{{OAUTH_JWT_INFO_MAP_EMAIL}}' },
+            auth_url: '{{OAUTH_JWT_AUTH_URL}}',
+            valid_within: {{OAUTH_JWT_VALID_WITHIN}} } }
 
     # SSO maximum session duration in seconds. Defaults to CAS default of 8 hours.
     # cas3:

assets/runtime/functions

@@ -822,6 +822,26 @@ gitlab_configure_oauth_oidc() {
   fi
 }
 
+ gitlab_configure_oauth_jwt() {
+  if [[ -n ${OAUTH_JWT_SECRET} && \
+        -n ${OAUTH_JWT_AUTH_URL} ]]; then
+    echo "Configuring gitlab::oauth::jwt..."
+    OAUTH_ENABLED=${OAUTH_ENABLED:-true}
+    update_template ${GITLAB_CONFIG} \
+      OAUTH_JWT_LABEL \
+      OAUTH_JWT_SECRET \
+      OAUTH_JWT_ALGORITHM \
+      OAUTH_JWT_UID_CLAIM \
+      OAUTH_JWT_REQUIRED_CLAIMS \
+      OAUTH_JWT_INFO_MAP_NAME \
+      OAUTH_JWT_INFO_MAP_EMAIL \
+      OAUTH_JWT_AUTH_URL \
+      OAUTH_JWT_VALID_WITHIN
+  else
+    exec_as_git sed -i "/name: 'jwt'/,/{{OAUTH_JWT_VALID_WITHIN}}/d" ${GITLAB_CONFIG}
+  fi
+}
+
 gitlab_configure_oauth() {
   echo "Configuring gitlab::oauth..."
 
@@ -840,6 +860,7 @@ gitlab_configure_oauth() {
   gitlab_configure_oauth_azure
   gitlab_configure_oauth2_generic_ustc
   gitlab_configure_oauth_oidc
+  gitlab_configure_oauth_jwt
 
   OAUTH_ENABLED=${OAUTH_ENABLED:-false}
   update_template ${GITLAB_CONFIG} \
@@ -852,7 +873,7 @@ gitlab_configure_oauth() {
     OAUTH_EXTERNAL_PROVIDERS
 
   case ${OAUTH_AUTO_SIGN_IN_WITH_PROVIDER} in
-    cas3|google_oauth2|facebook|twitter|github|gitlab|bitbucket|saml|crowd|azure_oauth2|azure_activedirectory_v2|oauth2_generic|$OAUTH2_GENERIC_NAME|oidc)
+    cas3|google_oauth2|facebook|twitter|github|gitlab|bitbucket|saml|crowd|azure_oauth2|azure_activedirectory_v2|oauth2_generic|$OAUTH2_GENERIC_NAME|oidc|jwt)
       update_template ${GITLAB_CONFIG} OAUTH_AUTO_SIGN_IN_WITH_PROVIDER
       ;;
     *)