From e2435077ad70ec38f8a13981970a397bd77fae32 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Tue, 10 Dec 2024 20:21:04 +0100
Subject: [PATCH 01/34] first version

---
 Dockerfile.multistage    | 210 +++++++++++++++++
 assets/build/install2.sh | 491 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 701 insertions(+)
 create mode 100644 Dockerfile.multistage
 create mode 100755 assets/build/install2.sh

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
new file mode 100644
index 000000000..3f0dfce71
--- /dev/null
+++ b/Dockerfile.multistage
@@ -0,0 +1,210 @@
+#----------------------------
+# base-builder
+#----------------------------
+FROM ubuntu:focal-20241011 as base-builder
+
+ARG VERSION=17.6.0
+
+ENV GITLAB_VERSION=${VERSION} \
+    RUBY_VERSION=3.2.6 \
+    RUBY_SOURCE_SHA256SUM="d9cb65ecdf3f18669639f2638b63379ed6fbb17d93ae4e726d4eb2bf68a48370" \
+    RUBYGEMS_VERSION=3.5.14 \
+    GOLANG_VERSION=1.23.3 \
+    GITLAB_SHELL_VERSION=14.39.0 \
+    GITLAB_PAGES_VERSION=17.6.0 \
+    GITALY_SERVER_VERSION=17.6.0 \
+    GITLAB_USER="git" \
+    GITLAB_HOME="/home/git" \
+    GITLAB_LOG_DIR="/var/log/gitlab" \
+    GITLAB_CACHE_DIR="/etc/docker-gitlab" \
+    RAILS_ENV=production \
+    NODE_ENV=production
+
+ENV GITLAB_INSTALL_DIR="${GITLAB_HOME}/gitlab" \
+    GITLAB_SHELL_INSTALL_DIR="${GITLAB_HOME}/gitlab-shell" \
+    GITLAB_GITALY_INSTALL_DIR="${GITLAB_HOME}/gitaly" \
+    GITLAB_DATA_DIR="${GITLAB_HOME}/data" \
+    GITLAB_BUILD_DIR="${GITLAB_CACHE_DIR}/build" \
+    GITLAB_RUNTIME_DIR="${GITLAB_CACHE_DIR}/runtime"
+
+ENV GITLAB_CLONE_URL="https://gitlab.com/gitlab-org/gitlab-foss.git" \
+    GITLAB_SHELL_URL="https://gitlab.com/gitlab-org/gitlab-shell/-/archive/v${GITLAB_SHELL_VERSION}/gitlab-shell-v${GITLAB_SHELL_VERSION}.tar.bz2" \
+    GITLAB_PAGES_URL="https://gitlab.com/gitlab-org/gitlab-pages.git" \
+    GITLAB_GITALY_URL="https://gitlab.com/gitlab-org/gitaly.git" \
+    GITLAB_WORKHORSE_BUILD_DIR="${GITLAB_INSTALL_DIR}/workhorse" \
+    GITLAB_PAGES_BUILD_DIR="/tmp/gitlab-pages" \
+    GITLAB_GITALY_BUILD_DIR="/tmp/gitaly" \  
+    GEM_CACHE_DIR="${GITLAB_BUILD_DIR}/cache" \
+    RUBY_SRC_URL="https://cache.ruby-lang.org/pub/ruby/3.2/ruby-${RUBY_VERSION}.tar.gz"
+
+ENV BUILD_DEPENDENCIES="gcc g++ make patch pkg-config cmake paxctl \
+    libc6-dev \
+    libpq-dev zlib1g-dev libyaml-dev libssl-dev \
+    libgdbm-dev libreadline-dev libncurses5-dev libffi-dev \
+    libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev \
+    gettext libkrb5-dev \
+    libexpat1-dev libz-dev libpcre2-dev build-essential git"
+
+ENV GOROOT=/tmp/go
+ENV PATH=${GOROOT}/bin:$PATH
+
+# install build dependencies for gem installation
+RUN apt-get update \
+ && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y ${BUILD_DEPENDENCIES} \
+ && apt-get upgrade -y
+
+ RUN apt-get update \
+ && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
+    wget ca-certificates apt-transport-https gnupg2 curl \
+ && apt-get upgrade -y
+
+#----------------------------
+# base-builder-extended
+#----------------------------
+FROM base-builder as base-builder-extended
+
+RUN set -ex && \
+    apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 \
+ && echo "deb http://ppa.launchpad.net/git-core/ppa/ubuntu focal main" >> /etc/apt/sources.list \
+ && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 8B3981E7A6852F782CC4951600A6F0A3C300EE8C \
+ && echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu focal main" >> /etc/apt/sources.list \
+ && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \
+ && echo 'deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main' > /etc/apt/sources.list.d/pgdg.list \
+ && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | apt-key add - \
+ && echo 'deb https://deb.nodesource.com/node_20.x nodistro main' > /etc/apt/sources.list.d/nodesource.list \
+ && wget --quiet -O - https://dl.yarnpkg.com/debian/pubkey.gpg  | apt-key add - \
+ && echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list \
+ && set -ex \
+ && apt-get update \
+ && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
+      sudo supervisor logrotate locales curl \
+      nginx openssh-server postgresql-contrib redis-tools \
+      postgresql-client-13 postgresql-client-14 postgresql-client-15 postgresql-client-16 \
+      python3 python3-docutils nodejs yarn gettext-base graphicsmagick \
+      libpq5 zlib1g libyaml-0-2 libssl1.1 \
+      libgdbm6 libreadline8 libncurses5 libffi7 \
+      libxml2 libxslt1.1 libcurl4 libicu66 libre2-dev tzdata unzip libimage-exiftool-perl \
+      libmagic1 \
+ && update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX \
+ && locale-gen en_US.UTF-8 \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales \
+ && rm -rf /var/lib/apt/lists/*
+
+#----------------------------
+# golang
+#----------------------------
+FROM base-builder as golang
+
+RUN echo "Downloading Go $GOLANG_VERSION..." \
+ && wget -cnv https://storage.googleapis.com/golang/go$GOLANG_VERSION.linux-amd64.tar.gz -P $GITLAB_BUILD_DIR/ \
+ && tar -xf $GITLAB_BUILD_DIR/go$GOLANG_VERSION.linux-amd64.tar.gz -C /tmp/
+
+#----------------------------
+# ruby
+#----------------------------
+FROM  base-builder as ruby
+# build ruby from source
+RUN echo "Building ruby v$RUBY_VERSION from source..." \
+ && mkdir /tmp/ruby \
+ && cd /tmp/ruby \
+ && curl --remote-name -Ss "$RUBY_SRC_URL" \
+ && printf '%s ruby-%s.tar.gz' "$RUBY_SOURCE_SHA256SUM" "$RUBY_VERSION" | sha256sum -c - \
+ && tar xzf ruby-"$RUBY_VERSION".tar.gz && cd ruby-"$RUBY_VERSION" \
+ && find "$GITLAB_BUILD_DIR/patches/ruby" -name "*.patch" | while read -r patch_file; do \
+      echo "Applying patch ${patch_file}"; \
+      patch -p1 -i "${patch_file}"; \
+    done \
+ && ./configure --disable-install-rdoc --enable-shared \
+ && make -j"$(nproc)" \
+ && make install
+
+# upgrade rubygems on demand
+RUN gem update --no-document --system "${RUBYGEMS_VERSION}"
+
+#----------------------------
+# gitlab-pages
+#----------------------------
+FROM base-builder as gitlab-pages
+
+RUN mkdir /tmp/go
+COPY --from=golang /tmp/go /tmp/go
+
+# download gitlab-pages
+RUN echo "Downloading gitlab-pages v.$GITLAB_PAGES_VERSION..." \
+ && git clone -q -b v$GITLAB_PAGES_VERSION --depth 1 $GITLAB_PAGES_URL $GITLAB_PAGES_BUILD_DIR
+
+# install gitlab-pages
+RUN make -C $GITLAB_PAGES_BUILD_DIR -j"$(nproc)" \
+ && cp -a ${GITLAB_PAGES_BUILD_DIR}/gitlab-pages /usr/local/bin/
+
+#----------------------------
+# gitaly
+#----------------------------
+FROM base-builder as gitaly
+
+RUN mkdir /tmp/go
+COPY --from=golang /tmp/go /tmp/go
+
+# download and build gitaly
+RUN echo "Downloading gitaly v.$GITALY_SERVER_VERSION..." \
+ && git clone -q -b v$GITALY_SERVER_VERSION --depth 1 $GITLAB_GITALY_URL $GITLAB_GITALY_BUILD_DIR
+
+# install gitaly
+RUN make -C $GITLAB_GITALY_BUILD_DIR install -j"$(nproc)" \
+ && mkdir -p ${GITLAB_GITALY_INSTALL_DIR}
+# The following line causes some issues. However, according to
+# <https://gitlab.com/gitlab-org/gitaly/-/merge_requests/5512> and
+# <https://gitlab.com/gitlab-org/gitaly/-/merge_requests/5671> there seems to
+# be some attempts to remove ruby from gitaly.
+#
+# cp -a ${GITLAB_GITALY_BUILD_DIR}/ruby ${GITLAB_GITALY_INSTALL_DIR}/
+
+# install git bundled with gitaly.
+RUN make -C $GITLAB_GITALY_BUILD_DIR git GIT_PREFIX=/usr/local -j"$(nproc)"
+
+#----------------------------
+# final
+#----------------------------
+FROM base-builder-extended as final
+
+RUN mkdir /tmp/go
+COPY --from=golang /tmp/go /tmp/go
+
+COPY --from=ruby /usr/local /usr/local
+
+COPY --from=gitlab-pages /usr/local/bin/gitlab-pages /usr/local/bin
+
+COPY --from=gitaly ${GITLAB_GITALY_BUILD_DIR}/config.toml.example ${GITLAB_GITALY_INSTALL_DIR}/config.toml
+COPY --from=gitaly /usr/local /usr/local
+
+COPY assets/build/ ${GITLAB_BUILD_DIR}/
+RUN bash ${GITLAB_BUILD_DIR}/install2.sh
+
+COPY assets/runtime/ ${GITLAB_RUNTIME_DIR}/
+COPY entrypoint.sh /sbin/entrypoint.sh
+RUN chmod 755 /sbin/entrypoint.sh
+
+ENV prometheus_multiproc_dir="/dev/shm"
+
+ARG BUILD_DATE
+ARG VCS_REF
+
+LABEL \
+    maintainer="sameer@damagehead.com" \
+    org.label-schema.schema-version="1.0" \
+    org.label-schema.build-date=${BUILD_DATE} \
+    org.label-schema.name=gitlab \
+    org.label-schema.vendor=damagehead \
+    org.label-schema.url="https://github.com/sameersbn/docker-gitlab" \
+    org.label-schema.vcs-url="https://github.com/sameersbn/docker-gitlab.git" \
+    org.label-schema.vcs-ref=${VCS_REF} \
+    com.damagehead.gitlab.license=MIT
+
+EXPOSE 22/tcp 80/tcp 443/tcp
+
+RUN ln -s /etc/ssl/certs/ca-certificates.crt /usr/lib/ssl/cert.pem
+
+VOLUME ["${GITLAB_DATA_DIR}", "${GITLAB_LOG_DIR}","${GITLAB_HOME}/gitlab/node_modules"]
+WORKDIR ${GITLAB_INSTALL_DIR}
+ENTRYPOINT ["/sbin/entrypoint.sh"]
+CMD ["app:start"]
diff --git a/assets/build/install2.sh b/assets/build/install2.sh
new file mode 100755
index 000000000..03389df80
--- /dev/null
+++ b/assets/build/install2.sh
@@ -0,0 +1,491 @@
+#!/bin/bash
+set -e
+
+GITLAB_CLONE_URL=https://gitlab.com/gitlab-org/gitlab-foss.git
+GITLAB_SHELL_URL=https://gitlab.com/gitlab-org/gitlab-shell/-/archive/v${GITLAB_SHELL_VERSION}/gitlab-shell-v${GITLAB_SHELL_VERSION}.tar.bz2
+GITLAB_PAGES_URL=https://gitlab.com/gitlab-org/gitlab-pages.git
+GITLAB_GITALY_URL=https://gitlab.com/gitlab-org/gitaly.git
+
+GITLAB_WORKHORSE_BUILD_DIR=${GITLAB_INSTALL_DIR}/workhorse
+GITLAB_PAGES_BUILD_DIR=/tmp/gitlab-pages
+GITLAB_GITALY_BUILD_DIR=/tmp/gitaly
+
+RUBY_SRC_URL=https://cache.ruby-lang.org/pub/ruby/${RUBY_VERSION%.*}/ruby-${RUBY_VERSION}.tar.gz
+
+GEM_CACHE_DIR="${GITLAB_BUILD_DIR}/cache"
+
+GOROOT=/tmp/go
+PATH=${GOROOT}/bin:$PATH
+
+export GOROOT PATH
+
+#BUILD_DEPENDENCIES="gcc g++ make patch pkg-config cmake paxctl \
+#  libc6-dev \
+#  libpq-dev zlib1g-dev libyaml-dev libssl-dev \
+#  libgdbm-dev libreadline-dev libncurses5-dev libffi-dev \
+#  libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev \
+#  gettext libkrb5-dev \
+#  libexpat1-dev libz-dev libpcre2-dev build-essential git"
+
+## Execute a command as GITLAB_USER
+exec_as_git() {
+  if [[ $(whoami) == "${GITLAB_USER}" ]]; then
+    "$@"
+  else
+    sudo -HEu ${GITLAB_USER} "$@"
+  fi
+}
+
+# install build dependencies for gem installation
+#apt-get update
+#DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y ${BUILD_DEPENDENCIES}
+
+# build ruby from source
+#echo "Building ruby v${RUBY_VERSION} from source..."
+#PWD_ORG="$PWD"
+#mkdir /tmp/ruby && cd /tmp/ruby
+#curl --remote-name -Ss "${RUBY_SRC_URL}"
+#printf '%s ruby-%s.tar.gz' "${RUBY_SOURCE_SHA256SUM}" "${RUBY_VERSION}" | sha256sum -c -
+#tar xzf ruby-"${RUBY_VERSION}".tar.gz && cd ruby-"${RUBY_VERSION}"
+#find "${GITLAB_BUILD_DIR}/patches/ruby" -name "*.patch" | while read -r patch_file; do
+#  echo "Applying patch ${patch_file}"
+#  patch -p1 -i "${patch_file}"
+#done
+#./configure --disable-install-rdoc --enable-shared
+#make -j"$(nproc)"
+#make install
+#cd "$PWD_ORG" && rm -rf /tmp/ruby
+
+# upgrade rubygems on demand
+#gem update --no-document --system "${RUBYGEMS_VERSION}"
+
+# PaX-mark ruby
+# Applying the mark late here does make the build usable on PaX kernels, but
+# still the build itself must be executed on a non-PaX kernel. It's done here
+# only for simplicity.
+paxctl -cvm "$(command -v ruby)"
+# https://en.wikibooks.org/wiki/Grsecurity/Application-specific_Settings#Node.js
+paxctl -cvm "$(command -v node)"
+
+# remove the host keys generated during openssh-server installation
+rm -rf /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub
+
+# add ${GITLAB_USER} user
+adduser --disabled-login --gecos 'GitLab' ${GITLAB_USER}
+passwd -d ${GITLAB_USER}
+
+# set PATH (fixes cron job PATH issues)
+cat >> ${GITLAB_HOME}/.profile <<EOF
+PATH=/usr/local/sbin:/usr/local/bin:\$PATH
+EOF
+
+### FIX
+chown -R ${GITLAB_USER} /home/git
+
+# configure git for ${GITLAB_USER}
+exec_as_git git config --global core.autocrlf input
+exec_as_git git config --global gc.auto 0
+exec_as_git git config --global repack.writeBitmaps true
+exec_as_git git config --global receive.advertisePushOptions true
+exec_as_git git config --global advice.detachedHead false
+exec_as_git git config --global --add safe.directory /home/git/gitlab
+
+# shallow clone gitlab-foss
+echo "Cloning gitlab-foss v.${GITLAB_VERSION}..."
+exec_as_git git clone -q -b v${GITLAB_VERSION} --depth 1 ${GITLAB_CLONE_URL} ${GITLAB_INSTALL_DIR}
+
+find "${GITLAB_BUILD_DIR}/patches/gitlabhq" -name "*.patch" | while read -r patch_file; do
+  printf "Applying patch %s for gitlab-foss...\n" "${patch_file}"
+  exec_as_git git -C ${GITLAB_INSTALL_DIR} apply --ignore-whitespace < "${patch_file}"
+done
+
+GITLAB_SHELL_VERSION=${GITLAB_SHELL_VERSION:-$(cat ${GITLAB_INSTALL_DIR}/GITLAB_SHELL_VERSION)}
+GITLAB_PAGES_VERSION=${GITLAB_PAGES_VERSION:-$(cat ${GITLAB_INSTALL_DIR}/GITLAB_PAGES_VERSION)}
+
+# install bundler: use version specified in Gemfile.lock
+BUNDLER_VERSION="$(grep "BUNDLED WITH" ${GITLAB_INSTALL_DIR}/Gemfile.lock -A 1 | grep -v "BUNDLED WITH" | tr -d "[:space:]")"
+gem install bundler:"${BUNDLER_VERSION}"
+
+# download golang
+#echo "Downloading Go ${GOLANG_VERSION}..."
+#wget -cnv https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-amd64.tar.gz -P ${GITLAB_BUILD_DIR}/
+#tar -xf ${GITLAB_BUILD_DIR}/go${GOLANG_VERSION}.linux-amd64.tar.gz -C /tmp/
+
+# install gitlab-shell
+echo "Downloading gitlab-shell v.${GITLAB_SHELL_VERSION}..."
+mkdir -p ${GITLAB_SHELL_INSTALL_DIR}
+wget -cq ${GITLAB_SHELL_URL} -O ${GITLAB_BUILD_DIR}/gitlab-shell-${GITLAB_SHELL_VERSION}.tar.bz2
+tar xf ${GITLAB_BUILD_DIR}/gitlab-shell-${GITLAB_SHELL_VERSION}.tar.bz2 --strip 1 -C ${GITLAB_SHELL_INSTALL_DIR}
+rm -rf ${GITLAB_BUILD_DIR}/gitlab-shell-${GITLAB_SHELL_VERSION}.tar.bz2
+chown -R ${GITLAB_USER}: ${GITLAB_SHELL_INSTALL_DIR}
+
+cd ${GITLAB_SHELL_INSTALL_DIR}
+exec_as_git cp -a config.yml.example config.yml
+
+echo "Compiling gitlab-shell golang executables..."
+exec_as_git bundle config set --local deployment 'true'
+exec_as_git bundle config set --local with 'development test'
+exec_as_git bundle install -j"$(nproc)"
+exec_as_git "PATH=$PATH" make verify setup
+
+# remove unused repositories directory created by gitlab-shell install
+rm -rf ${GITLAB_HOME}/repositories
+
+# build gitlab-workhorse
+echo "Build gitlab-workhorse"
+git config --global --add safe.directory /home/git/gitlab
+make -C ${GITLAB_WORKHORSE_BUILD_DIR} install -j"$(nproc)"
+# clean up
+rm -rf ${GITLAB_WORKHORSE_BUILD_DIR}
+
+# download gitlab-pages
+#echo "Downloading gitlab-pages v.${GITLAB_PAGES_VERSION}..."
+#git clone -q -b v${GITLAB_PAGES_VERSION} --depth 1 ${GITLAB_PAGES_URL} ${GITLAB_PAGES_BUILD_DIR}
+
+# install gitlab-pages
+#make -C ${GITLAB_PAGES_BUILD_DIR} -j"$(nproc)"
+#cp -a ${GITLAB_PAGES_BUILD_DIR}/gitlab-pages /usr/local/bin/
+
+# clean up
+#rm -rf ${GITLAB_PAGES_BUILD_DIR}
+
+# download and build gitaly
+#echo "Downloading gitaly v.${GITALY_SERVER_VERSION}..."
+#git clone -q -b v${GITALY_SERVER_VERSION} --depth 1 ${GITLAB_GITALY_URL} ${GITLAB_GITALY_BUILD_DIR}
+
+# install gitaly
+#make -C ${GITLAB_GITALY_BUILD_DIR} install -j"$(nproc)"
+#mkdir -p ${GITLAB_GITALY_INSTALL_DIR}
+# The following line causes some issues. However, according to
+# <https://gitlab.com/gitlab-org/gitaly/-/merge_requests/5512> and 
+# <https://gitlab.com/gitlab-org/gitaly/-/merge_requests/5671> there seems to
+# be some attempts to remove ruby from gitaly.
+#
+# cp -a ${GITLAB_GITALY_BUILD_DIR}/ruby ${GITLAB_GITALY_INSTALL_DIR}/
+#cp -a ${GITLAB_GITALY_BUILD_DIR}/config.toml.example ${GITLAB_GITALY_INSTALL_DIR}/config.toml
+#rm -rf ${GITLAB_GITALY_INSTALL_DIR}/ruby/vendor/bundle/ruby/**/cache
+#chown -R ${GITLAB_USER}: ${GITLAB_GITALY_INSTALL_DIR}
+
+# install git bundled with gitaly.
+#make -C ${GITLAB_GITALY_BUILD_DIR} git GIT_PREFIX=/usr/local -j"$(nproc)"
+
+# clean up
+#rm -rf ${GITLAB_GITALY_BUILD_DIR}
+
+# remove go
+go clean --modcache
+rm -rf ${GITLAB_BUILD_DIR}/go${GOLANG_VERSION}.linux-amd64.tar.gz ${GOROOT}
+
+# remove HSTS config from the default headers, we configure it in nginx
+exec_as_git sed -i "/headers\['Strict-Transport-Security'\]/d" ${GITLAB_INSTALL_DIR}/app/controllers/application_controller.rb
+
+# revert `rake gitlab:setup` changes from gitlabhq/gitlabhq@a54af831bae023770bf9b2633cc45ec0d5f5a66a
+exec_as_git sed -i 's/db:reset/db:setup/' ${GITLAB_INSTALL_DIR}/lib/tasks/gitlab/setup.rake
+
+# change SSH_ALGORITHM_PATH - we have moved host keys in ${GITLAB_DATA_DIR}/ssh/ to persist them
+exec_as_git sed -i "s:/etc/ssh/:/${GITLAB_DATA_DIR}/ssh/:g" ${GITLAB_INSTALL_DIR}/app/models/instance_configuration.rb
+
+cd ${GITLAB_INSTALL_DIR}
+
+# install gems, use local cache if available
+if [[ -d ${GEM_CACHE_DIR} ]]; then
+  echo "Found local npm package cache..."
+  mv ${GEM_CACHE_DIR} ${GITLAB_INSTALL_DIR}/vendor/cache
+  chown -R ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/vendor/cache
+fi
+
+exec_as_git bundle config set --local deployment 'true'
+exec_as_git bundle config set --local without 'development test mysql aws'
+exec_as_git bundle install -j"$(nproc)"
+
+# make sure everything in ${GITLAB_HOME} is owned by ${GITLAB_USER} user
+chown -R ${GITLAB_USER}: ${GITLAB_HOME}
+
+# gitlab.yml and database.yml are required for `assets:precompile`
+exec_as_git cp ${GITLAB_INSTALL_DIR}/config/resque.yml.example ${GITLAB_INSTALL_DIR}/config/resque.yml
+exec_as_git cp ${GITLAB_INSTALL_DIR}/config/gitlab.yml.example ${GITLAB_INSTALL_DIR}/config/gitlab.yml
+#
+# Temporary workaround, see <https://github.com/sameersbn/docker-gitlab/pull/2596>
+#
+# exec_as_git cp ${GITLAB_INSTALL_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
+cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
+chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
+
+# Installs nodejs packages required to compile webpack
+exec_as_git yarn install --production --pure-lockfile
+
+echo "Compiling assets. Please be patient, this could take a while..."
+exec_as_git bundle exec rake gitlab:assets:compile USE_DB=false SKIP_STORAGE_VALIDATION=true NODE_OPTIONS="--max-old-space-size=4096"
+
+# remove auto generated ${GITLAB_DATA_DIR}/config/secrets.yml
+rm -rf ${GITLAB_DATA_DIR}/config/secrets.yml
+
+# remove gitlab shell and workhorse secrets
+rm -f ${GITLAB_INSTALL_DIR}/.gitlab_shell_secret ${GITLAB_INSTALL_DIR}/.gitlab_workhorse_secret
+
+exec_as_git mkdir -p ${GITLAB_INSTALL_DIR}/tmp/pids/ ${GITLAB_INSTALL_DIR}/tmp/sockets/
+chmod -R u+rwX ${GITLAB_INSTALL_DIR}/tmp
+
+# symlink ${GITLAB_HOME}/.ssh -> ${GITLAB_LOG_DIR}/gitlab
+rm -rf ${GITLAB_HOME}/.ssh
+exec_as_git ln -sf ${GITLAB_DATA_DIR}/.ssh ${GITLAB_HOME}/.ssh
+
+# symlink ${GITLAB_INSTALL_DIR}/log -> ${GITLAB_LOG_DIR}/gitlab
+rm -rf ${GITLAB_INSTALL_DIR}/log
+ln -sf ${GITLAB_LOG_DIR}/gitlab ${GITLAB_INSTALL_DIR}/log
+
+# symlink ${GITLAB_INSTALL_DIR}/public/uploads -> ${GITLAB_DATA_DIR}/uploads
+rm -rf ${GITLAB_INSTALL_DIR}/public/uploads
+exec_as_git ln -sf ${GITLAB_DATA_DIR}/uploads ${GITLAB_INSTALL_DIR}/public/uploads
+
+# symlink ${GITLAB_INSTALL_DIR}/.secret -> ${GITLAB_DATA_DIR}/.secret
+rm -rf ${GITLAB_INSTALL_DIR}/.secret
+exec_as_git ln -sf ${GITLAB_DATA_DIR}/.secret ${GITLAB_INSTALL_DIR}/.secret
+
+# WORKAROUND for https://github.com/sameersbn/docker-gitlab/issues/509
+rm -rf ${GITLAB_INSTALL_DIR}/builds
+rm -rf ${GITLAB_INSTALL_DIR}/shared
+
+# install gitlab bootscript, to silence gitlab:check warnings
+cp ${GITLAB_INSTALL_DIR}/lib/support/init.d/gitlab /etc/init.d/gitlab
+chmod +x /etc/init.d/gitlab
+
+# disable default nginx configuration and enable gitlab's nginx configuration
+rm -rf /etc/nginx/sites-enabled/default
+
+# configure sshd
+sed -i \
+  -e "s|^[#]*UsePAM yes|UsePAM no|" \
+  -e "s|^[#]*UsePrivilegeSeparation yes|UsePrivilegeSeparation no|" \
+  -e "s|^[#]*PasswordAuthentication yes|PasswordAuthentication no|" \
+  -e "s|^[#]*LogLevel INFO|LogLevel VERBOSE|" \
+  -e "s|^[#]*AuthorizedKeysFile.*|AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_proxy|" \
+  /etc/ssh/sshd_config
+echo "AcceptEnv GIT_PROTOCOL" >> /etc/ssh/sshd_config # Allow clients to explicitly set the Git transfer protocol, e.g. to enable version 2.
+echo "UseDNS no" >> /etc/ssh/sshd_config
+
+# move supervisord.log file to ${GITLAB_LOG_DIR}/supervisor/
+sed -i "s|^[#]*logfile=.*|logfile=${GITLAB_LOG_DIR}/supervisor/supervisord.log ;|" /etc/supervisor/supervisord.conf
+
+# silence "CRIT Server 'unix_http_server' running without any HTTP authentication checking" message
+# https://github.com/Supervisor/supervisor/issues/717
+sed -i '/\.sock/a password=dummy' /etc/supervisor/supervisord.conf
+sed -i '/\.sock/a username=dummy' /etc/supervisor/supervisord.conf
+# prevent confusing warning "CRIT Supervisor running as root" by clarify run as root
+#   user not defined in supervisord.conf by default, so just append it after [supervisord] block
+sed -i "/\[supervisord\]/a user=root" /etc/supervisor/supervisord.conf
+
+# move nginx logs to ${GITLAB_LOG_DIR}/nginx
+sed -i \
+  -e "s|access_log /var/log/nginx/access.log;|access_log ${GITLAB_LOG_DIR}/nginx/access.log;|" \
+  -e "s|error_log /var/log/nginx/error.log;|error_log ${GITLAB_LOG_DIR}/nginx/error.log;|" \
+  /etc/nginx/nginx.conf
+
+# fix "unknown group 'syslog'" error preventing logrotate from functioning
+sed -i "s|^su root syslog$|su root root|" /etc/logrotate.conf
+
+# configure supervisord log rotation
+cat > /etc/logrotate.d/supervisord <<EOF
+${GITLAB_LOG_DIR}/supervisor/*.log {
+  weekly
+  missingok
+  rotate 52
+  compress
+  delaycompress
+  notifempty
+  copytruncate
+}
+EOF
+
+# configure gitlab log rotation
+cat > /etc/logrotate.d/gitlab <<EOF
+${GITLAB_LOG_DIR}/gitlab/*.log {
+  weekly
+  missingok
+  rotate 52
+  compress
+  delaycompress
+  notifempty
+  copytruncate
+}
+EOF
+
+# configure gitlab-shell log rotation
+cat > /etc/logrotate.d/gitlab-shell <<EOF
+${GITLAB_LOG_DIR}/gitlab-shell/*.log {
+  weekly
+  missingok
+  rotate 52
+  compress
+  delaycompress
+  notifempty
+  copytruncate
+}
+EOF
+
+# configure gitlab log rotation
+cat > /etc/logrotate.d/gitaly <<EOF
+${GITLAB_LOG_DIR}/gitaly/*.log {
+  weekly
+  missingok
+  rotate 52
+  compress
+  delaycompress
+  notifempty
+  copytruncate
+}
+EOF
+
+# configure gitlab vhost log rotation
+cat > /etc/logrotate.d/gitlab-nginx <<EOF
+${GITLAB_LOG_DIR}/nginx/*.log {
+  weekly
+  missingok
+  rotate 52
+  compress
+  delaycompress
+  notifempty
+  copytruncate
+}
+EOF
+
+cat > /etc/supervisor/conf.d/puma.conf <<EOF
+[program:puma]
+priority=10
+directory=${GITLAB_INSTALL_DIR}
+environment=HOME=${GITLAB_HOME}
+command=bundle exec puma --config ${GITLAB_INSTALL_DIR}/config/puma.rb --environment ${RAILS_ENV}
+user=git
+autostart=true
+autorestart=true
+stopsignal=QUIT
+stdout_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+stderr_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+EOF
+
+# configure supervisord to start sidekiq
+cat > /etc/supervisor/conf.d/sidekiq.conf <<EOF
+[program:sidekiq]
+priority=10
+directory=${GITLAB_INSTALL_DIR}
+environment=HOME=${GITLAB_HOME}
+command=bundle exec sidekiq -c {{SIDEKIQ_CONCURRENCY}}
+  -C ${GITLAB_INSTALL_DIR}/config/sidekiq_queues.yml
+  -e ${RAILS_ENV}
+  -t {{SIDEKIQ_SHUTDOWN_TIMEOUT}}
+user=git
+autostart=true
+autorestart=true
+stdout_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+stderr_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+EOF
+
+# configure supervisord to start gitlab-workhorse
+cat > /etc/supervisor/conf.d/gitlab-workhorse.conf <<EOF
+[program:gitlab-workhorse]
+priority=20
+directory=${GITLAB_INSTALL_DIR}
+environment=HOME=${GITLAB_HOME}
+command=/usr/local/bin/gitlab-workhorse
+  -listenUmask 0
+  -listenNetwork tcp
+  -listenAddr ":8181"
+  -authBackend http://127.0.0.1:8080{{GITLAB_RELATIVE_URL_ROOT}}
+  -authSocket ${GITLAB_INSTALL_DIR}/tmp/sockets/gitlab.socket
+  -documentRoot ${GITLAB_INSTALL_DIR}/public
+  -proxyHeadersTimeout {{GITLAB_WORKHORSE_TIMEOUT}}
+user=git
+autostart=true
+autorestart=true
+stdout_logfile=${GITLAB_INSTALL_DIR}/log/%(program_name)s.log
+stderr_logfile=${GITLAB_INSTALL_DIR}/log/%(program_name)s.log
+EOF
+
+# configure supervisord to start gitaly
+cat > /etc/supervisor/conf.d/gitaly.conf <<EOF
+[program:gitaly]
+priority=5
+directory=${GITLAB_GITALY_INSTALL_DIR}
+environment=HOME=${GITLAB_HOME}
+command=/usr/local/bin/gitaly ${GITLAB_GITALY_INSTALL_DIR}/config.toml
+user=git
+autostart=true
+autorestart=true
+stdout_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+stderr_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+EOF
+
+# configure supervisord to start mail_room
+cat > /etc/supervisor/conf.d/mail_room.conf <<EOF
+[program:mail_room]
+priority=20
+directory=${GITLAB_INSTALL_DIR}
+environment=HOME=${GITLAB_HOME}
+command=bundle exec mail_room -c ${GITLAB_INSTALL_DIR}/config/mail_room.yml
+user=git
+autostart={{GITLAB_INCOMING_EMAIL_ENABLED}}
+autorestart=true
+stdout_logfile=${GITLAB_INSTALL_DIR}/log/%(program_name)s.log
+stderr_logfile=${GITLAB_INSTALL_DIR}/log/%(program_name)s.log
+EOF
+
+# configure supervisor to start sshd
+mkdir -p /var/run/sshd
+cat > /etc/supervisor/conf.d/sshd.conf <<EOF
+[program:sshd]
+directory=/
+command=/usr/sbin/sshd -D -E ${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+user=root
+autostart=true
+autorestart=true
+stdout_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+stderr_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+EOF
+
+# configure supervisord to start nginx
+cat > /etc/supervisor/conf.d/nginx.conf <<EOF
+[program:nginx]
+priority=20
+directory=/tmp
+command=/usr/sbin/nginx -g "daemon off;"
+user=root
+autostart=true
+autorestart=true
+stdout_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+stderr_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+EOF
+
+# configure supervisord to start crond
+cat > /etc/supervisor/conf.d/cron.conf <<EOF
+[program:cron]
+priority=20
+directory=/tmp
+command=/usr/sbin/cron -f
+user=root
+autostart=true
+autorestart=true
+stdout_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+stderr_logfile=${GITLAB_LOG_DIR}/supervisor/%(program_name)s.log
+EOF
+
+
+cat > /etc/supervisor/conf.d/groups.conf <<EOF
+[group:core]
+programs=gitaly
+priority=5
+[group:gitlab]
+programs=puma,gitlab-workhorse
+priority=10
+[group:gitlab_extensions]
+programs=sshd,nginx,mail_room,cron
+priority=20
+EOF
+
+# purge build dependencies and cleanup apt
+DEBIAN_FRONTEND=noninteractive apt-get purge -y --auto-remove ${BUILD_DEPENDENCIES}
+rm -rf /var/lib/apt/lists/*
+
+# clean up caches
+rm -rf ${GITLAB_HOME}/.cache ${GITLAB_HOME}/.bundle ${GITLAB_HOME}/go
+rm -rf /root/.cache /root/.bundle ${GITLAB_HOME}/gitlab/node_modules
+rm -r /tmp/*

From 41d1b6dd0291712ea9e0026fb3f7ccf1df859119 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Tue, 10 Dec 2024 22:45:48 +0100
Subject: [PATCH 02/34] move yarn to separate builder

---
 Dockerfile.multistage    | 35 +++++++++++++++++++++++++++++++++++
 assets/build/install2.sh | 18 +++++++++---------
 2 files changed, 44 insertions(+), 9 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 3f0dfce71..1ebc6da35 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -90,6 +90,10 @@ RUN set -ex && \
  && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales \
  && rm -rf /var/lib/apt/lists/*
 
+# add ${GITLAB_USER} user
+RUN adduser --disabled-login --gecos 'GitLab' $GITLAB_USER \
+ && passwd -d $GITLAB_USER
+
 #----------------------------
 # golang
 #----------------------------
@@ -162,6 +166,33 @@ RUN make -C $GITLAB_GITALY_BUILD_DIR install -j"$(nproc)" \
 # install git bundled with gitaly.
 RUN make -C $GITLAB_GITALY_BUILD_DIR git GIT_PREFIX=/usr/local -j"$(nproc)"
 
+#----------------------------
+# gitlab-foss-source
+#----------------------------
+FROM base-builder-extended as gitlab-foss-source
+# shallow clone gitlab-foss
+USER git
+RUN echo "Cloning gitlab-foss v.$GITLAB_VERSION..." \
+ && git clone -q -b v$GITLAB_VERSION --depth 1 $GITLAB_CLONE_URL $GITLAB_INSTALL_DIR
+
+RUN find "$GITLAB_BUILD_DIR/patches/gitlabhq" -name "*.patch" | while read -r patch_file; do \
+    printf "Applying patch %s for gitlab-foss...\n" "${patch_file}"; \
+    git -C $GITLAB_INSTALL_DIR apply --ignore-whitespace < "${patch_file}"; \
+  done
+USER root
+
+#----------------------------
+# yarn
+#----------------------------
+FROM gitlab-foss-source as yarn
+
+RUN mkdir node_modules \
+ && chown git node_modules
+
+USER git
+RUN cd $GITLAB_INSTALL_DIR; yarn install --production --pure-lockfile
+USER root
+
 #----------------------------
 # final
 #----------------------------
@@ -177,6 +208,10 @@ COPY --from=gitlab-pages /usr/local/bin/gitlab-pages /usr/local/bin
 COPY --from=gitaly ${GITLAB_GITALY_BUILD_DIR}/config.toml.example ${GITLAB_GITALY_INSTALL_DIR}/config.toml
 COPY --from=gitaly /usr/local /usr/local
 
+COPY --from=gitlab-foss-source ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
+
+COPY --from=yarn ${GITLAB_INSTALL_DIR}/node_modules ${GITLAB_INSTALL_DIR}/node_modules
+
 COPY assets/build/ ${GITLAB_BUILD_DIR}/
 RUN bash ${GITLAB_BUILD_DIR}/install2.sh
 
diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index 03389df80..aa9689f61 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -71,8 +71,8 @@ paxctl -cvm "$(command -v node)"
 rm -rf /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub
 
 # add ${GITLAB_USER} user
-adduser --disabled-login --gecos 'GitLab' ${GITLAB_USER}
-passwd -d ${GITLAB_USER}
+#adduser --disabled-login --gecos 'GitLab' ${GITLAB_USER}
+#passwd -d ${GITLAB_USER}
 
 # set PATH (fixes cron job PATH issues)
 cat >> ${GITLAB_HOME}/.profile <<EOF
@@ -91,13 +91,13 @@ exec_as_git git config --global advice.detachedHead false
 exec_as_git git config --global --add safe.directory /home/git/gitlab
 
 # shallow clone gitlab-foss
-echo "Cloning gitlab-foss v.${GITLAB_VERSION}..."
-exec_as_git git clone -q -b v${GITLAB_VERSION} --depth 1 ${GITLAB_CLONE_URL} ${GITLAB_INSTALL_DIR}
+#echo "Cloning gitlab-foss v.${GITLAB_VERSION}..."
+#exec_as_git git clone -q -b v${GITLAB_VERSION} --depth 1 ${GITLAB_CLONE_URL} ${GITLAB_INSTALL_DIR}
 
-find "${GITLAB_BUILD_DIR}/patches/gitlabhq" -name "*.patch" | while read -r patch_file; do
-  printf "Applying patch %s for gitlab-foss...\n" "${patch_file}"
-  exec_as_git git -C ${GITLAB_INSTALL_DIR} apply --ignore-whitespace < "${patch_file}"
-done
+#find "${GITLAB_BUILD_DIR}/patches/gitlabhq" -name "*.patch" | while read -r patch_file; do
+#  printf "Applying patch %s for gitlab-foss...\n" "${patch_file}"
+#  exec_as_git git -C ${GITLAB_INSTALL_DIR} apply --ignore-whitespace < "${patch_file}"
+#done
 
 GITLAB_SHELL_VERSION=${GITLAB_SHELL_VERSION:-$(cat ${GITLAB_INSTALL_DIR}/GITLAB_SHELL_VERSION)}
 GITLAB_PAGES_VERSION=${GITLAB_PAGES_VERSION:-$(cat ${GITLAB_INSTALL_DIR}/GITLAB_PAGES_VERSION)}
@@ -212,7 +212,7 @@ cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/conf
 chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
 
 # Installs nodejs packages required to compile webpack
-exec_as_git yarn install --production --pure-lockfile
+#exec_as_git yarn install --production --pure-lockfile
 
 echo "Compiling assets. Please be patient, this could take a while..."
 exec_as_git bundle exec rake gitlab:assets:compile USE_DB=false SKIP_STORAGE_VALIDATION=true NODE_OPTIONS="--max-old-space-size=4096"

From 3f5deaace7c8ac3ebcbd912d506074ac8acc2ce6 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 11 Dec 2024 20:00:13 +0100
Subject: [PATCH 03/34] switch to ruby binary image

---
 Dockerfile.multistage | 41 ++++++++++++++++++++---------------------
 1 file changed, 20 insertions(+), 21 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 1ebc6da35..5b81b44f1 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -106,24 +106,26 @@ RUN echo "Downloading Go $GOLANG_VERSION..." \
 #----------------------------
 # ruby
 #----------------------------
-FROM  base-builder as ruby
-# build ruby from source
-RUN echo "Building ruby v$RUBY_VERSION from source..." \
- && mkdir /tmp/ruby \
- && cd /tmp/ruby \
- && curl --remote-name -Ss "$RUBY_SRC_URL" \
- && printf '%s ruby-%s.tar.gz' "$RUBY_SOURCE_SHA256SUM" "$RUBY_VERSION" | sha256sum -c - \
- && tar xzf ruby-"$RUBY_VERSION".tar.gz && cd ruby-"$RUBY_VERSION" \
- && find "$GITLAB_BUILD_DIR/patches/ruby" -name "*.patch" | while read -r patch_file; do \
-      echo "Applying patch ${patch_file}"; \
-      patch -p1 -i "${patch_file}"; \
-    done \
- && ./configure --disable-install-rdoc --enable-shared \
- && make -j"$(nproc)" \
- && make install
-
+# FROM  base-builder as ruby
+# # build ruby from source
+# RUN echo "Building ruby v$RUBY_VERSION from source..." \
+#  && mkdir /tmp/ruby \
+#  && cd /tmp/ruby \
+#  && curl --remote-name -Ss "$RUBY_SRC_URL" \
+#  && printf '%s ruby-%s.tar.gz' "$RUBY_SOURCE_SHA256SUM" "$RUBY_VERSION" | sha256sum -c - \
+#  && tar xzf ruby-"$RUBY_VERSION".tar.gz && cd ruby-"$RUBY_VERSION" \
+#  && find "$GITLAB_BUILD_DIR/patches/ruby" -name "*.patch" | while read -r patch_file; do \
+#       echo "Applying patch ${patch_file}"; \
+#       patch -p1 -i "${patch_file}"; \
+#     done \
+#  && ./configure --disable-install-rdoc --enable-shared \
+#  && make -j"$(nproc)" \
+#  && make install
+FROM ruby:3.2.6-bullseye as ruby-inst
+
+ENV RUBYGEMS_VERSION=3.5.14
 # upgrade rubygems on demand
-RUN gem update --no-document --system "${RUBYGEMS_VERSION}"
+RUN gem update --no-document --system "$RUBYGEMS_VERSION"
 
 #----------------------------
 # gitlab-pages
@@ -186,9 +188,6 @@ USER root
 #----------------------------
 FROM gitlab-foss-source as yarn
 
-RUN mkdir node_modules \
- && chown git node_modules
-
 USER git
 RUN cd $GITLAB_INSTALL_DIR; yarn install --production --pure-lockfile
 USER root
@@ -201,7 +200,7 @@ FROM base-builder-extended as final
 RUN mkdir /tmp/go
 COPY --from=golang /tmp/go /tmp/go
 
-COPY --from=ruby /usr/local /usr/local
+COPY --from=ruby-inst /usr/local /usr/local
 
 COPY --from=gitlab-pages /usr/local/bin/gitlab-pages /usr/local/bin
 

From 1bde047b7f44d772dbc7ec81f6c5528c92661982 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Thu, 12 Dec 2024 15:23:41 +0100
Subject: [PATCH 04/34] move gitlab-shell to stage

---
 Dockerfile.multistage    | 75 +++++++++++++++++++++++++++++++---------
 assets/build/install2.sh | 40 ++++++++++-----------
 2 files changed, 79 insertions(+), 36 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 5b81b44f1..a0bf9d142 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -106,21 +106,6 @@ RUN echo "Downloading Go $GOLANG_VERSION..." \
 #----------------------------
 # ruby
 #----------------------------
-# FROM  base-builder as ruby
-# # build ruby from source
-# RUN echo "Building ruby v$RUBY_VERSION from source..." \
-#  && mkdir /tmp/ruby \
-#  && cd /tmp/ruby \
-#  && curl --remote-name -Ss "$RUBY_SRC_URL" \
-#  && printf '%s ruby-%s.tar.gz' "$RUBY_SOURCE_SHA256SUM" "$RUBY_VERSION" | sha256sum -c - \
-#  && tar xzf ruby-"$RUBY_VERSION".tar.gz && cd ruby-"$RUBY_VERSION" \
-#  && find "$GITLAB_BUILD_DIR/patches/ruby" -name "*.patch" | while read -r patch_file; do \
-#       echo "Applying patch ${patch_file}"; \
-#       patch -p1 -i "${patch_file}"; \
-#     done \
-#  && ./configure --disable-install-rdoc --enable-shared \
-#  && make -j"$(nproc)" \
-#  && make install
 FROM ruby:3.2.6-bullseye as ruby-inst
 
 ENV RUBYGEMS_VERSION=3.5.14
@@ -183,6 +168,59 @@ RUN find "$GITLAB_BUILD_DIR/patches/gitlabhq" -name "*.patch" | while read -r pa
   done
 USER root
 
+RUN mkdir -p ${GITLAB_BUILD_DIR}
+
+#----------------------------
+# ruby-inst-extended
+#----------------------------
+FROM  gitlab-foss-source as ruby-inst-extended
+
+COPY --from=ruby-inst /usr/local /usr/local
+
+# install bundler: use version specified in Gemfile.lock
+#RUN BUNDLER_VERSION="$(grep "BUNDLED WITH" $GITLAB_INSTALL_DIR/Gemfile.lock -A 1 | grep -v "BUNDLED WITH" | tr -d "[:space:]")" \
+#    gem install bundler:"$BUNDLER_VERSION"
+
+#----------------------------
+# gitlab-shell
+#----------------------------
+FROM  gitlab-foss-source as gitlab-shell
+
+RUN mkdir /tmp/go
+COPY --from=golang /tmp/go /tmp/go
+
+COPY --from=ruby-inst-extended /usr/local /usr/local
+
+# download gitlab-shell
+RUN echo "Downloading gitlab-shell v.$GITLAB_SHELL_VERSION..." \
+ && mkdir -p $GITLAB_SHELL_INSTALL_DIR \
+ && wget -cq $GITLAB_SHELL_URL -O $GITLAB_BUILD_DIR/gitlab-shell-$GITLAB_SHELL_VERSION.tar.bz2 \
+ && tar xf $GITLAB_BUILD_DIR/gitlab-shell-$GITLAB_SHELL_VERSION.tar.bz2 --strip 1 -C $GITLAB_SHELL_INSTALL_DIR \
+ && rm -rf $GITLAB_BUILD_DIR/gitlab-shell-$GITLAB_SHELL_VERSION.tar.bz2 \
+ && chown -R $GITLAB_USER: $GITLAB_SHELL_INSTALL_DIR
+
+USER git
+
+RUN cd $GITLAB_SHELL_INSTALL_DIR \
+ && cp -a config.yml.example config.yml \
+ && echo "Compiling gitlab-shell golang executables..." \
+ && bundle config set --local deployment 'true' \
+ && bundle config set --local with 'development test' \
+ && bundle install -j"$(nproc)" \
+ && make verify setup
+ 
+ # remove unused repositories directory created by gitlab-shell install
+ #rm -rf ${GITLAB_HOME}/repositories
+ 
+ USER root
+
+ # build gitlab-workhorse
+ RUN echo "Build gitlab-workhorse" \
+  && git config --global --add safe.directory /home/git/gitlab \
+  && make -C $GITLAB_WORKHORSE_BUILD_DIR install -j"$(nproc)"
+ # clean up
+ #rm -rf ${GITLAB_WORKHORSE_BUILD_DIR}
+
 #----------------------------
 # yarn
 #----------------------------
@@ -197,10 +235,12 @@ USER root
 #----------------------------
 FROM base-builder-extended as final
 
+RUN mkdir $GITLAB_CACHE_DIR; mkdir $GITLAB_BUILD_DIR; mkdir $GITLAB_BUILD_DIR/build
+
 RUN mkdir /tmp/go
 COPY --from=golang /tmp/go /tmp/go
 
-COPY --from=ruby-inst /usr/local /usr/local
+COPY --from=ruby-inst-extended /usr/local /usr/local
 
 COPY --from=gitlab-pages /usr/local/bin/gitlab-pages /usr/local/bin
 
@@ -209,6 +249,9 @@ COPY --from=gitaly /usr/local /usr/local
 
 COPY --from=gitlab-foss-source ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
 
+COPY --from=gitlab-shell ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
+COPY --from=gitlab-shell /usr/local /usr/local
+
 COPY --from=yarn ${GITLAB_INSTALL_DIR}/node_modules ${GITLAB_INSTALL_DIR}/node_modules
 
 COPY assets/build/ ${GITLAB_BUILD_DIR}/
diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index aa9689f61..ba4f01a7d 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -112,31 +112,31 @@ gem install bundler:"${BUNDLER_VERSION}"
 #tar -xf ${GITLAB_BUILD_DIR}/go${GOLANG_VERSION}.linux-amd64.tar.gz -C /tmp/
 
 # install gitlab-shell
-echo "Downloading gitlab-shell v.${GITLAB_SHELL_VERSION}..."
-mkdir -p ${GITLAB_SHELL_INSTALL_DIR}
-wget -cq ${GITLAB_SHELL_URL} -O ${GITLAB_BUILD_DIR}/gitlab-shell-${GITLAB_SHELL_VERSION}.tar.bz2
-tar xf ${GITLAB_BUILD_DIR}/gitlab-shell-${GITLAB_SHELL_VERSION}.tar.bz2 --strip 1 -C ${GITLAB_SHELL_INSTALL_DIR}
-rm -rf ${GITLAB_BUILD_DIR}/gitlab-shell-${GITLAB_SHELL_VERSION}.tar.bz2
-chown -R ${GITLAB_USER}: ${GITLAB_SHELL_INSTALL_DIR}
-
-cd ${GITLAB_SHELL_INSTALL_DIR}
-exec_as_git cp -a config.yml.example config.yml
-
-echo "Compiling gitlab-shell golang executables..."
-exec_as_git bundle config set --local deployment 'true'
-exec_as_git bundle config set --local with 'development test'
-exec_as_git bundle install -j"$(nproc)"
-exec_as_git "PATH=$PATH" make verify setup
+#echo "Downloading gitlab-shell v.${GITLAB_SHELL_VERSION}..."
+#mkdir -p ${GITLAB_SHELL_INSTALL_DIR}
+#wget -cq ${GITLAB_SHELL_URL} -O ${GITLAB_BUILD_DIR}/gitlab-shell-${GITLAB_SHELL_VERSION}.tar.bz2
+#tar xf ${GITLAB_BUILD_DIR}/gitlab-shell-${GITLAB_SHELL_VERSION}.tar.bz2 --strip 1 -C ${GITLAB_SHELL_INSTALL_DIR}
+#rm -rf ${GITLAB_BUILD_DIR}/gitlab-shell-${GITLAB_SHELL_VERSION}.tar.bz2
+#chown -R ${GITLAB_USER}: ${GITLAB_SHELL_INSTALL_DIR}
+
+#cd ${GITLAB_SHELL_INSTALL_DIR}
+#exec_as_git cp -a config.yml.example config.yml
+
+#echo "Compiling gitlab-shell golang executables..."
+#exec_as_git bundle config set --local deployment 'true'
+#exec_as_git bundle config set --local with 'development test'
+#exec_as_git bundle install -j"$(nproc)"
+#exec_as_git "PATH=$PATH" make verify setup
 
 # remove unused repositories directory created by gitlab-shell install
-rm -rf ${GITLAB_HOME}/repositories
+#rm -rf ${GITLAB_HOME}/repositories
 
 # build gitlab-workhorse
-echo "Build gitlab-workhorse"
-git config --global --add safe.directory /home/git/gitlab
-make -C ${GITLAB_WORKHORSE_BUILD_DIR} install -j"$(nproc)"
+#echo "Build gitlab-workhorse"
+#git config --global --add safe.directory /home/git/gitlab
+#make -C ${GITLAB_WORKHORSE_BUILD_DIR} install -j"$(nproc)"
 # clean up
-rm -rf ${GITLAB_WORKHORSE_BUILD_DIR}
+#rm -rf ${GITLAB_WORKHORSE_BUILD_DIR}
 
 # download gitlab-pages
 #echo "Downloading gitlab-pages v.${GITLAB_PAGES_VERSION}..."

From 3586730b214b102033121e8b71281c12cb8e5fce Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Fri, 13 Dec 2024 14:21:46 +0100
Subject: [PATCH 05/34] move out last build step gitlab-foss-build

---
 Dockerfile.multistage    | 17 +++++++++++++++++
 assets/build/install2.sh |  6 +++---
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index a0bf9d142..ccae0821f 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -230,6 +230,20 @@ USER git
 RUN cd $GITLAB_INSTALL_DIR; yarn install --production --pure-lockfile
 USER root
 
+#----------------------------
+# gitlab-foss-build
+#----------------------------
+FROM gitlab-foss-source as gitlab-foss-build
+
+COPY --from=ruby-inst-extended /usr/local /usr/local
+
+USER git
+
+RUN  cd $GITLAB_INSTALL_DIR  \
+ && bundle config set --local deployment 'true' \
+ && bundle config set --local without 'development test mysql aws' \
+ && bundle install -j"$(nproc)"
+
 #----------------------------
 # final
 #----------------------------
@@ -254,6 +268,9 @@ COPY --from=gitlab-shell /usr/local /usr/local
 
 COPY --from=yarn ${GITLAB_INSTALL_DIR}/node_modules ${GITLAB_INSTALL_DIR}/node_modules
 
+COPY --from=gitlab-foss-build ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
+COPY --from=gitlab-foss-build /usr/local /usr/local
+
 COPY assets/build/ ${GITLAB_BUILD_DIR}/
 RUN bash ${GITLAB_BUILD_DIR}/install2.sh
 
diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index ba4f01a7d..354d3edf6 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -194,9 +194,9 @@ if [[ -d ${GEM_CACHE_DIR} ]]; then
   chown -R ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/vendor/cache
 fi
 
-exec_as_git bundle config set --local deployment 'true'
-exec_as_git bundle config set --local without 'development test mysql aws'
-exec_as_git bundle install -j"$(nproc)"
+#exec_as_git bundle config set --local deployment 'true'
+#exec_as_git bundle config set --local without 'development test mysql aws'
+#exec_as_git bundle install -j"$(nproc)"
 
 # make sure everything in ${GITLAB_HOME} is owned by ${GITLAB_USER} user
 chown -R ${GITLAB_USER}: ${GITLAB_HOME}

From 7ccd315b8efbebd43dd197beb49a392df4fcb72a Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Sun, 15 Dec 2024 11:04:57 +0100
Subject: [PATCH 06/34] moved bundler install

---
 Dockerfile.multistage    | 4 ++--
 assets/build/install2.sh | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index ccae0821f..90df9ca13 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -178,8 +178,8 @@ FROM  gitlab-foss-source as ruby-inst-extended
 COPY --from=ruby-inst /usr/local /usr/local
 
 # install bundler: use version specified in Gemfile.lock
-#RUN BUNDLER_VERSION="$(grep "BUNDLED WITH" $GITLAB_INSTALL_DIR/Gemfile.lock -A 1 | grep -v "BUNDLED WITH" | tr -d "[:space:]")" \
-#    gem install bundler:"$BUNDLER_VERSION"
+RUN export BUNDLER_VERSION=$(grep "BUNDLED WITH" $GITLAB_INSTALL_DIR/Gemfile.lock -A 1 | grep -v "BUNDLED WITH" | tr -d "[:space:]"); echo $BUNDLER_VERSION; \
+    gem install bundler:"$BUNDLER_VERSION"
 
 #----------------------------
 # gitlab-shell
diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index 354d3edf6..3524da526 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -103,8 +103,8 @@ GITLAB_SHELL_VERSION=${GITLAB_SHELL_VERSION:-$(cat ${GITLAB_INSTALL_DIR}/GITLAB_
 GITLAB_PAGES_VERSION=${GITLAB_PAGES_VERSION:-$(cat ${GITLAB_INSTALL_DIR}/GITLAB_PAGES_VERSION)}
 
 # install bundler: use version specified in Gemfile.lock
-BUNDLER_VERSION="$(grep "BUNDLED WITH" ${GITLAB_INSTALL_DIR}/Gemfile.lock -A 1 | grep -v "BUNDLED WITH" | tr -d "[:space:]")"
-gem install bundler:"${BUNDLER_VERSION}"
+#BUNDLER_VERSION="$(grep "BUNDLED WITH" ${GITLAB_INSTALL_DIR}/Gemfile.lock -A 1 | grep -v "BUNDLED WITH" | tr -d "[:space:]")"
+#gem install bundler:"${BUNDLER_VERSION}"
 
 # download golang
 #echo "Downloading Go ${GOLANG_VERSION}..."

From 037461782f23836162167b69a4dba97b782e4fa5 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Sun, 15 Dec 2024 16:39:09 +0100
Subject: [PATCH 07/34] move resque/gitlab.yml copy; increase max_old_space

---
 Dockerfile.multistage    | 20 +++++++++++++++++++-
 assets/build/install2.sh |  8 ++++----
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 90df9ca13..ecd72f7cb 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -162,6 +162,8 @@ USER git
 RUN echo "Cloning gitlab-foss v.$GITLAB_VERSION..." \
  && git clone -q -b v$GITLAB_VERSION --depth 1 $GITLAB_CLONE_URL $GITLAB_INSTALL_DIR
 
+COPY assets/build/ ${GITLAB_BUILD_DIR}/
+
 RUN find "$GITLAB_BUILD_DIR/patches/gitlabhq" -name "*.patch" | while read -r patch_file; do \
     printf "Applying patch %s for gitlab-foss...\n" "${patch_file}"; \
     git -C $GITLAB_INSTALL_DIR apply --ignore-whitespace < "${patch_file}"; \
@@ -178,7 +180,7 @@ FROM  gitlab-foss-source as ruby-inst-extended
 COPY --from=ruby-inst /usr/local /usr/local
 
 # install bundler: use version specified in Gemfile.lock
-RUN export BUNDLER_VERSION=$(grep "BUNDLED WITH" $GITLAB_INSTALL_DIR/Gemfile.lock -A 1 | grep -v "BUNDLED WITH" | tr -d "[:space:]"); echo $BUNDLER_VERSION; \
+RUN export BUNDLER_VERSION=$(grep "BUNDLED WITH" $GITLAB_INSTALL_DIR/Gemfile.lock -A 1 | grep -v "BUNDLED WITH" | tr -d "[:space:]"); \
     gem install bundler:"$BUNDLER_VERSION"
 
 #----------------------------
@@ -272,6 +274,22 @@ COPY --from=gitlab-foss-build ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
 COPY --from=gitlab-foss-build /usr/local /usr/local
 
 COPY assets/build/ ${GITLAB_BUILD_DIR}/
+
+# gitlab.yml and database.yml are required for `assets:precompile`
+USER git
+
+RUN cp ${GITLAB_INSTALL_DIR}/config/resque.yml.example ${GITLAB_INSTALL_DIR}/config/resque.yml \
+ && cp ${GITLAB_INSTALL_DIR}/config/gitlab.yml.example ${GITLAB_INSTALL_DIR}/config/gitlab.yml
+
+USER root
+
+# #
+# # Temporary workaround, see <https://github.com/sameersbn/docker-gitlab/pull/2596>
+# #
+# # exec_as_git cp ${GITLAB_INSTALL_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
+# RUN cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml \
+#  && chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
+
 RUN bash ${GITLAB_BUILD_DIR}/install2.sh
 
 COPY assets/runtime/ ${GITLAB_RUNTIME_DIR}/
diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index 3524da526..3a6d77a7c 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -202,12 +202,12 @@ fi
 chown -R ${GITLAB_USER}: ${GITLAB_HOME}
 
 # gitlab.yml and database.yml are required for `assets:precompile`
-exec_as_git cp ${GITLAB_INSTALL_DIR}/config/resque.yml.example ${GITLAB_INSTALL_DIR}/config/resque.yml
-exec_as_git cp ${GITLAB_INSTALL_DIR}/config/gitlab.yml.example ${GITLAB_INSTALL_DIR}/config/gitlab.yml
+#exec_as_git cp ${GITLAB_INSTALL_DIR}/config/resque.yml.example ${GITLAB_INSTALL_DIR}/config/resque.yml
+#exec_as_git cp ${GITLAB_INSTALL_DIR}/config/gitlab.yml.example ${GITLAB_INSTALL_DIR}/config/gitlab.yml
 #
 # Temporary workaround, see <https://github.com/sameersbn/docker-gitlab/pull/2596>
 #
-# exec_as_git cp ${GITLAB_INSTALL_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
+#exec_as_git cp ${GITLAB_INSTALL_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
 cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
 chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
 
@@ -215,7 +215,7 @@ chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
 #exec_as_git yarn install --production --pure-lockfile
 
 echo "Compiling assets. Please be patient, this could take a while..."
-exec_as_git bundle exec rake gitlab:assets:compile USE_DB=false SKIP_STORAGE_VALIDATION=true NODE_OPTIONS="--max-old-space-size=4096"
+exec_as_git bundle exec rake gitlab:assets:compile USE_DB=false SKIP_STORAGE_VALIDATION=true NODE_OPTIONS="--max-old-space-size=8192"
 
 # remove auto generated ${GITLAB_DATA_DIR}/config/secrets.yml
 rm -rf ${GITLAB_DATA_DIR}/config/secrets.yml

From 95541c7ed231a80d1fb3b5e8224698c1268aaf93 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Sun, 15 Dec 2024 17:26:53 +0100
Subject: [PATCH 08/34] move database.yml

---
 Dockerfile.multistage    | 4 ++--
 assets/build/install2.sh | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index ecd72f7cb..1c5aeddef 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -287,8 +287,8 @@ USER root
 # # Temporary workaround, see <https://github.com/sameersbn/docker-gitlab/pull/2596>
 # #
 # # exec_as_git cp ${GITLAB_INSTALL_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
-# RUN cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml \
-#  && chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
+RUN cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml \
+ && chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
 
 RUN bash ${GITLAB_BUILD_DIR}/install2.sh
 
diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index 3a6d77a7c..da93842a2 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -208,8 +208,8 @@ chown -R ${GITLAB_USER}: ${GITLAB_HOME}
 # Temporary workaround, see <https://github.com/sameersbn/docker-gitlab/pull/2596>
 #
 #exec_as_git cp ${GITLAB_INSTALL_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
-cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
-chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
+#cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
+#chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
 
 # Installs nodejs packages required to compile webpack
 #exec_as_git yarn install --production --pure-lockfile

From ccbd775ef1673ccd399573e4a7bf5f1d24cacd5e Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 1 Jan 2025 19:08:09 +0100
Subject: [PATCH 09/34] fix uppercase

---
 Dockerfile.multistage | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 1c5aeddef..09aa1fd49 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -1,7 +1,7 @@
 #----------------------------
 # base-builder
 #----------------------------
-FROM ubuntu:focal-20241011 as base-builder
+FROM ubuntu:focal-20241011 AS base-builder
 
 ARG VERSION=17.6.0
 
@@ -61,7 +61,7 @@ RUN apt-get update \
 #----------------------------
 # base-builder-extended
 #----------------------------
-FROM base-builder as base-builder-extended
+FROM base-builder AS base-builder-extended
 
 RUN set -ex && \
     apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 \
@@ -97,7 +97,7 @@ RUN adduser --disabled-login --gecos 'GitLab' $GITLAB_USER \
 #----------------------------
 # golang
 #----------------------------
-FROM base-builder as golang
+FROM base-builder AS golang
 
 RUN echo "Downloading Go $GOLANG_VERSION..." \
  && wget -cnv https://storage.googleapis.com/golang/go$GOLANG_VERSION.linux-amd64.tar.gz -P $GITLAB_BUILD_DIR/ \
@@ -106,7 +106,7 @@ RUN echo "Downloading Go $GOLANG_VERSION..." \
 #----------------------------
 # ruby
 #----------------------------
-FROM ruby:3.2.6-bullseye as ruby-inst
+FROM ruby:3.2.6-bullseye AS ruby-inst
 
 ENV RUBYGEMS_VERSION=3.5.14
 # upgrade rubygems on demand
@@ -115,7 +115,7 @@ RUN gem update --no-document --system "$RUBYGEMS_VERSION"
 #----------------------------
 # gitlab-pages
 #----------------------------
-FROM base-builder as gitlab-pages
+FROM base-builder AS gitlab-pages
 
 RUN mkdir /tmp/go
 COPY --from=golang /tmp/go /tmp/go
@@ -131,7 +131,7 @@ RUN make -C $GITLAB_PAGES_BUILD_DIR -j"$(nproc)" \
 #----------------------------
 # gitaly
 #----------------------------
-FROM base-builder as gitaly
+FROM base-builder AS gitaly
 
 RUN mkdir /tmp/go
 COPY --from=golang /tmp/go /tmp/go
@@ -156,7 +156,7 @@ RUN make -C $GITLAB_GITALY_BUILD_DIR git GIT_PREFIX=/usr/local -j"$(nproc)"
 #----------------------------
 # gitlab-foss-source
 #----------------------------
-FROM base-builder-extended as gitlab-foss-source
+FROM base-builder-extended AS gitlab-foss-source
 # shallow clone gitlab-foss
 USER git
 RUN echo "Cloning gitlab-foss v.$GITLAB_VERSION..." \
@@ -175,7 +175,7 @@ RUN mkdir -p ${GITLAB_BUILD_DIR}
 #----------------------------
 # ruby-inst-extended
 #----------------------------
-FROM  gitlab-foss-source as ruby-inst-extended
+FROM  gitlab-foss-source AS ruby-inst-extended
 
 COPY --from=ruby-inst /usr/local /usr/local
 
@@ -186,7 +186,7 @@ RUN export BUNDLER_VERSION=$(grep "BUNDLED WITH" $GITLAB_INSTALL_DIR/Gemfile.loc
 #----------------------------
 # gitlab-shell
 #----------------------------
-FROM  gitlab-foss-source as gitlab-shell
+FROM  gitlab-foss-source AS gitlab-shell
 
 RUN mkdir /tmp/go
 COPY --from=golang /tmp/go /tmp/go
@@ -226,7 +226,7 @@ RUN cd $GITLAB_SHELL_INSTALL_DIR \
 #----------------------------
 # yarn
 #----------------------------
-FROM gitlab-foss-source as yarn
+FROM gitlab-foss-source AS yarn
 
 USER git
 RUN cd $GITLAB_INSTALL_DIR; yarn install --production --pure-lockfile
@@ -235,7 +235,7 @@ USER root
 #----------------------------
 # gitlab-foss-build
 #----------------------------
-FROM gitlab-foss-source as gitlab-foss-build
+FROM gitlab-foss-source AS gitlab-foss-build
 
 COPY --from=ruby-inst-extended /usr/local /usr/local
 
@@ -249,7 +249,7 @@ RUN  cd $GITLAB_INSTALL_DIR  \
 #----------------------------
 # final
 #----------------------------
-FROM base-builder-extended as final
+FROM base-builder-extended AS final
 
 RUN mkdir $GITLAB_CACHE_DIR; mkdir $GITLAB_BUILD_DIR; mkdir $GITLAB_BUILD_DIR/build
 

From 42ea4fe380bd4137203be68349e909efe2421cd5 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 1 Jan 2025 19:09:58 +0100
Subject: [PATCH 10/34] add env variable MAX_OLD_SPACE

---
 assets/build/install2.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index da93842a2..c46a99dea 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -215,7 +215,7 @@ chown -R ${GITLAB_USER}: ${GITLAB_HOME}
 #exec_as_git yarn install --production --pure-lockfile
 
 echo "Compiling assets. Please be patient, this could take a while..."
-exec_as_git bundle exec rake gitlab:assets:compile USE_DB=false SKIP_STORAGE_VALIDATION=true NODE_OPTIONS="--max-old-space-size=8192"
+exec_as_git bundle exec rake gitlab:assets:compile USE_DB=false SKIP_STORAGE_VALIDATION=true NODE_OPTIONS="--max-old-space-size=$MAX_OLD_SPACE"
 
 # remove auto generated ${GITLAB_DATA_DIR}/config/secrets.yml
 rm -rf ${GITLAB_DATA_DIR}/config/secrets.yml

From 616e07f1dc73851c13ebd678c94984b234288fc8 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Thu, 2 Jan 2025 12:59:52 +0100
Subject: [PATCH 11/34] add mutistage Dockerfile

---
 Dockerfile.multistage | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 09aa1fd49..46a92d683 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -266,6 +266,7 @@ COPY --from=gitaly /usr/local /usr/local
 COPY --from=gitlab-foss-source ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
 
 COPY --from=gitlab-shell ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
+COPY --from=gitlab-shell ${GITLAB_SHELL_INSTALL_DIR} ${GITLAB_SHELL_INSTALL_DIR}
 COPY --from=gitlab-shell /usr/local /usr/local
 
 COPY --from=yarn ${GITLAB_INSTALL_DIR}/node_modules ${GITLAB_INSTALL_DIR}/node_modules

From dd61cedff3011416c4750b8c2df8c5548a1c153b Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Thu, 2 Jan 2025 19:33:45 +0100
Subject: [PATCH 12/34] upgrade to 17.6.2; add architecture to go

---
 Dockerfile.multistage | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 46a92d683..ac5cd5754 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -3,7 +3,7 @@
 #----------------------------
 FROM ubuntu:focal-20241011 AS base-builder
 
-ARG VERSION=17.6.0
+ARG VERSION=17.6.2
 
 ENV GITLAB_VERSION=${VERSION} \
     RUBY_VERSION=3.2.6 \
@@ -11,8 +11,8 @@ ENV GITLAB_VERSION=${VERSION} \
     RUBYGEMS_VERSION=3.5.14 \
     GOLANG_VERSION=1.23.3 \
     GITLAB_SHELL_VERSION=14.39.0 \
-    GITLAB_PAGES_VERSION=17.6.0 \
-    GITALY_SERVER_VERSION=17.6.0 \
+    GITLAB_PAGES_VERSION=17.6.2 \
+    GITALY_SERVER_VERSION=17.6.2 \
     GITLAB_USER="git" \
     GITLAB_HOME="/home/git" \
     GITLAB_LOG_DIR="/var/log/gitlab" \
@@ -100,8 +100,9 @@ RUN adduser --disabled-login --gecos 'GitLab' $GITLAB_USER \
 FROM base-builder AS golang
 
 RUN echo "Downloading Go $GOLANG_VERSION..." \
- && wget -cnv https://storage.googleapis.com/golang/go$GOLANG_VERSION.linux-amd64.tar.gz -P $GITLAB_BUILD_DIR/ \
- && tar -xf $GITLAB_BUILD_DIR/go$GOLANG_VERSION.linux-amd64.tar.gz -C /tmp/
+ && dpkgArch="$(dpkg-architecture -qDEB_HOST_ARCH)" \
+ && wget -cnv https://storage.googleapis.com/golang/go$GOLANG_VERSION.linux-${dpkgArch}.tar.gz -P $GITLAB_BUILD_DIR/ \
+ && tar -xf $GITLAB_BUILD_DIR/go$GOLANG_VERSION.linux-${dpkgArch}.tar.gz -C /tmp/
 
 #----------------------------
 # ruby

From 8383bf74057e028ee5936cd8652074281656cd45 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Tue, 7 Jan 2025 10:49:32 +0100
Subject: [PATCH 13/34] add libraries for source compile on arm64

---
 Dockerfile.multistage | 35 ++++++++++++++++++-----------------
 1 file changed, 18 insertions(+), 17 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index ac5cd5754..447ad5a6e 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -45,6 +45,20 @@ ENV BUILD_DEPENDENCIES="gcc g++ make patch pkg-config cmake paxctl \
     gettext libkrb5-dev \
     libexpat1-dev libz-dev libpcre2-dev build-essential git"
 
+ARG BUILD_DATE
+ARG VCS_REF
+
+LABEL \
+    maintainer="sameer@damagehead.com" \
+    org.label-schema.schema-version="1.0" \
+    org.label-schema.build-date=${BUILD_DATE} \
+    org.label-schema.name=gitlab \
+    org.label-schema.vendor=damagehead \
+    org.label-schema.url="https://github.com/sameersbn/docker-gitlab" \
+    org.label-schema.vcs-url="https://github.com/sameersbn/docker-gitlab.git" \
+    org.label-schema.vcs-ref=${VCS_REF} \
+    com.damagehead.gitlab.license=MIT
+
 ENV GOROOT=/tmp/go
 ENV PATH=${GOROOT}/bin:$PATH
 
@@ -53,7 +67,7 @@ RUN apt-get update \
  && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y ${BUILD_DEPENDENCIES} \
  && apt-get upgrade -y
 
- RUN apt-get update \
+RUN apt-get update \
  && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
     wget ca-certificates apt-transport-https gnupg2 curl \
  && apt-get upgrade -y
@@ -85,6 +99,7 @@ RUN set -ex && \
       libgdbm6 libreadline8 libncurses5 libffi7 \
       libxml2 libxslt1.1 libcurl4 libicu66 libre2-dev tzdata unzip libimage-exiftool-perl \
       libmagic1 \
+      libpixman-1-dev libcairo2-dev libpango1.0-dev libjpeg8-dev libgif-dev \ 
  && update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX \
  && locale-gen en_US.UTF-8 \
  && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales \
@@ -254,8 +269,8 @@ FROM base-builder-extended AS final
 
 RUN mkdir $GITLAB_CACHE_DIR; mkdir $GITLAB_BUILD_DIR; mkdir $GITLAB_BUILD_DIR/build
 
-RUN mkdir /tmp/go
-COPY --from=golang /tmp/go /tmp/go
+#RUN mkdir /tmp/go
+#COPY --from=golang /tmp/go /tmp/go
 
 COPY --from=ruby-inst-extended /usr/local /usr/local
 
@@ -300,20 +315,6 @@ RUN chmod 755 /sbin/entrypoint.sh
 
 ENV prometheus_multiproc_dir="/dev/shm"
 
-ARG BUILD_DATE
-ARG VCS_REF
-
-LABEL \
-    maintainer="sameer@damagehead.com" \
-    org.label-schema.schema-version="1.0" \
-    org.label-schema.build-date=${BUILD_DATE} \
-    org.label-schema.name=gitlab \
-    org.label-schema.vendor=damagehead \
-    org.label-schema.url="https://github.com/sameersbn/docker-gitlab" \
-    org.label-schema.vcs-url="https://github.com/sameersbn/docker-gitlab.git" \
-    org.label-schema.vcs-ref=${VCS_REF} \
-    com.damagehead.gitlab.license=MIT
-
 EXPOSE 22/tcp 80/tcp 443/tcp
 
 RUN ln -s /etc/ssl/certs/ca-certificates.crt /usr/lib/ssl/cert.pem

From dffb90ea7df90a3118a3c206eb3cd6d0cb4a64f1 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Tue, 7 Jan 2025 11:20:51 +0100
Subject: [PATCH 14/34] reenable go for final

---
 Dockerfile.multistage | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 447ad5a6e..8d1ca881f 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -269,8 +269,8 @@ FROM base-builder-extended AS final
 
 RUN mkdir $GITLAB_CACHE_DIR; mkdir $GITLAB_BUILD_DIR; mkdir $GITLAB_BUILD_DIR/build
 
-#RUN mkdir /tmp/go
-#COPY --from=golang /tmp/go /tmp/go
+RUN mkdir /tmp/go
+COPY --from=golang /tmp/go /tmp/go
 
 COPY --from=ruby-inst-extended /usr/local /usr/local
 

From 39e9854c9354185e0f9289b6108e467637390f17 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Tue, 7 Jan 2025 21:13:09 +0100
Subject: [PATCH 15/34] remove unused variables

---
 assets/build/install2.sh | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index c46a99dea..2bb6d2086 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -1,16 +1,16 @@
 #!/bin/bash
 set -e
 
-GITLAB_CLONE_URL=https://gitlab.com/gitlab-org/gitlab-foss.git
-GITLAB_SHELL_URL=https://gitlab.com/gitlab-org/gitlab-shell/-/archive/v${GITLAB_SHELL_VERSION}/gitlab-shell-v${GITLAB_SHELL_VERSION}.tar.bz2
-GITLAB_PAGES_URL=https://gitlab.com/gitlab-org/gitlab-pages.git
-GITLAB_GITALY_URL=https://gitlab.com/gitlab-org/gitaly.git
+#GITLAB_CLONE_URL=https://gitlab.com/gitlab-org/gitlab-foss.git
+#GITLAB_SHELL_URL=https://gitlab.com/gitlab-org/gitlab-shell/-/archive/v${GITLAB_SHELL_VERSION}/gitlab-shell-v${GITLAB_SHELL_VERSION}.tar.bz2
+#GITLAB_PAGES_URL=https://gitlab.com/gitlab-org/gitlab-pages.git
+#GITLAB_GITALY_URL=https://gitlab.com/gitlab-org/gitaly.git
 
-GITLAB_WORKHORSE_BUILD_DIR=${GITLAB_INSTALL_DIR}/workhorse
-GITLAB_PAGES_BUILD_DIR=/tmp/gitlab-pages
-GITLAB_GITALY_BUILD_DIR=/tmp/gitaly
+#GITLAB_WORKHORSE_BUILD_DIR=${GITLAB_INSTALL_DIR}/workhorse
+#GITLAB_PAGES_BUILD_DIR=/tmp/gitlab-pages
+#GITLAB_GITALY_BUILD_DIR=/tmp/gitaly
 
-RUBY_SRC_URL=https://cache.ruby-lang.org/pub/ruby/${RUBY_VERSION%.*}/ruby-${RUBY_VERSION}.tar.gz
+#RUBY_SRC_URL=https://cache.ruby-lang.org/pub/ruby/${RUBY_VERSION%.*}/ruby-${RUBY_VERSION}.tar.gz
 
 GEM_CACHE_DIR="${GITLAB_BUILD_DIR}/cache"
 

From d9f882d56eabf604c17352c31535561f6cdc2f87 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Tue, 7 Jan 2025 22:14:24 +0100
Subject: [PATCH 16/34] set larger resource class; change to buildx; all for
 th-2021

---
 .circleci/config.yml | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index b72efbdaf..5f479012f 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -11,7 +11,7 @@ commands:
       Build and optionally deploy a Docker images
     parameters:
       dockerfile:
-        default: Dockerfile
+        default: Dockerfile.multistage
         description: 'Name of dockerfile to use, defaults to Dockerfile'
         type: string
       extra_build_args:
@@ -76,7 +76,7 @@ commands:
                     done
                   done
 
-                  docker build
+                  docker buildx build
                   <<#parameters.extra_build_args>><<parameters.extra_build_args>><</parameters.extra_build_args>>
                   \
                     --cache-from <<parameters.cache_from>> \
@@ -102,7 +102,7 @@ commands:
                     done
                   done
 
-                  docker build
+                  docker buildx build
                   <<#parameters.extra_build_args>><<parameters.extra_build_args>><</parameters.extra_build_args>>
                   \
                     -f <<parameters.path>>/<<parameters.dockerfile>> \
@@ -199,18 +199,19 @@ commands:
 jobs:
   build:
     executor: docker/machine
+    resource_class: large
     steps:
       - checkout
       - docker-build:
           registry: docker.io,quay.io
-          image: sameersbn/gitlab
+          image: th2021/docker-gitlab
           tag: ${CIRCLE_TAG:-latest}
-          cache_from: docker.io/sameersbn/gitlab:latest
+          cache_from: docker.io/th2021/docker-gitlab:latest
           extra_build_args: '--build-arg VCS_REF=${CIRCLE_TAG:-${CIRCLE_SHA1}} --build-arg BUILD_DATE="$(date +"%Y-%m-%d %H:%M:%S%:z")"'
           no_output_timeout: 45m
       - docker-save:
           registry: docker.io,quay.io
-          image: sameersbn/gitlab
+          image: th2021/docker-gitlab
           tag: ${CIRCLE_TAG:-latest}
 
   test:

From 69af74d0e126e98473094460eca599cbaf7fbd4c Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 8 Jan 2025 07:58:54 +0100
Subject: [PATCH 17/34] add MAX_OLD_SPACE=8192

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 5f479012f..0ab7129cd 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -207,7 +207,7 @@ jobs:
           image: th2021/docker-gitlab
           tag: ${CIRCLE_TAG:-latest}
           cache_from: docker.io/th2021/docker-gitlab:latest
-          extra_build_args: '--build-arg VCS_REF=${CIRCLE_TAG:-${CIRCLE_SHA1}} --build-arg BUILD_DATE="$(date +"%Y-%m-%d %H:%M:%S%:z")"'
+          extra_build_args: '--build-arg VCS_REF=${CIRCLE_TAG:-${CIRCLE_SHA1}} --build-arg BUILD_DATE="$(date +"%Y-%m-%d %H:%M:%S%:z")" --build-arg MAX_OLD_SPACE=8192'
           no_output_timeout: 45m
       - docker-save:
           registry: docker.io,quay.io

From bd8c13548fca49f99bd5d5fd0dbe83586986664e Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 8 Jan 2025 08:50:28 +0100
Subject: [PATCH 18/34] echo MAX_OLD_SIZE

---
 assets/build/install2.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index 2bb6d2086..0116fa34f 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -215,6 +215,7 @@ chown -R ${GITLAB_USER}: ${GITLAB_HOME}
 #exec_as_git yarn install --production --pure-lockfile
 
 echo "Compiling assets. Please be patient, this could take a while..."
+echo "MAX_OLD_SPACE=$MAX_OLD_SPACE"
 exec_as_git bundle exec rake gitlab:assets:compile USE_DB=false SKIP_STORAGE_VALIDATION=true NODE_OPTIONS="--max-old-space-size=$MAX_OLD_SPACE"
 
 # remove auto generated ${GITLAB_DATA_DIR}/config/secrets.yml

From 06c7ee096de22b0d50d13471fd7479ec70cd882e Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 8 Jan 2025 09:20:06 +0100
Subject: [PATCH 19/34] set max-old-space directly to 8192

---
 assets/build/install2.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index 0116fa34f..306c67bbc 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -215,8 +215,7 @@ chown -R ${GITLAB_USER}: ${GITLAB_HOME}
 #exec_as_git yarn install --production --pure-lockfile
 
 echo "Compiling assets. Please be patient, this could take a while..."
-echo "MAX_OLD_SPACE=$MAX_OLD_SPACE"
-exec_as_git bundle exec rake gitlab:assets:compile USE_DB=false SKIP_STORAGE_VALIDATION=true NODE_OPTIONS="--max-old-space-size=$MAX_OLD_SPACE"
+exec_as_git bundle exec rake gitlab:assets:compile USE_DB=false SKIP_STORAGE_VALIDATION=true NODE_OPTIONS="--max-old-space-size=8192"
 
 # remove auto generated ${GITLAB_DATA_DIR}/config/secrets.yml
 rm -rf ${GITLAB_DATA_DIR}/config/secrets.yml

From 8362e0ec8bc7ff3291d7c5893dca05fcc41878f7 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 8 Jan 2025 12:02:46 +0100
Subject: [PATCH 20/34] add parallelism

---
 .circleci/config.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 0ab7129cd..b5bd5d91d 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -213,6 +213,7 @@ jobs:
           registry: docker.io,quay.io
           image: th2021/docker-gitlab
           tag: ${CIRCLE_TAG:-latest}
+    parallelism: 3
 
   test:
     executor: docker/machine

From 6944ffdfa3ed0ab820b66c12f674972af532f573 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 8 Jan 2025 13:38:46 +0100
Subject: [PATCH 21/34] remove parallelism; upgrade docker orb

---
 .circleci/config.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index b5bd5d91d..ab04877cc 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -2,7 +2,7 @@ version: 2.1
 
 orbs:
   shellcheck: circleci/shellcheck@3.2.0
-  docker: circleci/docker@2.5.0
+  docker: circleci/docker@2.8.1
   go: circleci/go@1.11.0
 
 commands:
@@ -213,7 +213,6 @@ jobs:
           registry: docker.io,quay.io
           image: th2021/docker-gitlab
           tag: ${CIRCLE_TAG:-latest}
-    parallelism: 3
 
   test:
     executor: docker/machine

From 9a9ede5723962469303718a8ae36e4299f89c11d Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 8 Jan 2025 15:08:04 +0100
Subject: [PATCH 22/34] use buildkit

---
 .circleci/config.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index ab04877cc..2ff480566 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -209,6 +209,7 @@ jobs:
           cache_from: docker.io/th2021/docker-gitlab:latest
           extra_build_args: '--build-arg VCS_REF=${CIRCLE_TAG:-${CIRCLE_SHA1}} --build-arg BUILD_DATE="$(date +"%Y-%m-%d %H:%M:%S%:z")" --build-arg MAX_OLD_SPACE=8192'
           no_output_timeout: 45m
+          use-buildkit: true
       - docker-save:
           registry: docker.io,quay.io
           image: th2021/docker-gitlab

From 056227536be25bc2f9a2f6fca80b7daf88ed9d20 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 8 Jan 2025 15:11:05 +0100
Subject: [PATCH 23/34] add buildkit parameter

---
 .circleci/config.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 2ff480566..83bf09c9f 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -50,6 +50,11 @@ commands:
         description: |
           No output timeout for build step
         type: string
+      use-buildkit:
+        default: false
+        description: |
+          Use buildkit to build the image. Available on Docker >= 18.09.0 https://docs.docker.com/develop/develop-images/build_enhancements/
+        type: boolean
     steps:
       - when:
           condition: <<parameters.cache_from>>

From d7225209462efb6b4d237d2b46c822e585b8ddca Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 8 Jan 2025 15:57:07 +0100
Subject: [PATCH 24/34] set buildkit variable

---
 .circleci/config.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 83bf09c9f..9f9dc23fd 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -81,7 +81,7 @@ commands:
                     done
                   done
 
-                  docker buildx build
+                  DOCKER_BUILDKIT=1 docker buildx build
                   <<#parameters.extra_build_args>><<parameters.extra_build_args>><</parameters.extra_build_args>>
                   \
                     --cache-from <<parameters.cache_from>> \
@@ -107,7 +107,7 @@ commands:
                     done
                   done
 
-                  docker buildx build
+                  DOCKER_BUILDKIT=1 docker buildx build
                   <<#parameters.extra_build_args>><<parameters.extra_build_args>><</parameters.extra_build_args>>
                   \
                     -f <<parameters.path>>/<<parameters.dockerfile>> \

From 738eecd086ea2a016fe0d12c38ecaf4db1534f8a Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Thu, 9 Jan 2025 09:57:22 +0100
Subject: [PATCH 25/34] add image

---
 .circleci/config.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 9f9dc23fd..f03877b48 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -203,7 +203,8 @@ commands:
 
 jobs:
   build:
-    executor: docker/machine
+    machine:
+      image: ubuntu-2404:edge
     resource_class: large
     steps:
       - checkout

From 0fa2518fc854f146e8773414e15bcef28eb542cb Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Thu, 9 Jan 2025 10:58:31 +0100
Subject: [PATCH 26/34] simplify

---
 .circleci/config.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index f03877b48..d36645cad 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -81,7 +81,7 @@ commands:
                     done
                   done
 
-                  DOCKER_BUILDKIT=1 docker buildx build
+                  docker buildx build
                   <<#parameters.extra_build_args>><<parameters.extra_build_args>><</parameters.extra_build_args>>
                   \
                     --cache-from <<parameters.cache_from>> \
@@ -107,7 +107,7 @@ commands:
                     done
                   done
 
-                  DOCKER_BUILDKIT=1 docker buildx build
+                  docker buildx build
                   <<#parameters.extra_build_args>><<parameters.extra_build_args>><</parameters.extra_build_args>>
                   \
                     -f <<parameters.path>>/<<parameters.dockerfile>> \
@@ -213,7 +213,7 @@ jobs:
           image: th2021/docker-gitlab
           tag: ${CIRCLE_TAG:-latest}
           cache_from: docker.io/th2021/docker-gitlab:latest
-          extra_build_args: '--build-arg VCS_REF=${CIRCLE_TAG:-${CIRCLE_SHA1}} --build-arg BUILD_DATE="$(date +"%Y-%m-%d %H:%M:%S%:z")" --build-arg MAX_OLD_SPACE=8192'
+          extra_build_args: '--build-arg VCS_REF=${CIRCLE_TAG:-${CIRCLE_SHA1}} --build-arg BUILD_DATE="$(date +"%Y-%m-%d %H:%M:%S%:z")"'
           no_output_timeout: 45m
           use-buildkit: true
       - docker-save:

From 2de835eeadbdaa3f83a27cdbd38341741eb0339e Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Fri, 10 Jan 2025 09:42:55 +0100
Subject: [PATCH 27/34] change back to better match master

---
 .circleci/config.yml     | 6 +++---
 Dockerfile.multistage    | 6 +++---
 assets/runtime/functions | 2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index d36645cad..47204bf3d 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -210,15 +210,15 @@ jobs:
       - checkout
       - docker-build:
           registry: docker.io,quay.io
-          image: th2021/docker-gitlab
+          image: sameersbn/gitlab
           tag: ${CIRCLE_TAG:-latest}
-          cache_from: docker.io/th2021/docker-gitlab:latest
+          cache_from: docker.io/sameersbn/gitlab:latest
           extra_build_args: '--build-arg VCS_REF=${CIRCLE_TAG:-${CIRCLE_SHA1}} --build-arg BUILD_DATE="$(date +"%Y-%m-%d %H:%M:%S%:z")"'
           no_output_timeout: 45m
           use-buildkit: true
       - docker-save:
           registry: docker.io,quay.io
-          image: th2021/docker-gitlab
+          image: sameersbn/gitlab
           tag: ${CIRCLE_TAG:-latest}
 
   test:
diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 8d1ca881f..5dc5f3741 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -3,7 +3,7 @@
 #----------------------------
 FROM ubuntu:focal-20241011 AS base-builder
 
-ARG VERSION=17.6.2
+ARG VERSION=17.6.0
 
 ENV GITLAB_VERSION=${VERSION} \
     RUBY_VERSION=3.2.6 \
@@ -11,8 +11,8 @@ ENV GITLAB_VERSION=${VERSION} \
     RUBYGEMS_VERSION=3.5.14 \
     GOLANG_VERSION=1.23.3 \
     GITLAB_SHELL_VERSION=14.39.0 \
-    GITLAB_PAGES_VERSION=17.6.2 \
-    GITALY_SERVER_VERSION=17.6.2 \
+    GITLAB_PAGES_VERSION=17.6.0 \
+    GITALY_SERVER_VERSION=17.6.0 \
     GITLAB_USER="git" \
     GITLAB_HOME="/home/git" \
     GITLAB_LOG_DIR="/var/log/gitlab" \
diff --git a/assets/runtime/functions b/assets/runtime/functions
index 67750f2f7..8b7050ac2 100644
--- a/assets/runtime/functions
+++ b/assets/runtime/functions
@@ -2260,7 +2260,7 @@ migrate_database() {
       chown -R ${GITLAB_USER}: ${GITLAB_HOME}/gitlab/node_modules
       exec_as_git yarn install --production --pure-lockfile
       echo "Recompiling assets (relative_url in use), this could take a while..."
-      exec_as_git bundle exec rake gitlab:assets:compile NODE_OPTIONS="--max-old-space-size=4096" >/dev/null 2>&1
+      exec_as_git bundle exec rake gitlab:assets:compile NODE_OPTIONS="--max-old-space-size=8192" >/dev/null 2>&1
     fi
 
     echo "Clearing cache..."

From f0665168f2e70c1b9ff548308b00f1e9d634b611 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Fri, 10 Jan 2025 11:23:50 +0100
Subject: [PATCH 28/34] do a standard build for comparison

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 47204bf3d..747df192c 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -11,7 +11,7 @@ commands:
       Build and optionally deploy a Docker images
     parameters:
       dockerfile:
-        default: Dockerfile.multistage
+        default: Dockerfile
         description: 'Name of dockerfile to use, defaults to Dockerfile'
         type: string
       extra_build_args:

From a05eb3a2c9a80e4239dd58f5c82a130eb1768474 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Tue, 14 Jan 2025 17:01:01 +0100
Subject: [PATCH 29/34] cleanup

---
 Dockerfile.multistage    | 12 ++++++------
 assets/build/install2.sh |  8 ++++----
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 5dc5f3741..1cda7c470 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -269,10 +269,8 @@ FROM base-builder-extended AS final
 
 RUN mkdir $GITLAB_CACHE_DIR; mkdir $GITLAB_BUILD_DIR; mkdir $GITLAB_BUILD_DIR/build
 
-RUN mkdir /tmp/go
-COPY --from=golang /tmp/go /tmp/go
-
-COPY --from=ruby-inst-extended /usr/local /usr/local
+COPY --from=ruby-inst-extended /usr/local/bin /usr/local/bin
+COPY --from=ruby-inst-extended /usr/local/lib /usr/local/lib
 
 COPY --from=gitlab-pages /usr/local/bin/gitlab-pages /usr/local/bin
 
@@ -281,8 +279,8 @@ COPY --from=gitaly /usr/local /usr/local
 
 COPY --from=gitlab-foss-source ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
 
-COPY --from=gitlab-shell ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
-COPY --from=gitlab-shell ${GITLAB_SHELL_INSTALL_DIR} ${GITLAB_SHELL_INSTALL_DIR}
+#COPY --from=gitlab-shell ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
+#COPY --from=gitlab-shell ${GITLAB_SHELL_INSTALL_DIR} ${GITLAB_SHELL_INSTALL_DIR}
 COPY --from=gitlab-shell /usr/local /usr/local
 
 COPY --from=yarn ${GITLAB_INSTALL_DIR}/node_modules ${GITLAB_INSTALL_DIR}/node_modules
@@ -307,7 +305,9 @@ USER root
 RUN cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml \
  && chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
 
+#=======================================
 RUN bash ${GITLAB_BUILD_DIR}/install2.sh
+#=======================================
 
 COPY assets/runtime/ ${GITLAB_RUNTIME_DIR}/
 COPY entrypoint.sh /sbin/entrypoint.sh
diff --git a/assets/build/install2.sh b/assets/build/install2.sh
index 306c67bbc..7489063d1 100755
--- a/assets/build/install2.sh
+++ b/assets/build/install2.sh
@@ -14,8 +14,8 @@ set -e
 
 GEM_CACHE_DIR="${GITLAB_BUILD_DIR}/cache"
 
-GOROOT=/tmp/go
-PATH=${GOROOT}/bin:$PATH
+#GOROOT=/tmp/go
+#PATH=${GOROOT}/bin:$PATH
 
 export GOROOT PATH
 
@@ -173,8 +173,8 @@ GITLAB_PAGES_VERSION=${GITLAB_PAGES_VERSION:-$(cat ${GITLAB_INSTALL_DIR}/GITLAB_
 #rm -rf ${GITLAB_GITALY_BUILD_DIR}
 
 # remove go
-go clean --modcache
-rm -rf ${GITLAB_BUILD_DIR}/go${GOLANG_VERSION}.linux-amd64.tar.gz ${GOROOT}
+#go clean --modcache
+#rm -rf ${GITLAB_BUILD_DIR}/go${GOLANG_VERSION}.linux-amd64.tar.gz ${GOROOT}
 
 # remove HSTS config from the default headers, we configure it in nginx
 exec_as_git sed -i "/headers\['Strict-Transport-Security'\]/d" ${GITLAB_INSTALL_DIR}/app/controllers/application_controller.rb

From f4d4c803dfaf6675b347b8d3ecea0af0857d5278 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 22 Jan 2025 14:36:38 +0100
Subject: [PATCH 30/34] update to 17.7.2

---
 Dockerfile.multistage | 30 ++++++++++++++----------------
 1 file changed, 14 insertions(+), 16 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 1cda7c470..0607ebea2 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -1,18 +1,18 @@
 #----------------------------
 # base-builder
 #----------------------------
-FROM ubuntu:focal-20241011 AS base-builder
+FROM ubuntu:jammy-20240911.1 AS base-builder
 
-ARG VERSION=17.6.0
+ARG VERSION=17.7.2
 
 ENV GITLAB_VERSION=${VERSION} \
     RUBY_VERSION=3.2.6 \
     RUBY_SOURCE_SHA256SUM="d9cb65ecdf3f18669639f2638b63379ed6fbb17d93ae4e726d4eb2bf68a48370" \
     RUBYGEMS_VERSION=3.5.14 \
-    GOLANG_VERSION=1.23.3 \
+    GOLANG_VERSION=1.23.5 \
     GITLAB_SHELL_VERSION=14.39.0 \
-    GITLAB_PAGES_VERSION=17.6.0 \
-    GITALY_SERVER_VERSION=17.6.0 \
+    GITLAB_PAGES_VERSION=17.7.2 \
+    GITALY_SERVER_VERSION=17.7.2 \
     GITLAB_USER="git" \
     GITLAB_HOME="/home/git" \
     GITLAB_LOG_DIR="/var/log/gitlab" \
@@ -79,11 +79,9 @@ FROM base-builder AS base-builder-extended
 
 RUN set -ex && \
     apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 \
- && echo "deb http://ppa.launchpad.net/git-core/ppa/ubuntu focal main" >> /etc/apt/sources.list \
- && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 8B3981E7A6852F782CC4951600A6F0A3C300EE8C \
- && echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu focal main" >> /etc/apt/sources.list \
+ && echo "deb http://ppa.launchpad.net/git-core/ppa/ubuntu jammy main" >> /etc/apt/sources.list \
  && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \
- && echo 'deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main' > /etc/apt/sources.list.d/pgdg.list \
+ && echo 'deb http://apt.postgresql.org/pub/repos/apt/ jammy-pgdg main' > /etc/apt/sources.list.d/pgdg.list \
  && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | apt-key add - \
  && echo 'deb https://deb.nodesource.com/node_20.x nodistro main' > /etc/apt/sources.list.d/nodesource.list \
  && wget --quiet -O - https://dl.yarnpkg.com/debian/pubkey.gpg  | apt-key add - \
@@ -93,13 +91,13 @@ RUN set -ex && \
  && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
       sudo supervisor logrotate locales curl \
       nginx openssh-server postgresql-contrib redis-tools \
-      postgresql-client-13 postgresql-client-14 postgresql-client-15 postgresql-client-16 \
+      postgresql-client-13 postgresql-client-14 postgresql-client-15 postgresql-client-16 postgresql-client-17 \
       python3 python3-docutils nodejs yarn gettext-base graphicsmagick \
-      libpq5 zlib1g libyaml-0-2 libssl1.1 \
-      libgdbm6 libreadline8 libncurses5 libffi7 \
-      libxml2 libxslt1.1 libcurl4 libicu66 libre2-dev tzdata unzip libimage-exiftool-perl \
-      libmagic1 \
-      libpixman-1-dev libcairo2-dev libpango1.0-dev libjpeg8-dev libgif-dev \ 
+      libpq5 zlib1g libyaml-dev libssl-dev libgdbm-dev libre2-dev \
+      libreadline-dev libncurses5-dev libffi-dev curl openssh-server libxml2-dev libxslt-dev \
+      libcurl4-openssl-dev libicu-dev libkrb5-dev rsync python3-docutils pkg-config cmake \
+      runit-systemd \
+      tzdata unzip libimage-exiftool-perl libmagic1 \
  && update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX \
  && locale-gen en_US.UTF-8 \
  && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales \
@@ -122,7 +120,7 @@ RUN echo "Downloading Go $GOLANG_VERSION..." \
 #----------------------------
 # ruby
 #----------------------------
-FROM ruby:3.2.6-bullseye AS ruby-inst
+FROM ruby:3.2.6-bookworm AS ruby-inst
 
 ENV RUBYGEMS_VERSION=3.5.14
 # upgrade rubygems on demand

From d79753c152139d78bb5a816646830b1a3ab6bb29 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Wed, 22 Jan 2025 20:20:29 +0100
Subject: [PATCH 31/34] update to 17.8.0

---
 Dockerfile.multistage | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 0607ebea2..39a9063e5 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -3,7 +3,7 @@
 #----------------------------
 FROM ubuntu:jammy-20240911.1 AS base-builder
 
-ARG VERSION=17.7.2
+ARG VERSION=17.8.0
 
 ENV GITLAB_VERSION=${VERSION} \
     RUBY_VERSION=3.2.6 \
@@ -11,8 +11,8 @@ ENV GITLAB_VERSION=${VERSION} \
     RUBYGEMS_VERSION=3.5.14 \
     GOLANG_VERSION=1.23.5 \
     GITLAB_SHELL_VERSION=14.39.0 \
-    GITLAB_PAGES_VERSION=17.7.2 \
-    GITALY_SERVER_VERSION=17.7.2 \
+    GITLAB_PAGES_VERSION=17.8.0 \
+    GITALY_SERVER_VERSION=17.8.0 \
     GITLAB_USER="git" \
     GITLAB_HOME="/home/git" \
     GITLAB_LOG_DIR="/var/log/gitlab" \
@@ -78,14 +78,15 @@ RUN apt-get update \
 FROM base-builder AS base-builder-extended
 
 RUN set -ex && \
-    apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 \
- && echo "deb http://ppa.launchpad.net/git-core/ppa/ubuntu jammy main" >> /etc/apt/sources.list \
- && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \
- && echo 'deb http://apt.postgresql.org/pub/repos/apt/ jammy-pgdg main' > /etc/apt/sources.list.d/pgdg.list \
- && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | apt-key add - \
- && echo 'deb https://deb.nodesource.com/node_20.x nodistro main' > /etc/apt/sources.list.d/nodesource.list \
- && wget --quiet -O - https://dl.yarnpkg.com/debian/pubkey.gpg  | apt-key add - \
- && echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list \
+ mkdir -p /etc/apt/keyrings \
+ && wget --quiet -O - https://keyserver.ubuntu.com/pks/lookup?op=get\&search=0xe1dd270288b4e6030699e45fa1715d88e1df1f24 | gpg --dearmor -o /etc/apt/keyrings/git-core.gpg \
+ && echo "deb [signed-by=/etc/apt/keyrings/git-core.gpg] http://ppa.launchpad.net/git-core/ppa/ubuntu jammy main" >> /etc/apt/sources.list \
+ && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor -o /etc/apt/keyrings/postgres.gpg \
+ && echo 'deb [signed-by=/etc/apt/keyrings/postgres.gpg] http://apt.postgresql.org/pub/repos/apt/ jammy-pgdg main' > /etc/apt/sources.list.d/pgdg.list \
+ && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
+ && echo 'deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main' > /etc/apt/sources.list.d/nodesource.list \
+ && wget --quiet -O - https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor -o /etc/apt/keyrings/yarn.gpg \
+ && echo 'deb [signed-by=/etc/apt/keyrings/yarn.gpg] https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list \
  && set -ex \
  && apt-get update \
  && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \

From 1663c620b5d65b8f9fbca2cb82059c6a5419e6c7 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Thu, 23 Jan 2025 08:58:48 +0100
Subject: [PATCH 32/34] upgrade to 17.8.1.circleci/config.yml

---
 Dockerfile.multistage | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index 39a9063e5..a54094c65 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -3,7 +3,7 @@
 #----------------------------
 FROM ubuntu:jammy-20240911.1 AS base-builder
 
-ARG VERSION=17.8.0
+ARG VERSION=17.8.1
 
 ENV GITLAB_VERSION=${VERSION} \
     RUBY_VERSION=3.2.6 \
@@ -11,8 +11,8 @@ ENV GITLAB_VERSION=${VERSION} \
     RUBYGEMS_VERSION=3.5.14 \
     GOLANG_VERSION=1.23.5 \
     GITLAB_SHELL_VERSION=14.39.0 \
-    GITLAB_PAGES_VERSION=17.8.0 \
-    GITALY_SERVER_VERSION=17.8.0 \
+    GITLAB_PAGES_VERSION=17.8.1 \
+    GITALY_SERVER_VERSION=17.8.1 \
     GITLAB_USER="git" \
     GITLAB_HOME="/home/git" \
     GITLAB_LOG_DIR="/var/log/gitlab" \
@@ -39,7 +39,7 @@ ENV GITLAB_CLONE_URL="https://gitlab.com/gitlab-org/gitlab-foss.git" \
 
 ENV BUILD_DEPENDENCIES="gcc g++ make patch pkg-config cmake paxctl \
     libc6-dev \
-    libpq-dev zlib1g-dev libyaml-dev libssl-dev \
+    libpq-dev zlib1g-dev libssl-dev \
     libgdbm-dev libreadline-dev libncurses5-dev libffi-dev \
     libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev \
     gettext libkrb5-dev \

From 63ca5545dcf3bece9a2ca126d60315a83c2fa928 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Thu, 23 Jan 2025 09:01:20 +0100
Subject: [PATCH 33/34] build multistage

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 747df192c..47204bf3d 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -11,7 +11,7 @@ commands:
       Build and optionally deploy a Docker images
     parameters:
       dockerfile:
-        default: Dockerfile
+        default: Dockerfile.multistage
         description: 'Name of dockerfile to use, defaults to Dockerfile'
         type: string
       extra_build_args:

From 876a1e126eb390a3130d2dff901678a03d6ffa10 Mon Sep 17 00:00:00 2001
From: Thomas Hiller <thomas.hiller@gmx.de>
Date: Sat, 1 Feb 2025 21:48:38 +0100
Subject: [PATCH 34/34] copy GITSHELL_INSTALL_DIR as well

---
 Dockerfile.multistage | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile.multistage b/Dockerfile.multistage
index a54094c65..a9b7f4900 100644
--- a/Dockerfile.multistage
+++ b/Dockerfile.multistage
@@ -279,7 +279,7 @@ COPY --from=gitaly /usr/local /usr/local
 COPY --from=gitlab-foss-source ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
 
 #COPY --from=gitlab-shell ${GITLAB_INSTALL_DIR} ${GITLAB_INSTALL_DIR}
-#COPY --from=gitlab-shell ${GITLAB_SHELL_INSTALL_DIR} ${GITLAB_SHELL_INSTALL_DIR}
+COPY --from=gitlab-shell ${GITLAB_SHELL_INSTALL_DIR} ${GITLAB_SHELL_INSTALL_DIR}
 COPY --from=gitlab-shell /usr/local /usr/local
 
 COPY --from=yarn ${GITLAB_INSTALL_DIR}/node_modules ${GITLAB_INSTALL_DIR}/node_modules