Commit c72f2ebc authored by Thong Kuah's avatar Thong Kuah Committed by Achilleas Pipinellis

Add 13.1.0 version specific upgrade note for HA

parent 26867b0e
...@@ -192,6 +192,12 @@ possible. ...@@ -192,6 +192,12 @@ possible.
## Version specific upgrading instructions ## Version specific upgrading instructions
### 13.2.0
GitLab installations that have multiple web nodes will need to be
[upgraded to 13.1](#1310) before upgrading to 13.2 (and later) due to a
breaking change in Rails that can result in authorization issues.
### 13.1.0 ### 13.1.0
In 13.1.0, you must upgrade to either: In 13.1.0, you must upgrade to either:
...@@ -202,6 +208,27 @@ In 13.1.0, you must upgrade to either: ...@@ -202,6 +208,27 @@ In 13.1.0, you must upgrade to either:
Failure to do so will result in internal errors in the Gitaly service in some RPCs due Failure to do so will result in internal errors in the Gitaly service in some RPCs due
to the use of the new `--end-of-options` Git flag. to the use of the new `--end-of-options` Git flag.
Additionally, in GitLab 13.1.0, the version of [Rails was upgraded from 6.0.3 to
6.0.3.1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/33454).
The Rails upgrade included a change to CSRF token generation which is
not backwards-compatible - GitLab servers with the new Rails version
will generate CSRF tokens that are not recognizable by GitLab servers
with the older Rails version - which could cause non-GET requests to
fail for [multi-node GitLab installations](https://docs.gitlab.com/omnibus/update/#multi-node--ha-deployment).
So, if you are using multiple Rails servers and specifically upgrading from 13.0,
all servers must first be upgraded to 13.1.0 before upgrading to later versions:
1. Ensure all GitLab web nodes are on GitLab 13.1.0.
1. Optionally, enable the `global_csrf_token` feature flag to enable new
method of CSRF token generation:
```ruby
Feature.enable(:global_csrf_token)
```
1. Only then, continue to upgrade to later versions of GitLab.
### 12.2.0 ### 12.2.0
In 12.2.0, we enabled Rails' authenticated cookie encryption. Old sessions are In 12.2.0, we enabled Rails' authenticated cookie encryption. Old sessions are
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment