Commits · ed2803f2a3e5dcdf537773d2226906fc9665b895 · emmapeel / puppet-tails

13 Apr, 2020 2 commits

Jenkins master: install openjdk-8-jdk-headless (#16955) · ed2803f2

intrigeri authored Apr 13, 2020

Without this package, after Puppet has upgraded Jenkins and its plugins,
I see:

Error: /Stage[main]/Jenkins::Cli/Exec[jenkins-cli]: Failed to call refresh: Could not find command 'jar'
Error: /Stage[main]/Jenkins::Cli/Exec[jenkins-cli]: Could not find command 'jar'

ed2803f2

Merge remote-tracking branch 'origin/master' into update-jenkins-core-and-plugins · 166e9e63
intrigeri authored Apr 13, 2020

166e9e63

12 Apr, 2020 1 commit

Weblate: remove maintenance mode based on mod_rewrite · e28391e5

Zen Fu authored Apr 12, 2020

The workaround introduced in 6b292cc0
for putting the website in maintenance reports "Under maintenance" for
any 503 and misleads people when the 503 is actually caused by some
other reason.

This commit reverts that behavior.

e28391e5

11 Apr, 2020 1 commit
- changing parameters to borg to match version in stretch · 68e90b5e
  groente authored Apr 11, 2020
  
  68e90b5e
10 Apr, 2020 4 commits
- switching to keys.openpgp.org as keyserver for schleuder · 0a0d4f8c
  groente authored Apr 10, 2020
  
  0a0d4f8c
- disable file caching in borg backups · b2897400
  groente authored Apr 10, 2020
  
  b2897400
- Revert "Redmine: try to only allow local access" · 80b02e8a
  intrigeri authored Apr 10, 2020
```
This reverts commit 4353d8bf.
```
  80b02e8a
- Rename /doc/first_steps/startup_options/* into welcome_screen (#15122) · 04cbd57d
  sajolida authored Mar 25, 2020 and intrigeri committed Apr 10, 2020
  
  04cbd57d
09 Apr, 2020 1 commit
- Redirect Redmine attachment URLs to the corresponding public/private static archive · e03932a6
  intrigeri authored Apr 09, 2020
  
  e03932a6
08 Apr, 2020 2 commits
- Merge remote-tracking branch 'origin/58_remove-deprecated-ref-checks' · 2cae0138
  intrigeri authored Apr 08, 2020
  
  2cae0138
- Redmine: try to only allow local access · 4353d8bf
  intrigeri authored Apr 08, 2020
  
  4353d8bf
05 Apr, 2020 3 commits
- Gitolite: remove deprecated reference checks for tails.git (#58) · 8397557d
  Zen Fu authored Apr 05, 2020
```
See: https://salsa.debian.org/tails-team/gitlab-migration/-/issues/58
```
  8397557d
- Add Redmine → GitLab redirector · 9745e0bc
  intrigeri authored Apr 05, 2020
```
https://salsa.debian.org/tails-team/gitlab-migration/-/issues/48
```
  9745e0bc
- README: update dependency · 16fb25e6
  intrigeri authored Apr 05, 2020
  
  16fb25e6
02 Apr, 2020 5 commits
- Weblate: backup PostgreSQL databases (#16994) · a78e21f8
  Zen Fu authored Apr 02, 2020
  
  a78e21f8
- Weblate: remove MariaDB config (#16994) · 5d3d818e
  Zen Fu authored Apr 02, 2020
  
  5d3d818e
- Weblate: do not try to remove MariaDB default accounts (#16994) · a173177c
  Zen Fu authored Apr 02, 2020
  
  a173177c
- Weblate: completelly remove MariaDB from server (#16994) · d8b24601
  Zen Fu authored Apr 02, 2020
  
  d8b24601
- Weblate: remove MySQL database definition from Weblate config (#16994) · d99e3437
  Zen Fu authored Apr 02, 2020
  
  d99e3437
01 Apr, 2020 8 commits
- Weblate: install Python PostgreSQL driver (#16994) · e52e97fd
  Zen Fu authored Apr 01, 2020
  
  e52e97fd
- Weblate: configure the new PostgreSQL database (#16994) · 754ea015
  Zen Fu authored Apr 01, 2020
  
  754ea015
- Weblate: add a PostgreSQL server and database (##16994) · 9db51058
  Zen Fu authored Apr 01, 2020
  
  9db51058
- Merge remote-tracking branch 'origin/master' · d7eacee9
  intrigeri authored Apr 01, 2020
  
  d7eacee9
- Make public Redmine archive really public · 472b845d
  intrigeri authored Apr 01, 2020
  
  472b845d
- Weblate: mod rewrite is included in apache2 package · be621ba8
  Zen Fu authored Apr 01, 2020
  
  be621ba8
- Weblate: lint · 11e67fa1
  Zen Fu authored Apr 01, 2020
  
  11e67fa1
- Weblate: allow for a maintenance mode · 6b292cc0
  Zen Fu authored Apr 01, 2020
```
Neither Weblate nor Django have built-in support for putting the website
in maintenance mode, so I'm adding the possibility of returning a 503
HTTP status code by touching a ".maintenance" file in Weblate's document
root.
```
  6b292cc0
31 Mar, 2020 7 commits

Jenkins: update Git plugin and deps · 86d03365

Zen Fu authored Mar 31, 2020

Stored XSS vulnerability for Git plugin 3.12.1:

    https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1723

The update of Mailer plugin was not mandatory but can save a bit of work
later.

86d03365

Jenkins: update Subversion plugin and deps · 72538121

Zen Fu authored Mar 31, 2020

Stored XSS vulnerability in Subversion Plugin 2.12.2:

    https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1725

Update of dependencies is not needed but may save a bit of work in the
future.

72538121

Jenkins: update Matrix Authorization Stragegy plugin and deps · ad9d5800

Zen Fu authored Mar 31, 2020

**ATTENTION** -- This plugin was not defined in Puppet configuration
prior to this commit, but it was installed in our Jenkins instance
(https://jenkins.tails.boum.org).

Dangerous permissions can be configured independently of Administer
permission (in version 1.1):

    https://jenkins.io/security/advisory/2017-04-10/#matrix-authorization-strategy-plugin-allowed-configuring-dangerous-permissions

Dependencies updates are not mandatory, but may save a bit of work in
the future.

ad9d5800

Jenkins: update Script Security plugin · bcb2d659

Zen Fu authored Mar 31, 2020

Sandbox bypass vulnerabilities in "Script Security" plugin (1.64):

https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658
https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713
https://jenkins.io/security/advisory/2019-10-01/#SECURITY-1579
https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754

bcb2d659

Jenkins: update Timestamper plugin and deps · 2695d3f3

Zen Fu authored Mar 31, 2020

Stored XSS vulnerability in Timestamper Plugin (1.10):

    https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1784

Timestamper 1.11.2 (non-implied) dependencies:

    Pipeline: API ≥ 2.39
    Pipeline: Step API ≥ 2.19

"Pipeline: Step API" update is not mandatory but does no harm and may
save a bit of work in the future.

2695d3f3

Jenkins: update core to latest (2.222.1) · fe8da09a

Zen Fu authored Mar 31, 2020

Multiple security vulnerabilities in Jenkins 2.196 and earlier, and LTS
2.176.3 and earlier:

    https://jenkins.io/security/advisory/2019-09-25/

Multiple security vulnerabilities in Jenkins 2.227 and earlier, LTS
2.204.5 and earlier:

    https://jenkins.io/security/advisory/2020-03-25/

Multiple vulnerabilities in Jenkins 2.218 and earlier, LTS 2.204.1 and
earlier:

    https://jenkins.io/security/advisory/2020-01-29/

fe8da09a

Skip validation when deleting branches (#16064) · f687af47
Zen Fu authored Mar 30, 2020

f687af47

30 Mar, 2020 6 commits
- Weblate: pass missing parameters around (non-reviewed refactor side-effect) · 18a341ec
  Zen Fu authored Mar 30, 2020
  
  18a341ec
- Weblate: webserver is not required for config -- avoid loop! · 69d3b8ac
  Zen Fu authored Mar 30, 2020
  
  69d3b8ac
- Weblate: 3rd attempt to use run stages avoiding loops · 6a43986a
  Zen Fu authored Mar 30, 2020
  
  6a43986a
- Weblate: 2nd attempt to use run stages avoiding loops · 4c8e5a49
  Zen Fu authored Mar 30, 2020
  
  4c8e5a49
- Weblate: pass slave languages to tmserver class · 22b081a0
  Zen Fu authored Mar 30, 2020
  
  22b081a0
- Weblate: pass inherited variables as parameters to other classes · 72340149
  Zen Fu authored Mar 30, 2020
  
  72340149