Release 2025_017 (2025-06-02)

Impact

24.11

  • Machines will reboot to activate the changed kernel.

  • Telegraf will be restarted.

  • The Redis cache of GitLab will be flushed.

  • GitLab will be restarted.

  • Gitlab hosts using generateSecrets = false; need to manually generate an ActiveRecord secret.

  • GitLab hosts managed by the Flying Circus stay pinned on the previous platform release

    • no customer intervention necessary

    • there is a known regression in this release affecting Gitlab hosts deployed by the Flying Circus

    • to avoid breakage and allow time for fixing, these machines are not upgraded automatically

NixOS 24.11 platform

  • Additional Redis servers configured with services.redis.servers now get Sensu checks and their metrics are scraped by Telegraf.

    This is not possible if a server doesn’t have a TCP listener and its UNIX socket isn’t readable & writable by its owning group. For each server like that, a warning will be printed.

  • The option services.telegraf.environmentVariablesFromFile was introduced which allows substituting variables inside the Telegraf config with the content of a file.

  • fix some configuration options for the loki role (PL-133581)

  • Fix fs-check script by restoring old use of fc-directory cli (PL-133676)

  • The GitLab role requires an active Redis role on the same machine.

  • gitlab: generate ActiveRecord encryption secrets

  • agent: fix accidental immediate reboots on machines that use specialisations. (PL-133685)

  • Removed a PHP test which checked for an issue that has been resolved for some time now (PL-133352)

  • Pull upstream NixOS changes, security fixes, and package updates:

    • chromedriver: 136.0.7103.92 -> 136.0.7103.113

    • chromium: 136.0.7103.92 -> 136.0.7103.113

    • element-web: 1.11.99 -> 1.11.100

    • firefox: 138.0.1 -> 138.0.4

    • gitaly: 17.11.2 -> 17.11.3

    • gitlab: 17.11.2 -> 17.11.3

    • gitlab-container-registry: 4.21.0 -> 4.22.0

    • gitlab-ee: 17.11.2 -> 17.11.3

    • gitlab-pages: 17.11.2 -> 17.11.3

    • gitlab-workhorse: 17.11.2 -> 17.11.3

    • linuxKernelStable: 6.6.89 -> 6.6.92

    • linuxKernelVerify: 6.12.26 -> 6.12.30

    • nodejs_22: 22.14.0 -> 22.16.0

    • percona: 8.0.41-32 -> 8.0.42-33

    • percona-server_8_0: 8.0.41-32 -> 8.0.42-33

    • percona80: 8.0.41-32 -> 8.0.42-33

    • screen: 4.9.1 -> 5.0.1

    • tomcat10: 10.1.34 -> 10.1.41

    • tomcat9: 9.0.98 -> 9.0.104

    • webkitgtk: 2.48.1 -> 2.48.2

Detailed Changes