GitLab security release: 12.2.5

The GitLab project has released a new update that contains some important security updates. We recommend that all GitLab installations be upgraded immediately to the new version of GitLab (GitLab 12.2.5).

Although the new version is now publicly available, the vulnerabilities details will not be made public on the GitLab issue tracker for approximately 30 days. The information disclosed to date is the following:

• Project template functionality could be used to access restricted project data (CVE-2019-16170)
• Security enhancements in GitLab pages
• Nginx HTTP 2 security update (CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516)
• Mattermost updates

You can find more information about this issue in GitLab's official blog post.

Bitnami has released a new version of Bitnami GitLab 12.2.5 for both virtual machines and cloud images that fixes these vulnerabilities. If you are running an outdated version of GitLab, please follow the instructions to upgrade the application.

Do you have questions about Bitnami GitLab or this security issue? Please post them to our community forum. We will be happy to help you.

GitLab security release: 11.8.3

The GitLab project has released a new update that contains several important security fixes. We recommend that all GitLab installations be upgraded immediately to the new version of GitLab (GitLab 11.8.3).

Although the new version is publicly available now, the vulnerability details will not be made public on the GitLab issue tracker for approximately 30 days. The information disclosed to date is as follows:

• Project Runner Token Exposed Through Issues Quick Actions. GitLab issues quick actions were vulnerable to an information disclosure issue that disclosed project runner tokens to unauthorized users. The issue is now mitigated in the latest release and is assigned CVE-2019-9866.

More information about this issue can be found in the official blog post.

Bitnami has released a new version of Bitnami GitLab 11.8.3 for both virtual machines and cloud images that fixes this vulnerability.

Do you have questions about Bitnami GitLab or this security issue? Please post them to our community forum. We will be happy to help you.

Security Release: GitLab 10.5.6

The GitLab project has released a new update that contains several important security fixes. We recommend that all GitLab installations be upgraded immediately to the new version of GitLab (GitLab 10.5.6). 

Although the new version is publicly available now, the vulnerability details will not be made public on the GitLab’s issue tracker for approximately 30 days. We recommend to stay tuned for any detail the GitLab team publishes during that time. The disclosed information is the following one:

• SSRF in services and web hooks (CVE-2018-8801): There were multiple server-side request forgery issues in the Services feature. An attacker could make requests to servers within the same network of the GitLab instance. This could lead to information disclosure, authentication bypass, or potentially code execution.
• Gitlab Auth0 integration issue: There was an issue with the GitLab omniauth-auth0 configuration which resulted in the Auth0 integration signing in the wrong users.

Bitnami has released a new version of Bitnami GitLab 10.5.6 for both virtual machines and cloud images that fix those vulnerabilities. 

More information about these issues can be found in the official blog post. As the vulnerability details were not disclosed at the time of this blog's publishing, there is currently no available workaround for it. Therefore, if you are running a GitLab instance with a version prior to 10.5.6, you will need to upgrade GitLab to the latest version by following this documentation.

Do you have questions about Bitnami GitLab or these security issues? Please post them to our community forum. We will be happy to help you.

Security Release: GitLab 10.3.4

The GitLab project has released a new update that contains several security fixes, including two that prevent remote code execution. We recommend that all GitLab installations be upgraded to GitLab's new version (GitLab 10.3.4) immediately.

We have released new versions of Bitnami GitLab 10.3.4 virtual machines and cloud images that fix the following security issues along with others:

• Remote Code Execution Vulnerability in GitLab Projects Import (CVE-2017-0915 and CVE-2018-3710): These allow an attacker to write files to arbitrary directories on the server, which in turn could result in remote code execution.

If you are unable to upgrade immediately, you can use the following workaround in your existing GitLab installation to fix this vulnerability:

1. Go to the /admin/application_settings URL of your GitLab instance.
2. Under "Import sources", uncheck the "GitLab export" checkbox.
3. Click "Save".

• GitLab CI Runner Can Read and Poison Cache of All Other Projects (CVE-2017-0918): No workaround currently available
• Jupyter Notebook XSS (CVE-2017-0923): No workaround currently available
• Sensitive Fields Exposed to Admins / Masters in the Services API (CVE-2017-0925): No workaround currently available

More information about these issues can be found in the official blog post. Apart from the workaround described above for the remote code execution vulnerability, there is currently no available workaround for the remaining vulnerabilities. Therefore, if you are running a GitLab instance with a version prior to 10.3.4, you will need to upgrade GitLab to the latest version by following this documentation (https://docs.gitlab.com/omnibus/update/README.html#updating-gitlab-via-omnibus-gitlab).

Do you have questions about Bitnami GitLab or these security issues? Please post to our community forum, and we will be happy to help you.

Security Release: GitLab 9.3.8

[Update 2017-07-21]

GitLab 9.3.8 was affected by an infinite loop bug with the mudge/re2 library. The GitLab project released GitLab 9.3.9 that solves that issue.

Bitnami GitLab 9.3.9 virtual machines and cloud images are already available in Bitnami.

----

The GitLab project released a new update that contains several security fixes, including an important security fix for two authorization bypass vulnerabilities (post-authentication). We recommend that all GitLab installations be upgraded to GitLab's new version (GitLab 9.3.8) immediately.

We released new versions of Bitnami GitLab 9.3.8 virtual machines and cloud images that fix the following security issues.

• Projects in subgroups authorization bypass with SQL wildcards (CVE-2017-11438)
• An authenticated user could take advantage of a badly written SQL query to add themselves to any project inside a subgroup. Versions from 9.0 are affected but 9.3 and above are not vulnerable, so this issue does not affect the latest versions we released in bitnami.com.
• Unauthorized repository access by using project mirrors and CI (GitLab EE only) (CVE-2017-11437)
• This vulnerability affects all versions of GitLab except GitLab 9.3.8 or newer.

More information about the issue can be found in the official blog post. There is not an available workaround for these vulnerabilities at the time.  Therefore, if you are running a GitLab instance with a version prior to 9.3.8, you will need to upgrade GitLab to its latest version by following this documentation (https://docs.bitnami.com/?page=apps&name=gitlab&section=how-to-upgrade-gitlab).

Do you have questions about Bitnami GitLab or the security issue? Please post to our community forum, and we will be happy to help you.

Security Release: GitLab 8.14.3 (CVE-2016-9469)

The GitLab project released a new update that contains an important security fix for a critical denial-of-service and data corruption vulnerability, and we strongly recommend that all affected GitLab installations be upgraded to the latest version immediately.

We released new versions of Bitnami Gitlab 8.14.3 installers, virtual machines and cloud images that fix this security issue. Further details regarding the security issue are explained below:

Denial-of-Service and Data Corruption Vulnerability in Issue and Merge Request Trackers

This issue is the result of un-sanitized user input being passed to an internal function that expects only trusted data. This code was introduced in GitLab 8.13.0.

More information about the issue can be found in the official blog post.

Workarounds

If you're unable to upgrade right away, you can secure your GitLab installation against this vulnerability using one of the workarounds outlined below until you have time to upgrade.

Securing via web server configuration

• Add the following text at the end of the httpd-app.conf file of Gitlab

     RewriteEngine On

     RewriteCond %{QUERY_STRING} ^.*(state=destroy).* [NC,OR]

     RewriteCond %{QUERY_STRING} ^.*(state=delete).* [NC]

     RewriteRule ^(.*)$ - [F,L]

• Restart Apache

           sudo /opt/bitnami/ctlscript.sh restart apache

Securing via patch

• Create a patch file at /opt/bitnami/apps/gitlab/htdocs
• Apply the patch below

     diff --git a/app/finders/issuable_finder.rb                          b/app/finders/issuable_finder.rb

     index e42d5af..2c9412b 100644

     --- a/app/finders/issuable_finder.rb

     +++ b/app/finders/issuable_finder.rb

     @@ -7,7 +7,7 @@

      #   current_user - which user use

      #   params:

      #     scope: 'created-by-me' or 'assigned-to-me' or 'all'

     -#     state: 'open' or 'closed' or 'all'

     +#     state: 'opened' or 'closed' or 'all'

      #     group_id: integer 

      #     project_id: integer

      #     milestone_title: string

     @@ -183,10 +183,13 @@ class IssuableFinder

          end

          def by_state(items)

     -      params[:state] ||= 'all'

     -

     -      if items.respond_to?(params[:state])

     -        items.public_send(params[:state])

     +      case params[:state].to_s

     +      when 'closed'

     +        items.closed

     +      when 'merged'

     +        items.respond_to?(:merged) ? items.merged : items.closed

     +      when 'opened'

     +        items.opened

            else

              items

            end

Verifying the workaround

• Open your GitLab project
• Open the project's issue tracker
• Choose the "closed" tab
• Adjust the "state" field in your browser's address bar to "deleteme"
• Verify you receive a 403 Forbidden error

Note: If you only applied the patch you will receive no errors here.

Do you have questions about Bitnami GitLab or the security issue? Please post to our community forum and we will be happy to help you.

Critical Security Release for GitLab (CVE-2016-9086)

The Gitlab project released a new update that contains an important security fix for a critical directory traversal vulnerability, and we strongly recommend that all GitLab installations be upgraded to the new version immediately.

We released new versions of Bitnami Gitlab 8.13.3 installers, virtual machines and cloud images that fix the security issue.

Directory traversal via "import/export" feature: CVE-2016-9086

Added in GitLab 8.9, the "import/export project" feature of GitLab allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions prior to 8.13.0 restricted this feature to administrators only. Starting with version 8.13.0 this feature was made available to all users.

More information about the issue can be found in the official blog post.

Workarounds

If you're unable to upgrade right away, you can secure your GitLab installation against this vulnerability using the workaround outlined below until you have time to upgrade.

Disable Project Import/Export via Tape Archive

Login using an administrator account to your GitLab installation and perform the following:

- Choose "Admin Area"
- Click "Settings"
- Under "Import Sources" disable the "GitLab export" option
- Click Save

Verifying the workaround

- In a Browser Window, login as any user
- Click "Projects"
- Click "New Project"
- Enter a project name
- Verify that "GitLab export" does not appear as an import option

Do you have questions about Bitnami Gitlab or the security issue? Please post to our community forum, and we will be happy to help you.

Security Release: Gitlab 8.7.4

The Gitlab project released a new update that contains security fixes, including one for an XSS vulnerability via faulty URI scheme sanitization, and we strongly recommend that all GitLab installations be upgraded to the new version immediately.

We released new versions of Bitnami Gitlab 8.7.4 installers, virtual machines and cloud images that fix the security issues.

Additional information regarding XSS vulnerability via faulty URI scheme sanitization:

The URI scheme of user-supplied links was not being properly sanitized. Please see the GitHub issue for more details. Additional information regarding the additional changes is available in the official security advisory.

Do you have questions about Bitnami Gitlab or the security issue? Please post to our community forum, and we will be happy to help you.

Critical Security Release for GitLab (CVE-2016-4340)

The Gitlab project released a new update that contains a number of important security fixes, including one for a critical privilege escalation, and we strongly recommend that all GitLab installations be upgraded to the new version immediately.

We released new versions of Bitnami Gitlab 8.7.1 installers, virtual machines and cloud images that fix the security issues.

Critical Security Issue: Privilege escalation via "impersonate" feature

Added in GitLab 8.2, this feature was intended to allow an administrator to simulate being logged in as any other user.

Part of this feature was not properly secured and it was possible for any authenticated user, administrator or not, to "log in" as any other user, including administrators. Please see the GitLab website for more details. Additional information regarding the additional changes is available in the official security advisory.

Workarounds

If you are unable to upgrade right away, you can secure your GitLab installation against this vulnerability using one of the workarounds outlined below until you have time to upgrade:

Securing via web server configuration

1. Add the following text at the end of the httpd-app.conf file of Gitlab

<LocationMatch "^/admin/users/stop_impersonation">
  Order Deny,Allow
  Deny from all
</LocationMatch>

2.  Restart Apache

sudo /opt/bitnami/ctlscript.sh restart apache

Securing via patch

1. Create a patch file at /opt/bitnami/apps/gitlab/htdocs

diff --git a/app/controllers/admin/impersonation_controller.rb b/app/controllers/admin/impersonation_controller.rb
index bf98af7..8790018 100644
--- a/app/controllers/admin/impersonation_controller.rb
+++ b/app/controllers/admin/impersonation_controller.rb
@@ -1,4 +1,5 @@
 class Admin::ImpersonationController < Admin::ApplicationController
+  before_action :render_403, only: :destroy
   skip_before_action :authenticate_admin!, only: :destroy

   before_action :user

2. Apply the path

sudo git apply -v path.diff

The following output will appear:

Checking patch app/controllers/admin/impersonation_controller.rb...
Applied patch app/controllers/admin/impersonation_controller.rb cleanly.

Recover the permissions of the modified file:

sudo chown git:git /opt/bitnami/apps/gitlab/htdocs/app/controllers/admin/impersonation_controller.rb

Verifying the workaround

1. In an Incognito Window, login as an administrator
2. Go to the Admin section
3. Click on "Users"
4. Select any user
5. Click "Impersonate"
6. Click on the "Stop Impersonation" icon in the upper right
7. Verify you receive a 403 Forbidden error

Do you have questions about Bitnami Gitlab or the security issue? Please post to our community forum, and we will be happy to help you.

New Bitnami GitLab Stack 7.11.4 released, now with PostgreSQL

We're happy to announce that GitLab 7.11.4 is now available in Bitnami! This version is now configured with PostreSQL database by default.

What is GitLab? GitLab is a popular Git repository management tool with unique features such as advanced authentication levels, the ability to "protect" a branch, and a feature that allows the attachment of any file to any issue/comment for enhanced collaboration.

This community-loved, enterprise ready manager makes reviewing code and tracking issues easy with activity feeds and wikis. For continuous integration and delivery it also comes with GitLab Cl to better test, build, and deploy your code.

Git hosting has never been easier with this fast-evolving platform, so check out GitLab today!

Gitlab is also ready to install in a few clicks with the Bitnami Gitlab Installers for Linux, Virtual Machine images (VMs), Cloud Images for Amazon EC2, Azure and Google Cloud Platform.

Bitnami Open Source Leaders Interview Series: Sytse Sijbranij from GitLab

Gitlab leads by example with their passion for creating open source collaboration tools, with the ability to do everything on code. As part of our Open Source Leader podcast series, we interviewed Sytse Sijbranij, CEO of GitLab, to learn how they maintain their open source community and what will be next for their tools.

Below is a sample of the topics we covered:

• Why Gitlab?
• Who should use it?
• What is the relationship between Gitlab and Github?
• Where is the best place to run Gitlab?
• How does the Gitlab community work? 
• Where is is Gitlab going next? 

You can launch a GitLab application or stack to the cloud with Bitnami for free, or download any of our free native installers or VMs to run the software locally. Get started in the cloud for free with a $200 credit from Microsoft Azure.

Stuart Langridge:       This is the Binami Open Source Leaders Series of Interviews.  I’m Stuart Langridge, and I’m talking to Sytse Sijbranij of GitLab.

Sytse Sijbranij:            Hi Stuart thanks for having us.

Stuart Langridge:        No problem.  So Sytse, you’re CEO and co-founder of GitLab, yes?

Sytse Sijbranij:            Yes. That’s correct. 

Stuart Langridge:        So tell us, what is GitLab?  

Sytse Sijbranij:            GitLab is open source software to collaborate on code.  It means you can download a package, install it, and you’ll have version control, issue management, code reviews, a wiki, all ready to run within your organization.

Stuart Langridge:       So you could think of this essentially like a self-hosted version of GitHub, yes?

Sytse Sijbranij:           Exactly. 

Stuart Langridge:       Since we mentioned GitHub, the elephant in the room. Obviously there’s a big advantage in that I’m running it inside my organization, so it’s private if I want it to be.  If you look at this field there are an awful lot of different packaging attempts at this, both hosted, something like GitHub or LaunchPad. Talk about why GitLab’s better than the competition, what you do really well, and why people would want to go with you.

How to run GitLab, an open source git management server, in Azure

Git is behind much of the software that's eating the world. Thanks to GitHub, open source projects have proliferated with tremendous new participation levels. Now that same transformation that has rejuvenated open source collaboration is making its way into the enterprise, and many organizations have standardized on GitLab.

The GitLab open source edition, available from Bitnami, allows users to collaborate on code, create new projects, manage repositories, and perform code reviews. Using GitLab, users can keep their code on their own servers, either in the cloud or on-premise. For additional peace of mind, the free community edition even features enterprise-grade features such as a mature user permissions scheme and support for high availability.

Bitnami GitLab is an easy-to-deploy version of GitLab that can be set up in minutes on a local machine, as a VM, or in the cloud. Check out our 2-minute video to see just how easy it is to get GitLab running in the Microsoft Azure cloud.

You can launch a server in your own Azure account, or just try a free 1-hour demo of GitLab. Microsoft offers $200 free credit for one month to try Azure, which is more than enough dough to try GitLab and many other apps.

GitLab 6.0 released!

We are glad to announce a new major release for GitLab, GitLab 6.0. GitLab is a popular open source application for git repository management through a nice easy to use web interface. Think of it as a version of GitHub that you can host on your servers. If you are not familiar with GitLab, you can take a quiack look by launching a free cloud demo server with the BitNami Cloud Launchpad (it only takes a minute and it is completely free)

In this version the GitLab team has introduced group membership as a replacement for teams improving how project permissions are handled when modifying group members. For a full list of improvements/fixes take a look at the changelog in their GitHub repository.

BitNami GitLab provides one-click installation solutions for GitLab with GitLab CI, an open-source continuous integration server closely integrated with Git and GitLab. We have just released a new version upgrading GitLab to include GitLab to 6.0 and the latest version of GitLab CI, 3.1.0. Since GitLab no longer supports using an URL prefix like /gitlab, this version of BitNami GitLab configures it in / by default.

You can download free, ready to run native installers for Linux, virtual machines and Azure and Amazon EC2 cloud images for BitNami GitLab integrated with GitLab CI.

New GitLab 5.4 with major improvements

We are excited to announce we have released a GitLab 5.4.0 stack in BitNami, which provides a one-click install solution for GitLab and all of its required software. This version ships GitLab 3.0, the latest version of GitLab Continuous Integration tool, which provides a flexible architecture for both distributed and isolated builds.

GitLab and GitLab CI have been designed to work together. GitLab allows you to manage your Git repositories easily: create projects, control access and perform code reviews. GitLab CI allows you run build tasks and tests for any branch.

If you want to check this new version, you can instantly launch a free cloud demo server with the BitNami Cloud Launchpad by clicking the button below.

This version of Gitlab CI now consists of two components: the coordinator and its runners.

The coordinator or main application provides a status and management interface for your builds and manages the build queues for all projects.

The runners are processes that ask its coordinator for build jobs to perform. These runners could be running in any machine. BitNami GitLab configures one runner in your server by default but you can add more as needed.

Runner associated to the project

The GitLab project integration inside GitLab CI is easier than ever, as you can see in a quick start guide we created here.

GitLab project integration

As with all BitNami stacks, you can download a free Linux native installer, a virtual machine or deploy GitLab to the Amazon EC2 or Windows Azure clouds.

Security fix for Ruby 1.9 applications

A new Ruby version was released recently to address a security issue.  There is a vulnerability in DL and Fiddle in Ruby where tainted strings can be used by system calls regardless of the $SAFE level set in Ruby.

We want to let BitNami users know that most popular Rails-based application installers, virtual machines and cloud images have been already updated and released to include a fixed Ruby version. We continue working on upgrading all of them for all platforms.

Ruby stack, Redmine, GitLab, Discourse, Tracks and Spree with Ruby version 1.9.3-p429 have been already released.

We have also taken this chance to upgrade several core components to their latest version, which we were already were in the process of releasing:

• Apache version 2.4.4
• Passenger version 4.0.2 
• phpMyAdmin version 4.0.0
• Perl version 5.16.3
• Mod_perl version 2.0.8 for Apache 2.4.4

We updated Ruby-based stacks for Linux and OS X platforms. We will update the Windows-based stacks soon. If you already have installed a version of these applications please make sure that you update your environment or apply the appropriate patch.

Deploy GitLab & GitLab CI in the cloud with BitNami

The GitLab CI application won recently the BitNami bi-weekly packaging contest. Our users chose it to be added to the BitNami library, just as with GitLab previously. GitLab CI is an open-source continuous integration server, closely integrated with GitLab.

As GitLab and GitLab CI have been designed to work together, we have decided to package both in the same GitLab BitNami stack. By launching a recent BitNami GitLab cloud image, (later than version 5.1.0-3), you will have access to both GitLab and GitLab CI. GitLab will be accessible at "/gitlab" and GitLab CI at "/gitlabci"

You can find below a step by step guide on how to perform full integration between them for a sample project. This integration consists on the ability of running a task from GitLab CI when an user makes a commit in a GitLab repository. To achieve that, please perform the following steps:

1. Add a project on GitLab.

Commiting on GitLab

2. Create a ssh key for the gitlab_ci user in this machine without a password. This key will allow GitLab CI to have read access to chosen repositories:

sudo su gitlab_ci -c "ssh-keygen -t rsa"

3. Add this key as "Deploy Keys" on the GitLab project. On GitLab, go to Projects -> BitNami sample project -> Settings -> Deploy Keys -> Add deploy key and paste the key generated previously and save it with any name you want.

4. On your personal machine start the repository as is described at GitLab. This step is not related to the integration with GitLab CI but the repository should be started to be able to perform the remaining steps.

5. Clone the repository with the gitlab_ci user on the GitLab server.

$ sudo su gitlab_ci
$ mkdir /opt/bitnami/apps/gitlabci/repositories
$ /opt/bitnami/git/bin/git config --global user.name 'Administrator'
$ /opt/bitnami/git/bin/git config --global user.email 'user@example.com'
$ cd /opt/bitnami/apps/gitlabci/repositories/
$ /opt/bitnami/git/bin/git clone git@<hostname_gitlab_server>:bitnami-sample-project.git"
Cloning into 'bitnami-sample-project'...

remote: Counting objects: 3, done.

Receiving objects: 100% (3/3), 201 bytes, done. remote: Total 3 (delta 0), reused 0 (delta 0)

6. Create the project on GitLab CI by selecting 'Add project' on the GitLab CI application with the following parameters and saving it.

 - Name: bitnami-sample-project
 - Token: (blank)
 - Path: /opt/bitnami/apps/gitlabci/repositories/bitnami-sample-project
 - Follow branches: master
 - Scripts: ls

Once created, press "Details" because the "Project URL" and "Project Token" are required for the next step.

7. Enable GitLab CI on the repository created on GitLab. To do so, go to GitLab -> Projects -> BitNami sample project -> Settings -> Services -> GitLab CI. Select "Active" and fill "Project URL" and "Project Token" with the values from the previous step and press Save.

8. GitLab integration with GitLab CI is complete! To test it is working, just commit a new file from your personal machine. Then on GitLab CI you should be able to see something similar to the following:

GitLab CI running tasks when commiting on GitLab

BitNami Gitlab Stack provides a one-click install solution for GitLab. Download installers and virtual machines or run your own GitLab server in the cloud.

GitLab 5.0 released in BitNami

We are happy to announce that GitLab v5.0 has just been released in BitNami. For those not familiar with this project, GitLab allows you to keep your code secure on your own server, manage repositories, users and access permissions, communicate through issues, line-comments and wiki pages and perform code review with merge requests.

The most important changes in this version are the following:

- GitLab-shell replaces Gitolite
- Instead of needing gitlab & git users accounts on the system we now only need git user to run GitLab
- The wiki is now stored in a git repository using the gollum library

You can download now the free and ready to run native installers for Linux, virtual machines and Windows Azure & Amazon EC2 images.

More on GitLab, Meet the Project

Last week, we announced GitLab as part of the BitNami Library.  GitLab is an open source application for git repository management through a web interface.

Nice diff views, merge requests, issues with attachments, project wall, wiki, code snippets, branches, network graph, different permission levels, protected branches are just a few of its many features. Of course, the best way of getting an idea of what GitLab has to offer is to take a look at it yourself. Visit the GitLab demo server  or launch a free cloud demo server with the BitNami Cloud Launchpad by clicking the launch button below. The first will show you a running application with demo data, while the second will allow you to check how easy it is to administer your projects and users through the GitLab web interface. You can also take a look at the screenshots, but it will not be the same :)

Note that some of functionality is deactivated because it requires further configuration in the machine which hosts the application. You still can take a further look with the free BitNami installers, virtual machines or cloud images and have full access to the application.

We have contacted the GitLab team and Dmitriy Zaporozhets, co-author and lead developer of GitLab, was so kind of answering us a few questions:

> What is the goal of the GitLab application?

Give people a freedom of code hosting :)

> What are some of the features of GitLab?

Repository management, code review, issue tracker and Merge Requests

> Which projects or organizations are using GitLab currently?  What kind of projects do they use it for?

Thomson Reuters, Brightbox, Phusion etc. You can view a longer list at http://gitlab.org/

> What do you expect will be the main benefits of having BitNami packages available for GitLab?

Users who want to use GitLab but find setup a bit complicated can use it now with BitNami packages

BitNami is great for running GitLab behind your firewall. If you are looking for hosted repositories, you should sign up with GitLab at GitLab.com, where you can also purchase support, consulting, training and other services from Dmitriy and his team.



 

GitLab now part of BitNami

We are happy to announce that the GitLab self-hosted Git management software is now available in BitNami. GitLab allows you to keep your code secure on your own server, manage repositories, users and access permissions, communicate through issues, line-comments, wiki pages and perform code review with merge requests.

Because GitLab was a winner of the BitNami bi-weekly packaging contest, you can now download free, ready to run native installers for Linux, virtual machines and Azure &Amazon EC2 cloud images for GitLab.

GitLab dashboard

GitLab new project

GitLab commit page

GitLab Coming Soon - Which Project Will be Next?

For several weeks, GitLab, a free project and repository management application, was close to winning our bi-weekly contest. This time, it won and GitLab will be soon added to the BitNami Library. As with all BitNami apps, we will provide free installers, VMs and cloud images for the Amazon and Windows Azure clouds. Congratulations to the GitLab team!

Since we started our bi-weekly contest last December, we have added a wide variety of apps to the library based on your votes:
- TestLink, a test management application
- phpCompta, an accounting application
- Chyrp, a blog software
- Tiki a Wiki/CMS/Groupware application
- ResourceSpace, a digital asset management system
- Zurmo, a CRM (we plan to release it tomorrow!)
- OpenERP, an ERP system in which we continue working on

In this current contest round, which will be running for another week, several interesting projects are up for potential BitNami packaging. Currently, the top apps are:

- XOOPS a PHP based Content Management System for developing websites, intra company portals, corporate portals, and weblogs.

- eFront is a PHP based flexible eLearning 2.0 system.

- Discourse a Ruby on Rails based open source discussion platform created by the Stack Exchange (stackoverflow, serverfault, etc) guys.

If you prefer one of these, be sure to vote for it! You can also vote for other projects or nominate another project that isn't yet on our list. Don't forget to ask others to vote for your favorite project so that it wins!