1.GITLAB介紹
一個基於GIT的源碼托管解決方案
基於Ruby on rails開發
集成了nginx postgreSQL redis sidekiq等組件
2. 資源
官網:https://about.gitlab.com/downloads 清華鏡像:https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/
3.安裝環境要求
虛擬機centos7 64位 內存2G+ 安裝版本gitlab_ce_9.0.4
4.安裝依賴
sudo yum install curl policycoreutils openssh-server openssh-clients sudo systemctl enable sshd sudo systemctl start sshd sudo yum install postfix sudo systemctl enable postfix sudo systemctl start postfix sudo firewall-cmd --permanent --add-service=http sudo systemctl reload firewalld
5.執行安裝
rpm -ivh gitlab-ce-8.9.5-ce.0.el7.x86_64.rpm # 修改配置文件 vim /etc/gitlab/gitlab.rb external_url 'your_ip_address' 例如: external_url 'http://192.168.152.140' #更改數據存儲目錄 git_data_dirs({ "default" => { "path" => "/data/gitlab/git-data", 'gitaly_address' => 'unix:/var/opt/gitlab/gitaly/gitaly.socket' } }) #更改數據備份目錄 gitlab_rails['backup_path'] = "/data/gitlab/backups" # 配置 gitlab-ctl reconfigure # 訪問 http://your_ip_address
6.常用命令
gitlab-ctl status 查看狀態 gitlab-ctl start gitlab-ctl stop gitlab-ctl restart gitlab-ctl tail nginx 查看日志
7.Gitlab組件
nginx:靜態Web服務器 gitlab-shell:用於處理Git命令和修改authorized keys列表 gitlab-workhorse:輕量級的反向代理服務器 logrotate:日志文件管理工具 postgresql:數據庫 redis:緩存數據庫 sidekiq:用於在后台執行隊列任務(異步執行) unicorn:GitLab Rails應用是托管在這個服務器上面的。
8.目錄
/var/opt/gitlab/git-data/repositories/:庫默認存儲目錄 /opt/gitlab: 應用代碼和相應的依賴程序 /var/opt/gitlab:gitlab-ctl reconfigure命令編譯后的應用數據和配置文件,不需要人為修改配置 /etc/gitlab: 配置文件目錄 /var/log/gitlab:此目錄下存放了gitlab各個組件產生的日志 /var/opt/gitlab/backups/:備份文件生成的目錄
9.變更主配置文件
需要以下操作 1、gitlab-ctl reconfigure 重置配置文件 2、gitlab-ctl show-config 驗證配置文件 3、gitlab-ctl restart 重啟gitlab服務
10.創建對象
創建gourps 創建用戶 創建項目 授權項目用戶
創建組:
創建用戶:
把用戶加進組:
創建項目:
授權項目用戶:
屬於開發者得KEY
添加用戶到項目中,有兩種方式:
既可以在組里添加,也可以再項目中添加,在組中添加會繼承到項目中,在項目中添加跟組沒關聯。
一個是針對組,一個是針對項目。
由於dev1和dev2沒有密碼,需要設置初始密碼,接入LDAP(統一賬號管理)后就不需要此low b 過程了:
再次登錄時,會提示重置密碼:
添加SSH key
此時再次ssh clone代碼,現在把權限給打通了:
[root@localhost ~]# git clone git@192.168.152.140:java/app1.git Cloning into 'app1'... warning: You appear to have cloned an empty repository. [root@localhost ~]# ll total 0 drwxr-xr-x 3 root root 18 Nov 27 23:57 app1 [root@localhost ~]#
創建分支:
主分支已創建:
拉分支:
[root@localhost ~]# cd app1/ [root@localhost app1]# git pull remote: Counting objects: 3, done. remote: Total 3 (delta 0), reused 0 (delta 0) Unpacking objects: 100% (3/3), done. From 192.168.152.140:java/app1 * [new branch] master -> origin/master [root@localhost app1]# ll total 4 -rw-r--r-- 1 root root 6 Nov 28 00:10 readme [root@localhost app1]#
11.安裝git windows客戶端,並授權
使用dev2登錄,把ssh key加入:
Windows客戶端也可以了:
以上操作都是個人SSH KEY。
12.SSH KEY管理
個人SSH KEY Deploy KEY 創建SSH KEY 將公鑰導入用戶SSHKEY 創建deploy key 將deploy key導入gitlab並在項目中允許 ssh key文件全局唯一
開發者KEY:
只能下載代碼,不能上傳代碼,是給jenkins用得。
13.Case
在gitlab上創建一個庫 用git上傳文件 創建一個分支 在分支上開發 發出merge request Accept merge
創建一個開發計划:
Issue管理:
創建milestone 創建issue 創建分支 合並分支 Todos Fix #issue_id Close #issue_id
創建里程碑:
創建任務:
使用dev1登錄進去就能看到分配過來得任務:
dev1上傳內容:
[root@localhost ~]# cd app1/
[root@localhost app1]# ll
total 4
-rw-r--r-- 1 root root 6 Nov 28 00:10 readme
[root@localhost app1]# git checkout -b shouye
Switched to a new branch 'shouye'
[root@localhost app1]# git status
# On branch shouye
nothing to commit, working directory clean
[root@localhost app1]# echo "<h1>welcome to shenzhen</h1>" > index.html
[root@localhost app1]# git add .
[root@localhost app1]# git commit -m "shouye"
[shouye 3e3d02b] shouye
Committer: root <root@localhost.localdomain>
Your name and email address were configured automatically based
on your username and hostname. Please check that they are accurate.
You can suppress this message by setting them explicitly:
git config --global user.name "Your Name"
git config --global user.email you@example.com
After doing this, you may fix the identity used for this commit with:
git commit --amend --reset-author
1 file changed, 1 insertion(+)
create mode 100644 index.html
[root@localhost app1]# git config --global user.name "dev1"
[root@localhost app1]# git config --global user.name "dev1@126.com"
[root@localhost app1]# git branch
master
* shouye
[root@localhost app1]# git push origin shouye
Counting objects: 4, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 297 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To git@192.168.152.140:java/app1.git
* [new branch] shouye -> shouye
現在有兩個分支了:
合並分支:
提交:
登錄pm:
如果沒問題,就可以同意執行合並。
登錄dev1,標識任務1已完成:
登錄pm,查看進度:
完成后,關閉issues:
把master上代碼更新下來:
[root@localhost app1]# git checkout master Switched to branch 'master' [root@localhost app1]# git pull remote: Counting objects: 1, done. remote: Total 1 (delta 0), reused 0 (delta 0) Unpacking objects: 100% (1/1), done. From 192.168.152.140:java/app1 c647c6b..837506a master -> origin/master Updating c647c6b..837506a Fast-forward index.html | 1 + 1 file changed, 1 insertion(+) create mode 100644 index.html
開發新聞模塊:
[root@localhost app1]# git checkout -b news
Switched to a new branch 'news'
[root@localhost app1]# echo 'news center' > news.html
[root@localhost app1]# git add .
[root@localhost app1]# git commit -m 'close #2'
# 使用dev1合並代碼,根本合並不成功,沒有權限。
[root@localhost app1]# git checkout master
Switched to branch 'master'
[root@localhost app1]# git merge news
Updating 837506a..397b0d0
Fast-forward
news.html | 1 +
1 file changed, 1 insertion(+)
create mode 100644 news.html
[root@localhost app1]# git log
commit 397b0d0221e827a323bb4772965e41489f35ab3f
Author: dev1@126.com <root@localhost.localdomain>
Date: Wed Nov 29 00:23:19 2017 +0800
close #2
commit 837506a1c303433a7e903527bf57cc94c38be816
Merge: c647c6b 3e3d02b
Author: pm <pm@126.com>
Date: Wed Nov 29 00:03:20 2017 +0800
Merge branch 'shouye' into 'master'
shouye
See merge request !1
commit 3e3d02b3681d1b6997caa4b0fcb5488172996474
Author: root <root@localhost.localdomain>
Date: Tue Nov 28 23:49:51 2017 +0800
shouye
commit c647c6bf695887166b3ee9d022c0737f0eb0a6a0
Author: Administrator <admin@example.com>
Date: Tue Nov 28 00:06:48 2017 +0800
first commit
[root@localhost app1]# git push origin master
Counting objects: 4, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 318 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote: GitLab: You are not allowed to push code to protected branches on this project.
To git@192.168.152.140:java/app1.git
! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'git@192.168.152.140:java/app1.git'
# 只能老實得提交到news分支。
root登錄,查看權限:
老老實實提交代碼:
[root@localhost app1]# git branch * master news shouye [root@localhost app1]# git checkout news Switched to branch 'news' [root@localhost app1]# git push origin news Counting objects: 4, done. Compressing objects: 100% (2/2), done. Writing objects: 100% (3/3), 318 bytes | 0 bytes/s, done. Total 3 (delta 0), reused 0 (delta 0) To git@192.168.152.140:java/app1.git * [new branch] news -> news
使用dev1登錄,創建一個merge request:
不用修改,直接提交:
使用pm登錄,只有pm有權限:
查看沒問題后,同意:
加上close #2可以自動關閉任務。
目前只剩下兩個任務了:
切換回主分支,把代碼拉下來:
[root@localhost app1]# git checkout master Switched to branch 'master' Your branch is ahead of 'origin/master' by 1 commit. (use "git push" to publish your local commits) [root@localhost app1]# git pull remote: Counting objects: 1, done. remote: Total 1 (delta 0), reused 0 (delta 0) Unpacking objects: 100% (1/1), done. From 192.168.152.140:java/app1 837506a..7dc87ee master -> origin/master Updating 397b0d0..7dc87ee Fast-forward [root@localhost app1]# ll total 12 -rw-r--r-- 1 root root 29 Nov 29 00:20 index.html -rw-r--r-- 1 root root 12 Nov 29 00:24 news.html -rw-r--r-- 1 root root 6 Nov 28 00:
14.備份管理
備份配置:
vim /etc/gitlab/gitlab.rb # 配置文件中加入 gitlab_rails['backup_path'] = '/data/backups/gitlab' gitlab_rails['backup_keep_time'] = 604800 # 保存7天得備份 # 如果自定義備份目錄需要賦予git權限 mkdir -p /data/backups/gitlab chown -R git.git /data/backups/gitlab # 重新加載配置文件,重啟服務 gitlab-ctl reconfigure gitlab-ctl restart # 定時任務Crontab中加入 0 2 * * * /usr/bin/gitlab-rake gitlab:backup:create
手動操作:
[root@localhost ~]# /usr/bin/gitlab-rake gitlab:backup:create Dumping database ... Dumping PostgreSQL database gitlabhq_production ... [DONE] done Dumping repositories ... * java/app1 ... [DONE] * java/app1.wiki ... [SKIPPED] done Dumping uploads ... done Dumping builds ... done Dumping artifacts ... done Dumping lfs objects ... done Dumping container registry images ... [DISABLED] Creating backup archive: 1511969386_gitlab_backup.tar ... done Uploading backup archive to remote storage ... skipped Deleting tmp directories ... done done done done done done done Deleting old backups ... done. (0 removed) [root@localhost ~]# cd /data/backups/gitlab/ [root@localhost gitlab]# ll total 112 -rw------- 1 git git 112640 Nov 29 23:29 1511969386_gitlab_backup.tar [root@localhost gitlab]# date -d @1511969386 Wed Nov 29 23:29:46 CST 2017
策略建議:本地保留三到七天,在異地備份永久保存
恢復操作:
# 停止數據寫入服務,只需要停止這兩個服務 gitlab-ctl stop unicorn gitlab-ctl stop sidekiq # 執行恢復數據操作 gitlab-rake gitlab:backup:restore BACKUP=1511969386 date -d @1511969386
實戰操作:
執行上面得恢復操作命令,並重啟服務:
# 停止數據寫入服務,只需要停止這兩個服務 gitlab-ctl stop unicorn gitlab-ctl stop sidekiq # 執行恢復數據操作 gitlab-rake gitlab:backup:restore BACKUP=1511969386 date -d @1511969386 [root@localhost gitlab]# gitlab-ctl restart ok: run: gitlab-workhorse: (pid 4473) 1s ok: run: logrotate: (pid 4479) 0s ok: run: nginx: (pid 4485) 1s ok: run: postgresql: (pid 4492) 0s ok: run: redis: (pid 4500) 1s ok: run: sidekiq: (pid 4504) 0s ok: run: unicorn: (pid 4507) 0s
恢復實戰:
手工備份 /usr/bin/gitlab-rake gitlab:backup:create 記錄系統狀態 系統變更 進行恢復
推薦使用這種方式進行備份:
/usr/bin/gitlab-rake gitlab:backup:create CRON=1 注意:環境變量CRON=1的作用是如果沒有任何錯誤發生時, 抑制備份腳本的所有進度輸出
15.郵件配置
gitlab_rails['time_zone'] = 'Asia/Shanghai' gitlab_rails['gitlab_email_enabled'] = true gitlab_rails['gitlab_email_from'] = 'luchuangao@126.com' gitlab_rails['gitlab_email_display_name'] = 'gitlab' gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_address'] = "smtp.126.com" gitlab_rails['smtp_port'] = 25 gitlab_rails['smtp_user_name'] = "luchuangao" gitlab_rails['smtp_password'] = "your_password" gitlab_rails['smtp_domain'] = "126.com" gitlab_rails['smtp_authentication'] = "login"
16. gitlab的api調用
gitlab官方介紹:
https://docs.gitlab.com/ee/api/README.html
(1) token做認證:
Token有三種:
- OAuth2 tokens
- Personal access tokens
- Session cookie
(2) 使用
curl --header "PRIVATE-TOKEN: 31x2Rzxe7x7yR1RA8u8-" "http://192.168.8.8/api/v4/groups/18"
17. gitlab項目遷移
把A服務器上的gitlab項目ops導入到B服務器上的gitlab項目中
A服務器:
B服務器:
操作命令:
#A服務器操作命令:
cd /var/opt/gitlab/git-data/repositories/
tar -zcf /tmp/ops.tar.gz ops/
scp /tmp/ops.tar.gz root@192.168.182.138:/backup
#B服務器操作命令
cd /var/opt/gitlab/git-data/repositories/
tar -xf /backup/ops.tar.gz -C ./
cd ops/
# 重新生成hooks
#[root@gitlab ops]# find . -name 'hooks'
#./test.git/hooks
#./test.wiki.git/hooks
find . -name 'hooks' -execdir mv {} hooks-old \;
#導入新的項目
[root@gitlab ops]# gitlab-rake gitlab:import:repos
Processing yunwei/demo.git
* demo (yunwei/demo.git) exists
Processing yunwei/demo.wiki.git
* Skipping wiki repo
Processing bigdata/demo.git
* demo (bigdata/demo.git) exists
Processing bigdata/demo.wiki.git
* Skipping wiki repo
Processing ops/test.git
* Created Group ops (10)
* Created test (ops/test.git)
Processing ops/test.wiki.git
* Skipping wiki repo
Done!
注意:一定要把遷移的項目hooks重新生成。
find . -name 'hooks' -execdir mv {} hooks-old \;
參考:https://gitlab.com/gitlab-org/gitlab-ce/issues/2082
18. gitlab關閉開放注冊
為什么需要關閉開放注冊,由於默認用戶注冊后帶有創建組的權限,這樣開發人員會自行創建組及項目,必然會造成gitlab組和項目混亂。
因此新員工注冊,需要管理員來操作,創建組也只有管理員才可以操作。
Administrator用戶-->settings --> Sign-up enabled Restrictions
關閉開放注冊前:
關閉開放注冊后:
19. 關閉用戶創建項目組和項目
默認創建的用戶是允許創建項目組的
禁止用戶創建項目:
禁止用戶創建組:
https://blog.csdn.net/weiguang1017/article/details/78476886
gitlab漢化:
https://www.cnblogs.com/straycats/p/7637373.html
http://www.21yunwei.com/archives/4351
針對單個項目進行回滾:
#進入項目目錄 cd /var/opt/gitlab/git-data/repositories/Test-DEV/Test.git #備份項目 cp -a Test /backup/Test_20180428 #刪除HEAD git branch -D HEAD #回滾到對應的版本 git reset --soft cf8b51d1
Jenkins構建添加定時任務
http://heipark.iteye.com/blog/1736477
gitlab主從同步
https://blog.csdn.net/syloke/article/details/48050559
jenkins添加gitlab hook
https://www.cnblogs.com/kevingrace/p/6479813.html
https://github.com/jenkinsci/gitlab-plugin/issues/375
Git配置非22端口訪問
https://moonagic.com/git-with-not-22-port/