gitlab/gerrit
- 1. gitlab
- 2. gerrit
- 2.1 环境准备
- 2.2 下载软件
- 2.3 创建启动账户
- 2.4 安装gerrit
- 2.5 创建登录账户
- 2.6 启动服务
- 2.7 修改配置文件
- 2.8 配置反向代理(nginx)
- 2.9 gerrit主页
- 3. gitlab+gerrit
- 3.1 配置gerrit replication功能(用于复制具体项目)
- 3.2 新建项目
- 3.3 提交文件
- 3.4 配置gitlab/gerrit服务器互信
- 3.5 创建gerrit项目
- 3.6 编辑gerrit配置文件
- 3.7 验证Gerrit和Gitlab的集成效果-使用客户端直接提交代码到Gitlab
首先声明:本文在最后gitlab和gerrit关联部分配置有问题,导致后来代码提交不了,所以本文仅作为了解配置过程使用,不可作为搭建模板
1. gitlab
安装配置参考 CHAPTER 3 Jenkins SVN GItlab
# 启动容器
docker run -itd -p 9980:80 -p 9922:22 -v /home/gitlab/etc:/etc/gitlab -v /home/gitlab/log:/var/log/gitlab -v /home/gitlab/opt:/var/opt/gitlab --restart always --privileged=true --name gitlab gitlab/gitlab-ce
账号:root
密码:Newm123@
这里由于是docker启动gitlab,所以有些配置需要在容器中修改
#进容器内部
docker exec -it gitlab /bin/bash
#修改gitlab.rb
vi /etc/gitlab/gitlab.rb
#加入如下
#gitlab访问地址,可以写域名。如果端口不写的话默认为80端口
external_url 'http://192.168.124.194'
#ssh主机ip
gitlab_rails['gitlab_ssh_host'] = '192.168.124.194'
#ssh连接端口
gitlab_rails['gitlab_shell_ssh_port'] = 9922
# 让配置生效
gitlab-ctl reconfigure
# 修改http和ssh配置
vi /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml
gitlab:
host: 192.168.124.194
port: 9980 # 这里改为9980
https: false
#重启gitlab
gitlab-ctl restart
#退出容器
exit
然后配置gitlab免密登录才能使用
2. gerrit
Gerrit,一种免费、开放源代码的代码审查软件,使用网页界面。利用网页浏览器,同一个团队的软件程序员,可以相互审阅彼此修改后的程序代码,决定是否能够提交,退回或者继续修改。它使用Git作为底层版本控制系统。它分支自Rietveld,作者为Google公司的Shawn Pearce,原先是为了管理Android计划而产生。
这个软件的名称,来自于荷兰设计师赫里特·里特费尔德(Gerrit Rietveld)。最早它是由Python写成,在第二版后,改成用Java与SQL。使用Google Web Toolkit来产生前端的JavaScript。
2.1 环境准备
-
CentOS7.9
-
Java 11
-
Git配置解决Gerrit中文编码支持
# git utf-8配置 git config --global core.quotepath false git config --global i18n.logoutputencoding utf8 git config --global i18n.commitencoding utf8 -
安装git工具,gerrit使用
git命令执行git相关命令cd /etc/yum.repos.d mkdir repobak mv *.repo repobak wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo yum clean all yum makecacheyum安装git
# 安装 [root@gerrit ~]# yum -y install git # 验证 [root@gerrit ~]# git --version git version 1.8.3.1此处建议通过源码编译安装(推荐)新版本的 git,需要自行下载 git 源码来编译安装。
本地的git版本不能太低,容易引起位置错误。笔者贪图省事安装的1.8.3.1,结果提交的时候各种报错,而且各种不好查
1、卸载旧版本 git
yum remove git2、进入 Github 中的 git 版本页面 ,或者在镜像站,自行选择版本下载,我这里下载的是 git-2.30.2.tar.gz
3、将本地的安装包上传到 linux 服务器上,我这里放在 /home/software 目录下4、解压压缩包,得到目录 git-2.30.2,位置在 /home/software/git-2.30.2
tar -zxvf git-2.30.2.tar.gz5、提前安装可能需要的依赖
yum install curl-devel expat-devel openssl-devel zlib-devel gcc-c++ yum install perl-ExtUtils-MakeMaker automake autoconf libtool make6、编译安装 Git
进入到 git-2.30.2 目录,执行编译安装等命令
cd git-2.30.2 make configure ./configure --prefix=/usr/local/git make profix=/usr/local/git make install7、将 git 加入环境变量中,修改 /etc/profile 文件,在 profile 文件末尾追加配置内容
编辑配置文件
vim /etc/profile末尾追加
export GIT_HOME=/usr/local/git export PATH=$PATH:$GIT_HOME/bin8、刷新 profile 配置文件
source /etc/profile9、查看是否配置成功
git --version git version 2.30.2配置成功!
2.2 下载软件
官网 https://www.gerritcodereview.com/
# 创建一个存放有关gerrit的目录
mkdir /usr/local/gerrit
cd /usr/local/gerrit
# 下载gerrit war包
wget https://gerrit-releases.storage.googleapis.com/gerrit-3.8.0.war
2.3 创建启动账户
[root@nexus-254 gerrit]# useradd gerrit
[root@nexus-254 gerrit]# passwd gerrit
Changing password for user gerrit.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@nexus-254 gerrit_site]# grep 'gerrit' /etc/sudoers #为gerrit赋予执行权限
gerrit ALL=(ALL) ALL
[root@nexus-254 gerrit]# su - gerrit
[gerrit@nexus-254 ~]$ cd /usr/local/gerrit/
[gerrit@nexus-254 gerrit]$
2.4 安装gerrit
[gerrit@nexus-254 gerrit]$ java -jar gerrit-3.8.0.war init -d ~/gerrit_site
Using secure store: com.google.gerrit.server.securestore.DefaultSecureStore
*** Gerrit Code Review 3.8.0
***
*** Git Repositories
***
Location of Git repositories [git]:
*** JGit Configuration
***
*** Index
***
Type [lucene]:
*** User Authentication
***
Authentication method [http/?]: http
Get username from custom HTTP header [y/N]?
SSO logout URL :
Enable signed push support [y/N]?
*** Review Labels
***
Install Verified label [y/N]?
*** Email Delivery
***
SMTP server hostname [localhost]:
SMTP server port [(default)]:
SMTP encryption [none/?]:
SMTP username :
*** Container Process
***
Run as [gerrit]:
Java runtime [/usr/lib/jvm/java-11-openjdk-11.0.18.0.10-1.el7_9.x86_64]:
Upgrade /home/gerrit/gerrit_site/bin/gerrit.war [Y/n]?
Copying gerrit-3.8.0.war to /home/gerrit/gerrit_site/bin/gerrit.war
*** SSH Daemon
***
Listen on address [*]:
Listen on port [29418]: 8890
*** HTTP Daemon
***
Behind reverse proxy [y/N]?
Use SSL (https://) [y/N]?
Listen on address [*]:
Listen on port [8081]: 8890
Canonical URL [http://192.168.70.249:8080/]: ^C[gerrit@nexus-254 gerrit]$
[gerrit@nexus-254 gerrit]$ java -jar gerrit-3.8.0.war init -d ~/gerrit_site
Using secure store: com.google.gerrit.server.securestore.DefaultSecureStore
*** Gerrit Code Review 3.8.0
***
*** Git Repositories
***
Location of Git repositories [git]:
*** JGit Configuration
***
*** Index
***
Type [lucene]:
*** User Authentication
***
Authentication method [http/?]: http #修改此处
Get username from custom HTTP header [y/N]?
SSO logout URL :
Enable signed push support [y/N]?
*** Review Labels
***
Install Verified label [y/N]?
*** Email Delivery
***
SMTP server hostname [localhost]:
SMTP server port [(default)]:
SMTP encryption [none/?]:
SMTP username :
*** Container Process
***
Run as [gerrit]:
Java runtime [/usr/lib/jvm/java-11-openjdk-11.0.18.0.10-1.el7_9.x86_64]:
Upgrade /home/gerrit/gerrit_site/bin/gerrit.war [Y/n]?
Copying gerrit-3.8.0.war to /home/gerrit/gerrit_site/bin/gerrit.war
*** SSH Daemon
***
Listen on address [*]:
Listen on port [29418]:
*** HTTP Daemon
***
Behind reverse proxy [y/N]?
Use SSL (https://) [y/N]?
Listen on address [*]:
Listen on port [8081]:
Canonical URL [http://192.168.70.249:8080/]:
*** Cache
***
*** Plugins
***
Installing plugins.
Install plugin codemirror-editor version v3.8.0 [y/N]?
Install plugin commit-message-length-validator version v3.8.0 [y/N]?
Install plugin delete-project version v3.8.0 [y/N]?
Install plugin download-commands version v3.8.0 [y/N]?
Install plugin gitiles version v3.8.0 [y/N]?
Install plugin hooks version v3.8.0 [y/N]?
Install plugin plugin-manager version v3.8.0 [y/N]?
Install plugin replication version v3.8.0 [y/N]?
Install plugin reviewnotes version v3.8.0 [y/N]?
Install plugin singleusergroup version v3.8.0 [y/N]?
Install plugin webhooks version v3.8.0 [y/N]?
Initializing plugins.
No plugins found with init steps.
============================================================================
Welcome to the Gerrit community
Find more information on the homepage: https://www.gerritcodereview.com
Discuss Gerrit on the mailing list: https://groups.google.com/g/repo-discuss
============================================================================
Initialized /home/gerrit/gerrit_site
2.5 创建登录账户
[root@nexus-254 gerrit_site]# yum install httpd-tools
[root@nexus-254 gerrit_site]# htpasswd -cb /etc/httpd/passwords admin centos
Adding password for user admin
[root@nexus-254 gerrit_site]# htpasswd -b /etc/httpd/passwords dev ubuntu
Adding password for user dev
[root@nexus-254 gerrit_site]# cat /etc/httpd/passwords
admin:$apr1$xBLi7KRG$ih1tsU.sxxzi32JhyOGEf/
dev:$apr1$Tgk3UiFs$4I/0Ndo01XUc11eS3O1Wm0
2.6 启动服务
[gerrit@nexus-254 gerrit_site]$ sudo ./bin/gerrit.sh start
[sudo] password for gerrit:
Starting Gerrit Code Review: Already Running!!
此时访问gerrit主页面仍会报错
2.7 修改配置文件
[gerrit@nexus-254 gerrit_site]$ cat etc/gerrit.config
[gerrit]
basePath = git
canonicalWebUrl = http://192.168.70.249:8081/ #gerrit端口
serverId = 951f7595-f1e0-4847-9fa8-7a0344349253
[database]
type = h2
database = /home/gerrit/gerrit_site/db/ReviewDB
[container]
javaOptions = "-Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance"
javaOptions = "-Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance"
user = gerrit
javaHome = /usr/lib/jvm/java-11-openjdk-11.0.18.0.10-1.el7_9.x86_64
[index]
type = lucene
[auth]
type = HTTP
userNameCaseInsensitive = true
[receive]
enableSignedPush = false
[sendemail]
smtpServer = localhost
[sshd]
listenAddress = *:29418
[httpd]
listenUrl = http://*:8081/ #gerrit端口
[cache]
directory = cache
重启gerrit
配置文件中的端口要统一
2.8 配置反向代理(nginx)
[root@nexus-254 gerrit_site]# cat /etc/nginx/nginx.conf
...
server {
listen 8082; #反向代理端口
server_name localhost;
location / {
#root html;
#index index.html index.htm;
auth_basic "Gerrit Code Review";
auth_basic_user_file /etc/httpd/passwords;
proxy_pass http://192.168.70.249:8081; #gerrit端口
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
}
}
重启nginx
2.9 gerrit主页
3. gitlab+gerrit
此时我们需要将代码推送到gerrit,然后代码在gerrit review完成后,推送到gitlab
3.1 配置gerrit replication功能(用于复制具体项目)
由于前文中,安装gerrit 插件的时候全部pass了,所以此处需要重新安装插件。
- 正常情况下,可以在界面plugins中选择插件,笔者不清楚自己哪里配置出现的问题,无法访问插件列表,所以只能重新初始化gerrit进行安装
- 初始化gerrit安装插件
[gerrit@nexus-254 gerrit]$ java -jar gerrit-3.8.0.war init -d ~/gerrit_site ... *** Plugins *** Installing plugins. Install plugin codemirror-editor version v3.8.0 [y/N]? y Installed codemirror-editor v3.8.0 Install plugin commit-message-length-validator version v3.8.0 [y/N]? y Installed commit-message-length-validator v3.8.0 Install plugin delete-project version v3.8.0 [y/N]? y Installed delete-project v3.8.0 Install plugin download-commands version v3.8.0 [y/N]? y Installed download-commands v3.8.0 Install plugin gitiles version v3.8.0 [y/N]? y Installed gitiles v3.8.0 Install plugin hooks version v3.8.0 [y/N]? y Installed hooks v3.8.0 Install plugin plugin-manager version v3.8.0 [y/N]? y Installed plugin-manager v3.8.0 Install plugin replication version v3.8.0 [y/N]? y Installed replication v3.8.0 Install plugin reviewnotes version v3.8.0 [y/N]? y Installed reviewnotes v3.8.0 Install plugin singleusergroup version v3.8.0 [y/N]? y Installed singleusergroup v3.8.0 Install plugin webhooks version v3.8.0 [y/N]? y Installed webhooks v3.8.0 Initializing plugins. Initialized /home/gerrit/gerrit_site
3.2 新建项目
- 新增群组
- 新建项目
- 查看
如果出现"An error occurred while fetching folder content."报错,大概率是服务器内存不够,可适当加大内存,或者等一等。
可以新增用户yurq,把用户添加到Devs群中,这样yurq可以进行代码下载和上传
yurq / Newm123@123
不过我们在前面已经配置了免密登录,代码可以直接推送到gitlab
3.3 提交文件
- 下载代码
只有第一次需要输入[root@node-253 git]# git clone ssh://git@192.168.70.249:9922/devs/mypython.git Cloning into 'mypython'... The authenticity of host '[192.168.70.249]:9922 ([192.168.70.249]:9922)' can't be established. ECDSA key fingerprint is SHA256:b5JAzYRCuG7/IftDYp0F2ZoHAUgwszzyOnYU3pQyDm8. ECDSA key fingerprint is MD5:57:58:36:b7:25:04:93:23:df:cb:8b:a5:68:a6:cb:85. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.70.249]:9922' (ECDSA) to the list of known hosts. remote: Enumerating objects: 9, done. remote: Counting objects: 100% (9/9), done. remote: Compressing objects: 100% (8/8), done. remote: Total 9 (delta 1), reused 0 (delta 0), pack-reused 0 Receiving objects: 100% (9/9), done. Resolving deltas: 100% (1/1), done.yes,后面就不需要了 - 编写代码
[root@node-253 mypython]# cat mypython.py #!/usr/bin/env python import time print("hello world!", time.strftime("%Y-%m-%d %H:%M:%S - ", time.localtime())) - 提交代码
这里我们没建分支,均在main进行操作,在生产环境中注意切换分支[root@node-253 mypython]# git add mypython.py [root@node-253 mypython]# git commit mypython.py [main 862de96] hello world! time 1 file changed, 4 insertions(+) create mode 100644 mypython.py [root@node-253 mypython]# git push warning: push.default is unset; its implicit value is changing in Git 2.0 from 'matching' to 'simple'. To squelch this message ... To ssh://git@192.168.70.249:9922/devs/mypython.git 80b3a15..862de96 main -> main - 查看网页
到现在为止,我们直接可以把代码提交到git
3.4 配置gitlab/gerrit服务器互信
ssh-keygen -t rsa
ssh-copy-id 192.168.71.253
3.5 创建gerrit项目
-
在gerrit主页BROWSE,选择Repositories,CREATE NEW ,这里需要创建和gitlab中名称一致的项目,此处我们创建
mypython
注意:gerrit区分大小写,而gitlab不区分。所以我们在前面gitlab创建的MyPython,在gerrit中需要创建mypython。
-
在gerrit生成密钥
ssh-keygen -t rsa将公钥配置到gitlab和gerrit中
-
客户端克隆gerrit的代码
后续通过从gerrit下载的代码进行修改,提交
3.6 编辑gerrit配置文件
- 在Gerrit服务器上编辑同步Gitlab的配置文件
cd /home/gerrit/gerrit_site
mkdir .ssh; cd .ssh
touch config
[root@nexus-254 gerrit_site]# cat .ssh/config
HOST 192.168.70.249
IdentityFile /root/.ssh/id_rsa
PreferredAuthenticationns publickey
chmod 600 review_site/.ssh/config #修改权限~降低安全风险
- 配置gerrit replication功能
[root@nexus-254 gerrit_site]# pwd
/home/gerrit/gerrit_site
[root@nexus-254 gerrit_site]# cat etc/replication.config
[remote "mypython"]
projects = mypython
url = git@192.168.70.249:9922/devs/mypython.git
push = +refs/heads/*:refs/heads/*
push = +refs/tags/*:refs/tags/*
push = +refs/changes/*:refs/changes/*
threads = 3
重启gerrit
3.7 验证Gerrit和Gitlab的集成效果-使用客户端直接提交代码到Gitlab
-
客户端克隆Gerrit代码后直接提交给main分支
[root@nexus-254 mypython]# cat mypython.py #!/usr/bin/env python import time print("hello world!", time.strftime("%Y-%m-%d %H:%M:%S - Now", time.localtime())) -
提交报错
[root@nexus-254 testrepo]# git push -u origin HEAD:refs/for/master Enumerating objects: 3, done. Counting objects: 100% (3/3), done. Writing objects: 100% (3/3), 240 bytes | 240.00 KiB/s, done. Total 3 (delta 0), reused 0 (delta 0), pack-reused 0 fatal: Unpack error, check server log error: remote unpack failed: error Permission denied To ssh://192.168.70.249:29418/testrepo ! [remote rejected] HEAD -> refs/for/master (n/a (unpacker error)) error: failed to push some refs to 'ssh://192.168.70.249:29418/testrepo'笔者花了很长时间研究,并参考网上方案一直没有解决,大概率是前面哪里的配置出了问题,或者版本问题
本次仅为了解配置过程,未能解决的问题先躺平吧,以后有机会在解决
以上部分内容参考 Gerrit - Gerrit与GitLab集成
