• Youtube. RomNero. GitLab. Devops система
• GitLab бесплатен? gitlab-ee vs gitlab-ce

• Install self-managed GitLab
• Доступно из РФ: https://packages.gitlab.com/gitlab/gitlab-ce

• Configure Custom SSL to Secure GitLab Server

# cat /etc/gitlab/gitlab.rb

• Install GitLab Runner manually on GNU/Linux

• GitLab: understanding pipelines, stages, jobs and organising them efficiently for speed and feedback loop

• https://val.bmstu.ru/unix/Git/gitlab-runner_amd64.deb (15.0.0)

root@node2:~# gitlab-runner register
shell

root@node2:~# cat /etc/gitlab-runner/config.toml
log_level = "debug"
...

• Технология Docker Предоставление прав непривилегированным пользователям

root@node2:~# systemctl start gitlab-runner

• CI/CD templates

student@gate:~/dhcp$ cat .gitlab-ci.yml

test1:
  stage: test
  script:
    - echo $(date) "Do test dhcpd" >> /tmp/Bash.gitlab-ci.log
    - make test
  tags:
    - dhcptest

deploy1:
  stage: deploy
  script:
    - echo $(date) "Do deploy dhcpd" >> /tmp/Bash.gitlab-ci.log
    - sudo make install
  tags:
    - dhcpdeploy

root@server:~/openvpn1# cat .gitlab-ci.yml

deploy_test:
  stage: deploy
  script:
    - echo $(date) "Deploy TEST openvpn1" >> /tmp/Bash.gitlab-ci.log
    - ansible-playbook openvpn1.yaml -i inventory.yaml -e "variable_host=test_nodes"
  tags:
    - openvpn1deploy
  rules:
    - if: ($CI_COMMIT_BRANCH == "test" && $CI_COMMIT_REF_NAME == "test")

deploy_prod:
  stage: deploy
  script:
    - echo $(date) "Deploy PROD openvpn1" >> /tmp/Bash.gitlab-ci.log
    - ansible-playbook openvpn1.yaml -i inventory.yaml
  tags:
    - openvpn1deploy
  rules:
    - if: ($CI_COMMIT_BRANCH == "main" && $CI_COMMIT_REF_NAME == "main")

vagrant@node1:~/project1$ cat .gitlab-ci.yml

test1:
  stage: test
  script:
    - echo $(date) "Do a test here" >> /tmp/Bash.gitlab-ci.log
    - shellcheck webd/webd
  tags:
    - shellcheck

deploy1:
  stage: deploy
  script:
    - echo $(date) "Do your deploy here" >> /tmp/Bash.gitlab-ci.log
    - docker-compose up -d
  tags:
    - webddeploy

• Integrate LDAP with GitLab
• Установка и настройка OpenLDAP
• Хранение учетных записей UNIX в LDAP !!! с атрибутом почты и паролем

# cat /etc/gitlab/gitlab.rb

...
gitlab_rails['ldap_enabled'] = true

gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
  main:
    label: 'LDAP'
    host: 'server.corpX.un'
    port: 389
#    port: 636
    uid: 'uid'
    bind_dn: 'cn=admin,dc=corpX,dc=un'
    password: 'secret'
    encryption: 'plain'
#    encryption: 'simple_tls'
    active_directory: false
    base: 'ou=People,dc=corpX,dc=un'
...

# gitlab-ctl reconfigure

• !!! URL без финального “/” !!!

Admin Area-> Applications-> val-auth-test
  Callback URL: https://val.bmstu.ru/auth-test
  Trusted: Yes