User Tools

Site Tools


инструмент_gitlab

Инструмент GitLab

Установка

# time ansible-playbook conf/ansible/roles/mail.yml
real    2m57.922s

# cat /etc/apache2/ports.conf
...
 81
...
# service apache2 restart
http://server.corpX.un:81/mail/
# apt-get install -y curl ca-certificates perl

# curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | bash

# time EXTERNAL_URL="http://server.corpX.un" apt-get install gitlab-ce
...
real    15m49.787s
..

Подключение

Подключение к Web интерфейсу

# cat /etc/gitlab/initial_root_password
# gitlab-rake "gitlab:password:reset[root]"

Подключение через API

root@node1:~# curl --header "PRIVATE-TOKEN: NNNNNNNNNNNNNNNNNNNNN" "http://server.corp13.un/api/v4/projects/4/repository/files/docker-compose.yml/raw?ref=master" | tee docker-compose.yml

Настройка

Файл конфигурации

# cat /etc/gitlab/gitlab.rb
...
external_url 'http://server.corpX.un'
...
# gitlab-ctl reconfigure

GitLab Docker Registry

# cat /etc/gitlab/gitlab.rb
registry_external_url 'http://server.corpX.un'
gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_host'] = "server.corpX.un"
registry['registry_http_addr'] = "server.corpX.un:5000"
...

GitLab Grafana

# cat /etc/gitlab/gitlab.rb
...
grafana['http_addr'] = '0.0.0.0'
...

Управление пользователями

Внутренние пользователи

  • Username - login, Name - ФИО

Использование LDAP

# cat /etc/gitlab/gitlab.rb
...
gitlab_rails['ldap_enabled'] = true

gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
  main:
    label: 'LDAP'
    host: 'server.corpX.un'
    port: 389
#    port: 636
    uid: 'uid'
    bind_dn: 'cn=admin,dc=corpX,dc=un'
    password: 'secret'
    encryption: 'plain'
#    encryption: 'simple_tls'
    active_directory: false
    base: 'ou=People,dc=corpX,dc=un'
...

GitLab Runner

# wget http://gate.isp.un/unix/Git/gitlab-runner_amd64.deb

# dpkg -i gitlab-runner_amd64.deb

# gitlab-runner register
...
Enter the GitLab instance URL: http://server.corpX.un
Enter the registration token: ...
...
Enter tags for the runner: dhcptest, dhcpdeploy
  или
Enter tags for the runner: openvpn1deploy
...
Enter an executor: shell
...

# cat /etc/gitlab-runner/config.toml
log_level = "debug"
...
# systemctl restart gitlab-runner

# gitlab-runner verify

GitLab CI/CD

Пример shell make

IDE GitLab->New File: .gitlab-ci.yml

или

CI/CD -> Editor -> Configure Pipelines
test1-job:
  stage: test
  script:
    - echo $(date) "Do test dhcpd" >> /tmp/Bash.gitlab-ci.log
    - make test
  tags:
    - dhcptest

deploy1-job:
  stage: deploy
  script:
    - echo $(date) "Do deploy dhcpd" >> /tmp/Bash.gitlab-ci.log
    - sudo make install
  tags:
    - dhcpdeploy

Пример shell ansible

Administrator@Ra-master ~/openvpn1 (test)

λ touch .gitlab-ci.yml
deploy_test:
  stage: deploy
  script:
    - echo $(date) "Deploy TEST openvpn1" >> /tmp/Bash.gitlab-ci.log
    - ansible-playbook openvpn1.yaml -i inventory.yaml -e "variable_host=test_nodes"
  tags:
    - openvpn1deploy
  only:
    - test

deploy_prod:
  stage: deploy
  script:
    - echo $(date) "Deploy PROD openvpn1" >> /tmp/Bash.gitlab-ci.log
    - ansible-playbook openvpn1.yaml -i inventory.yaml
  tags:
    - openvpn1deploy
  only:
#    - master
#    - main

Пример shell docker

# Надо назначить в GitLab 
export CI_REGISTRY=server.corpX.un:5000 
export CI_REGISTRY_IMAGE=student/webd
export CI_REGISTRY_USER=student
export CI_REGISTRY_PASSWORD=password

# в GitLab будет устанавлено автоматически
export CI_COMMIT_MESSAGE="ver 1.2"   
gitlab-runner@server:~/webd$ cat build.sh
#!/bin/sh

VER="$(echo $CI_COMMIT_MESSAGE | sed 's/[^a-zA-Z0-9\.]//g')"

docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD http://$CI_REGISTRY

docker build -t webd webd
#docker build --no-cache -t webd webd

docker tag webd $CI_REGISTRY/$CI_REGISTRY_IMAGE:$VER
docker tag webd $CI_REGISTRY/$CI_REGISTRY_IMAGE

docker push $CI_REGISTRY/$CI_REGISTRY_IMAGE:$VER
docker push $CI_REGISTRY/$CI_REGISTRY_IMAGE
gitlab-runner@server:~/webd$ sh build.sh
...
Step...
 ---> Using cache
...
..............: Pushed
...
..............: Layer already exists
...
latest: digest...
gitlab-runner@server:~/webd$ cat .gitlab-ci.yml
stages:
  - lintertest
  - build
#  - deploy

lintertest1:
  stage: lintertest
  script:
    - echo $(date) "Do a test here" >> /tmp/Bash.gitlab-ci.log
    - shellcheck webd/webd
  tags:
    - shellcheck

build1:
  stage: build
  script:
    - echo $(date) "Do a build here" >> /tmp/Bash.gitlab-ci.log
    - sh build.sh
  tags:
    - webdbuild

#deploy1:
#  stage: deploy
#  script:
#    - echo $(date) "Do your deploy k8s here" >> /tmp/Bash.gitlab-ci.log
#    - sh deploy.sh
#  tags:
#    - webddeploy

Пример shell Kubernetes

gitlab-runner@server:~/webd$ cp my-webd-deployment.yaml my-webd-deployment-env.yaml

gitlab-runner@server:~/webd$ cat my-webd-deployment-env.yaml
...
        image: server.corp13.un:5000/student/webd:$VER
...
# в GitLab будет устанавлено автоматически
gitlab-runner@gate:~/webd$ export CI_COMMIT_MESSAGE="ver 1.2"

gitlab-runner@gate:~/webd$ cat deploy.sh
#!/bin/sh

kubectl apply -f my-webd-deployment.yaml

#export VER="$(echo $CI_COMMIT_MESSAGE | sed 's/[^a-zA-Z0-9\.]//g')"

#envsubst < my-webd-deployment-env.yaml | kubectl apply -f -

kubectl apply -f my-webd-service.yaml


#export HELM_NAMESPACE=my-ns
#helm test my-webd && helm upgrade my-webd webd-chart/ --set=image.tag=$VER || helm install my-webd webd-chart/ --set=image.tag=$VER

Сервер OAuth2

  • !!! URL без финального “/” !!!
Admin Area-> Applications-> val-auth-test
  Callback URL: https://val.bmstu.ru/auth-test
  Trusted: Yes
инструмент_gitlab.txt · Last modified: 2022/09/28 06:50 by val