第22篇 如何部署gitLab进行开发版本控制
1.版本控制工具
常用的版本管理工具有:github,gitlab,subversion
官网:https://about.gitlab.com/
国内镜像:https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/
版本管理,系统上线流程:
- 开发代码(开发人员)
- 测试(测试人员)
- 发布(运维人员)
- 测试(测试人员)
- 发邮件申请发布(开发人员)邮件发给开发的领导、抄送给运维团队
- 填写变更单,为了避免背锅
- 开发领导审批
- 评估影响范围(运维人员)
- 向运维领导汇报(运维人员)
- 与开发领导协商(运维领导)
- 发布(运维人员)----生产环境
- 测试(测试人员)—如果出问题就回滚(运维人员)
gitlab管理命令:
2.gitlab部署流程
1.环境准备
//保证仓库环境为阿里云
[root@localhost yum.repos.d]# ls
CentOS-Base.repo epel.repo epel-testing.repo
epel-modular.repo epel-testing-modular.repo
//安装git
[root@rsync ~]# yum -y install git
//安装依赖包
[root@rsync ~]# yum -y install curl openssh-server openssh-clients postfix cronie perl
//启动postfix服务并设置开机自启
[root@localhost src]# systemctl restart postfix.service
[root@localhost src]# systemctl enable --now postfix.service
Created symlink /etc/systemd/system/multi-user.target.wants/postfix.service → /usr/lib/systemd/system/postfix.service.
//关闭防火墙
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@localhost ~]# setenforce 0
setenforce: SELinux is disabled
[root@localhost ~]# reboot
2.下载并部署
下载gitlab的rpm包
[root@localhost ~]# cd /usr/src/
[root@localhost src]# ls
debug kernels
[root@rhel8 src]# wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm
[root@rhel8 src]# ls
debug gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm kernels
此时安装会发现需要一个依赖包 policycoreutils-python
wget https://mirrors.tuna.tsinghua.edu.cn/centos/7/os/x86_64/Packages/policycoreutils-python-2.5-34.el7.x86_64.rpm
安装gitlab后直接安装会发现无法安装,即使添加了--nodeps去除依赖性也安装不成功
此时我们需要使用rpm -qa|grep policy 找到policycoreutils
然后将其卸载rpm -e policycoreutils
[root@localhost src]# rpm -qa | grep policy
selinux-policy-3.14.3-89.el8.noarch
policycoreutils-2.9-18.el8.x86_64
selinux-policy-targeted-3.14.3-89.el8.noarch
[root@localhost src]# rpm -e policycoreutils-2.9-18.el8.x86_64
//软件包保持即可
[root@localhost ~]# rpm -qa | grep policy
selinux-policy-3.14.3-89.el8.noarch
selinux-policy-targeted-3.14.3-89.el8.noarch
在次安装
[root@localhost src]# rpm -ivh policycoreutils-python-2.5-34.el7.x86_64.rpm --nodeps
warning: policycoreutils-python-2.5-34.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:policycoreutils-python-2.5-34.el7################################# [100%]
//安装gitlab
[root@localhost src]# rpm -ivh gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm
warning: gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID f27eab47: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:gitlab-ce-15.3.3-ce.0.el7 ################################# [100%]
It looks like GitLab has not been configured yet; skipping the upgrade script.
*. *.
*** ***
***** *****
.****** *******
******** ********
,,,,,,,,,***********,,,,,,,,,
,,,,,,,,,,,*********,,,,,,,,,,,
.,,,,,,,,,,,*******,,,,,,,,,,,,
,,,,,,,,,*****,,,,,,,,,.
,,,,,,,****,,,,,,
.,,,***,,,,
,*,.
_______ __ __ __
/ ____(_) /_/ / ____ _/ /_
/ / __/ / __/ / / __ `/ __ \
/ /_/ / / /_/ /___/ /_/ / /_/ /
\____/_/\__/_____/\__,_/_.___/
Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
sudo gitlab-ctl reconfigure
For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md
Help us improve the installation experience, let us know how we did with a 1 minute survey:
https://gitlab.fra1.qualtrics.com/jfe/form/SV_6kVqZANThUQ1bZb?installation=omnibus&release=15-3
3.部署私人仓库
external_url 'http://192.168.47.137' //将此处设为gitlab的服务器ip地址亦或域名
//重载配置文件并重启gitlab
[root@localhost ~]# gitlab-ctl reconfigure
[root@localhost ~]# gitlab-ctl restart
ok: run: alertmanager: (pid 6693) 0s
ok: run: gitaly: (pid 6705) 0s
ok: run: gitlab-exporter: (pid 6716) 0s
ok: run: gitlab-kas: (pid 6718) 1s
ok: run: gitlab-workhorse: (pid 6725) 0s
ok: run: logrotate: (pid 6734) 0s
ok: run: nginx: (pid 6744) 1s
ok: run: node-exporter: (pid 6749) 0s
ok: run: postgres-exporter: (pid 6753) 1s
ok: run: postgresql: (pid 6760) 0s
ok: run: prometheus: (pid 6769) 1s
ok: run: puma: (pid 6783) 0s
ok: run: redis: (pid 6788) 0s
ok: run: redis-exporter: (pid 6794) 0s
ok: run: sidekiq: (pid 6805) 0s
//查看当前的gitlab版本
[root@localhost ~]# head -1 /opt/gitlab/version-manifest.txt
gitlab-ce 15.3.3
4.破解管理员密码
[root@localhost ~]# gitlab-rails console -e production
--------------------------------------------------------------------------------
Ruby: ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux]
GitLab: 15.3.3 (c629a47f87f) FOSS
GitLab Shell: 14.10.0
PostgreSQL: 13.6
------------------------------------------------------------[ booted in 47.14s ]
Loading production environment (Rails 6.1.6.1)
irb(main):001:0> user = User.where(id:1).first
=> #<User id:1 @root>
irb(main):002:0> user.password = 'carr123!'
=> "carr123!" //密码必须至少8个字符
irb(main):003:0> user.password_confirmation = 'carr123!'
=> "carr123!"
irb(main):004:0> user.save!
=> true //保存修改,若无问题将返回true
irb(main):005:0> exit
3.gitlab管理流程
在浏览器中使用gitlab服务器的ip访问,
192.168.47.137
用户名为root 默认管理员为root
密码为刚刚设置的密码
4.汉化
用户旁边下拉箭头—preferences—localization—language–选择简体中文–保存更改
5.关闭注册功能
由于我们gitlab是私有仓库,一般用户都是由管理员创建和分派的,所以我们需要关闭注册
管理员—设置–通用–注册限制—把已启用注册功能的勾去掉–保存更改
6.项目传输管理
创建一个项目
将平台项目克隆到服务器本地中
先在平台中部署密钥
将本地的公钥信息注册到平台
[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:5LAsmYb94yyYs6s+9yK23rCY9fdK9GWAfH32EKegAXo root@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
| ... . . . |
| o . + . + |
| . E = . = |
| o = * . o o |
| . * + S o . |
| . + . o |
| ..o + . |
|.*B+.+.. |
|B*B=+++o. |
+----[SHA256]-----+
[root@localhost ~]# cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsV/SCBM8RPr0fZWzuz8Yb/6ph9zjDu671uCH5hTxvb9jCx2HaqxRB7qjhpjPSpMl11jj2J1bZy764LWfX4mFqNAVxrhFzFj/sY5Cx0Ot5n5Lme0rwG/MlDh5xoEK1hgOkM4HRVqA/I0PC+5gjKSxEYYcp3WPUO6IrhNoEh6qfokxlPy3RnFYdEVGwjV/PLVyK8ZnLas37bS+lDpJxNILCSkENjq8wAQlRy69v37dFieSwYi8PQIbVlknYOA0SnVyFhD4p6E4bQtltQsEC6sci1H74znXu/iaMtPyJ118z3bz2g1G8rTAiEmDxk8MPAsRwy+HLFAwwT48Rs8ogq5tEDCTy/tm7m/Ijjn7OnlWRJ6bmetPxzQnFZPLWNBWlUp47j7pIQRD0uGxQK1wmJWCKiCLU++4O0eUxVjwJ+IdvltOTQeWgpDgzWfCC3vCWShwn2h+b/3NzLYvCs6A1GQcJB6aJP4Z9unQM8y+plJ5c/2bU8IMXurUy5/bD27uZmOE= root@localhost.localdomain
指定克隆
[root@localhost ~]# git clone git@192.168.47.137:gitlab-instance-41b2f8dd/linux.git
Cloning into 'linux'...
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (3/3), done.
[root@localhost ~]# ls
anaconda-ks.cfg linux
[root@localhost ~]# cd linux/
[root@localhost linux]# ls
README.md
配置邮箱和账号
[root@localhost linux]# git config --global user.email "root@example.com"
[root@localhost linux]# git config --global user.name "root"
上传文件测试
[root@localhost linux]# touch ssh1
[root@localhost linux]# git add ssh1
提交事务
[root@localhost linux]# git commit -m "is file" “” 代表描述信息
[main d19dca5] is file
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 ssh1
[root@localhost linux]# git push
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 260 bytes | 260.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
65d8467..d19dca5 main -> main
web界面添加成功
添加所有分支
[root@localhost linux]# touch hh ll
[root@localhost linux]# ls
hh ll README.md ssh1
[root@localhost linux]# git add . //代表添加所有文件
[root@localhost linux]# git commit -m "is file"
[main 5a37f4c] is file
2 files changed, 0 insertions(+), 0 deletions(-)
create mode 100644 hh
create mode 100644 ll
[root@localhost linux]# git push
Enumerating objects: 3, done.
Counting objects: 100% (3/3), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 262 bytes | 262.00 KiB/s, done.
Total 2 (delta 0), reused 0 (delta 0), pack-reused 0
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
d19dca5..5a37f4c main -> main
添加分支
[root@localhost linux]# git branch lty
[root@localhost linux]# git push origin lty
Total 0 (delta 0), reused 0 (delta 0), pack-reused 0
remote:
remote: To create a merge request for lty, visit:
remote: http://192.168.47.137/gitlab-instance-41b2f8dd/linux/-/merge_requests/new?merge_request%5Bsource_branch%5D=lty
remote:
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
* [new branch] lty -> lty
[root@localhost linux]# git checkout lty
Switched to branch 'lty'
同步分支内容
[root@localhost linux]# touch pp
[root@localhost linux]# git add pp
[root@localhost linux]# git commit -m "is file"
[lty 491ae4d] is file
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 pp
[root@localhost linux]# git push origin lty
Enumerating objects: 3, done.
Counting objects: 100% (3/3), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 219 bytes | 219.00 KiB/s, done.
Total 2 (delta 1), reused 0 (delta 0), pack-reused 0
remote:
remote: To create a merge request for lty, visit:
remote: http://192.168.47.137/gitlab-instance-41b2f8dd/linux/-/merge_requests/new?merge_request%5Bsource_branch%5D=lty
remote:
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
5a37f4c..491ae4d lty -> lty
拉取分支内容 将lty分支的内容拉去到main分支中
[root@localhost linux]# git checkout main
Switched to branch 'main'
Your branch is up to date with 'origin/main'.
[root@localhost linux]# git pull origin lty
warning: Pulling without specifying how to reconcile divergent branches is
discouraged. You can squelch this message by running one of the following
commands sometime before your next pull:
git config pull.rebase false # merge (the default strategy)
git config pull.rebase true # rebase
git config pull.ff only # fast-forward only
You can replace "git config" with "git config --global" to set a default
preference for all repositories. You can also pass --rebase, --no-rebase,
or --ff-only on the command line to override the configured default per
invocation.
From 192.168.47.137:gitlab-instance-41b2f8dd/linux
* branch lty -> FETCH_HEAD
Updating 5a37f4c..491ae4d
Fast-forward
pp | 0
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 pp
[root@localhost linux]#
[root@localhost linux]# git push
Total 0 (delta 0), reused 0 (delta 0), pack-reused 0
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
5a37f4c..491ae4d main -> main