@@ -4,7 +4,7 @@ OAuth2 is a protocol that enables us to get access to private details of user's
...
@@ -4,7 +4,7 @@ OAuth2 is a protocol that enables us to get access to private details of user's
Before using the OAuth2 you should create an application in user's account. Each application getting unique App ID and App Secret parameters. You should not share them.
Before using the OAuth2 you should create an application in user's account. Each application getting unique App ID and App Secret parameters. You should not share them.
This functianolity is based on [doorkeeper gem](https://github.com/doorkeeper-gem/doorkeeper)
This functionality is based on [doorkeeper gem](https://github.com/doorkeeper-gem/doorkeeper)
## Web Application Flow
## Web Application Flow
...
@@ -15,7 +15,7 @@ This flow consists from 3 steps.
...
@@ -15,7 +15,7 @@ This flow consists from 3 steps.
@@ -16,8 +16,8 @@ You can imagine GitLab as a physical office.
...
@@ -16,8 +16,8 @@ You can imagine GitLab as a physical office.
They can be stored in a warehouse.
They can be stored in a warehouse.
This can be either a hard disk, or something more complex, such as a NFS filesystem;
This can be either a hard disk, or something more complex, such as a NFS filesystem;
**NginX** acts like the front-desk.
**Nginx** acts like the front-desk.
Users come to NginX and request actions to be done by workers in the office;
Users come to Nginx and request actions to be done by workers in the office;
**The database** is a series of metal file cabinets with information on:
**The database** is a series of metal file cabinets with information on:
- The goods in the warehouse (metadata, issues, merge requests etc);
- The goods in the warehouse (metadata, issues, merge requests etc);
...
@@ -70,7 +70,7 @@ To summarize here's the [directory structure of the `git` user home directory](.
...
@@ -70,7 +70,7 @@ To summarize here's the [directory structure of the `git` user home directory](.
ps aux | grep '^git'
ps aux | grep '^git'
GitLab has several components to operate. As a system user (i.e. any user that is not the `git` user) it requires a persistent database (MySQL/PostreSQL) and redis database. It also uses Apache httpd or nginx to proxypass Unicorn. As the `git` user it starts Sidekiq and Unicorn (a simple ruby HTTP server running on port `8080` by default). Under the GitLab user there are normally 4 processes: `unicorn_rails master` (1 process), `unicorn_rails worker` (2 processes), `sidekiq` (1 process).
GitLab has several components to operate. As a system user (i.e. any user that is not the `git` user) it requires a persistent database (MySQL/PostreSQL) and redis database. It also uses Apache httpd or Nginx to proxypass Unicorn. As the `git` user it starts Sidekiq and Unicorn (a simple ruby HTTP server running on port `8080` by default). Under the GitLab user there are normally 4 processes: `unicorn_rails master` (1 process), `unicorn_rails worker` (2 processes), `sidekiq` (1 process).
### Repository access
### Repository access
...
@@ -146,13 +146,13 @@ nginx
...
@@ -146,13 +146,13 @@ nginx
Apache httpd
Apache httpd
-[Explanation of apache logs](http://httpd.apache.org/docs/2.2/logs.html).
-[Explanation of Apache logs](http://httpd.apache.org/docs/2.2/logs.html).
-`/var/log/apache2/` contains error and output logs (on Ubuntu).
-`/var/log/apache2/` contains error and output logs (on Ubuntu).
-`/var/log/httpd/` contains error and output logs (on RHEL).
-`/var/log/httpd/` contains error and output logs (on RHEL).
redis
redis
-`/var/log/redis/redis.log` there are also logrotated logs there.
-`/var/log/redis/redis.log` there are also log-rotated logs there.
@@ -26,7 +26,7 @@ We use [these build scripts](https://gitlab.com/gitlab-org/gitlab-ci/blob/master
...
@@ -26,7 +26,7 @@ We use [these build scripts](https://gitlab.com/gitlab-org/gitlab-ci/blob/master
# Build configuration on [Semaphore](https://semaphoreapp.com/gitlabhq/gitlabhq/) for testing the [GitHub.com repo](https://github.com/gitlabhq/gitlabhq)
# Build configuration on [Semaphore](https://semaphoreapp.com/gitlabhq/gitlabhq/) for testing the [GitHub.com repo](https://github.com/gitlabhq/gitlabhq)
@@ -13,7 +13,7 @@ Jenkins support is [available in GitLab EE](http://doc.gitlab.com/ee/integration
...
@@ -13,7 +13,7 @@ Jenkins support is [available in GitLab EE](http://doc.gitlab.com/ee/integration
## Project services
## Project services
Integration with services such as Campfire, Flowdock, Gemnasium, HipChat, PivotalTracker and Slack are available in the from of a Project Service.
Integration with services such as Campfire, Flowdock, Gemnasium, HipChat, Pivotal Tracker, and Slack are available in the form of a Project Service.
You can find these within GitLab in the Services page under Project Settings if you are at least a master on the project.
You can find these within GitLab in the Services page under Project Settings if you are at least a master on the project.
Project Services are a bit like plugins in that they allow a lot of freedom in adding functionality to GitLab, for example there is also a service that can send an email every time someone pushes new commits.
Project Services are a bit like plugins in that they allow a lot of freedom in adding functionality to GitLab, for example there is also a service that can send an email every time someone pushes new commits.
Because GitLab is open source we can ship with the code and tests for all plugins.
Because GitLab is open source we can ship with the code and tests for all plugins.
@@ -6,7 +6,7 @@ GitLab has a great issue tracker but you can also use an external issue tracker
...
@@ -6,7 +6,7 @@ GitLab has a great issue tracker but you can also use an external issue tracker
- clicking 'New issue' on the project dashboard creates a new JIRA issue;
- clicking 'New issue' on the project dashboard creates a new JIRA issue;
- To reference JIRA issue PROJECT-1234 in comments, use syntax PROJECT-1234. Commit messages get turned into HTML links to the corresponding JIRA issue.
- To reference JIRA issue PROJECT-1234 in comments, use syntax PROJECT-1234. Commit messages get turned into HTML links to the corresponding JIRA issue.
![jira screenshot](jira-integration-points.png)
![Jira screenshot](jira-integration-points.png)
You can configure the integration in the gitlab.yml configuration file.
You can configure the integration in the gitlab.yml configuration file.
This documentation is for enabling shibboleth with gitlab-omnibus package.
This documentation is for enabling shibboleth with gitlab-omnibus package.
In order to enable Shibboleth support in gitlab we need to use Apache instead of Nginx (It may be possible to use Nginx, however I did not found way to easily configure nginx that is bundled in gitlab-omnibus package). Apache uses mod_shib2 module for shibboleth authentication and can pass attributes as headers to omniauth-shibboleth provider.
In order to enable Shibboleth support in gitlab we need to use Apache instead of Nginx (It may be possible to use Nginx, however I did not found way to easily configure Nginx that is bundled in gitlab-omnibus package). Apache uses mod_shib2 module for shibboleth authentication and can pass attributes as headers to omniauth-shibboleth provider.
To enable the Shibboleth OmniAuth provider you must:
To enable the Shibboleth OmniAuth provider you must:
...
@@ -10,7 +10,7 @@ To enable the Shibboleth OmniAuth provider you must:
...
@@ -10,7 +10,7 @@ To enable the Shibboleth OmniAuth provider you must:
1. Configure Apache shibboleth module. Installation and configuration of module it self is out of scope of this document.
1. Configure Apache shibboleth module. Installation and configuration of module it self is out of scope of this document.
Check https://wiki.shibboleth.net/ for more info.
Check https://wiki.shibboleth.net/ for more info.
1. You can find Apache config in gitlab-reciepes (https://github.com/gitlabhq/gitlab-recipes/blob/master/web-server/apache/gitlab-ssl.conf)
1. You can find Apache config in gitlab-recipes (https://github.com/gitlabhq/gitlab-recipes/blob/master/web-server/apache/gitlab-ssl.conf)
Following changes are needed to enable shibboleth:
Following changes are needed to enable shibboleth:
exclude shibboleth URLs from rewriting, add "RewriteCond %{REQUEST_URI} !/Shibboleth.sso" and "RewriteCond %{REQUEST_URI} !/shibboleth-sp", config should look like this:
exclude shibboleth URLs from rewriting, add "RewriteCond %{REQUEST_URI} !/Shibboleth.sso" and "RewriteCond %{REQUEST_URI} !/shibboleth-sp", config should look like this:
You can also use other rich text files in GitLab. You might have to install a depency to do so. Please see the [github-markup gem readme](https://github.com/gitlabhq/markup#markups) for more information.
You can also use other rich text files in GitLab. You might have to install a dependency to do so. Please see the [github-markup gem readme](https://github.com/gitlabhq/markup#markups) for more information.
## Newlines
## Newlines
...
@@ -68,7 +68,7 @@ It is not reasonable to italicize just _part_ of a word, especially when you're
...
@@ -68,7 +68,7 @@ It is not reasonable to italicize just _part_ of a word, especially when you're
perform_complicated_task
perform_complicated_task
do_this_and_do_that_and_another_thing
do_this_and_do_that_and_another_thing
## URL autolinking
## URL auto-linking
GFM will autolink standard URLs you copy and paste into your text. So if you want to link to a URL (instead of a textural link), you can simply put the URL in verbatim and it will be turned into a link to that URL.
GFM will autolink standard URLs you copy and paste into your text. So if you want to link to a URL (instead of a textural link), you can simply put the URL in verbatim and it will be turned into a link to that URL.
@@ -4,6 +4,6 @@ Git is a distributed version control system (DVCS).
...
@@ -4,6 +4,6 @@ Git is a distributed version control system (DVCS).
This means that everyone that works with the source code has a local copy of the complete repository.
This means that everyone that works with the source code has a local copy of the complete repository.
In GitLab every project member that is not a guest (so reporters, developers and masters) can clone the repository to get a local copy.
In GitLab every project member that is not a guest (so reporters, developers and masters) can clone the repository to get a local copy.
After obtaining this local copy the user can upload the full repository anywhere, including another project under their control or another server.
After obtaining this local copy the user can upload the full repository anywhere, including another project under their control or another server.
The consequense is that you can't build access controls that prevent the intentional sharing of source code by users that have access to the source code.
The consequence is that you can't build access controls that prevent the intentional sharing of source code by users that have access to the source code.
This is an inherent feature of a DVCS and all git management systems have this limitation.
This is an inherent feature of a DVCS and all git management systems have this limitation.
Obviously you can take steps to prevent unintentional sharing and information destruction, this is why only some people are allowed to invite others and nobody can force push a protected branch.
Obviously you can take steps to prevent unintentional sharing and information destruction, this is why only some people are allowed to invite others and nobody can force push a protected branch.
Deploy keys allow read-only access one or multiple projects with a single SSH key.
This is really useful for cloning repositories to your Continuous Integration (CI) server. By using a deploy keys you don't have to setup a dummy user account.
If you are a project master or owner you can add a deploy key in the project settings under the section Deploy Keys. Press the 'New Deploy Key' button and upload a public ssh key. After this the machine that uses the corresponding private key has read-only access to the project.
You can't add the same deploy key twice with the 'New Deploy Key' option. If you want to add the same key to another project please enable it in the list that says 'Deploy keys from projects available to you'. All the deploy keys of all the projects you have access to are available. This project access can happen through being a direct member of the project or through a group. See `def accessible_deploy_keys` in `app/models/user.rb` for more information.
SSH key allows you to establish a secure connection between your computer and GitLab
Before generating an SSH key, check if your system already has one by running `cat ~/.ssh/id_rsa.pub` If your see a long string starting with `ssh-rsa` or `ssh-dsa`, you can skip the ssh-keygen step.
To generate a new SSH key just open your terminal and use code below. The ssh-keygen command prompts you for a location and filename to store the key pair and for a password. When prompted for the location and filename you can press enter to use the default.
It is a best practice to use a password for an SSH key but it is not required and you can skip creating a password by pressing enter.
Note that the password you choose here can't be altered or retrieved.
```bash
ssh-keygen -t rsa -C"$your_email"
```
Use the code below to show your public key.
```bash
cat ~/.ssh/id_rsa.pub
```
Copy-paste the key to the 'My SSH Keys' section under the 'SSH' tab in your user profile. Please copy the complete key starting with `ssh-` and ending with your username and host.
Use code below to copy your public key to the clipboard. Depending on your OS you'll need to use a different command:
The migrations in this update are very sensitive to incomplete or inconsistent data. If you have a long-running GitLab installation and some of the previous upgrades did not work out 100% correct this may bite you now. The following can help you have a more smooth upgrade.
The migrations in this update are very sensitive to incomplete or inconsistent data. If you have a long-running GitLab installation and some of the previous upgrades did not work out 100% correct this may bite you now. The following can help you have a more smooth upgrade.
# Add support for lograte for better log file handling
# Add support for logrotate for better log file handling
sudo apt-get install logrotate
sudo apt-get install logrotate
# Install pkg-config and cmake, which is needed for the latest versions of rugged
# Install pkg-config and cmake, which is needed for the latest versions of rugged
...
@@ -220,13 +220,13 @@ mysql -u root -p
...
@@ -220,13 +220,13 @@ mysql -u root -p
# Convert all tables to use the InnoDB storage engine (added in GitLab 6.8)
# Convert all tables to use the InnoDB storage engine (added in GitLab 6.8)
SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' ENGINE=InnoDB;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `ENGINE` <> 'InnoDB' AND `TABLE_TYPE` = 'BASE TABLE';
SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' ENGINE=InnoDB;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `ENGINE` <> 'InnoDB' AND `TABLE_TYPE` = 'BASE TABLE';
# If previous query returned results, copy & run all outputed SQL statements
# If previous query returned results, copy & run all shown SQL statements
# Convert all tables to correct character set
# Convert all tables to correct character set
SET foreign_key_checks = 0;
SET foreign_key_checks = 0;
SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `TABLE_COLLATION` <> 'utf8_unicode_ci' AND `TABLE_TYPE` = 'BASE TABLE';
SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `TABLE_COLLATION` <> 'utf8_unicode_ci' AND `TABLE_TYPE` = 'BASE TABLE';
# If previous query returned results, copy & run all outputed SQL statements
# If previous query returned results, copy & run all shown SQL statements
# Convert all tables to use the InnoDB storage engine (added in GitLab 6.8)
# Convert all tables to use the InnoDB storage engine (added in GitLab 6.8)
SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' ENGINE=InnoDB;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `ENGINE` <> 'InnoDB' AND `TABLE_TYPE` = 'BASE TABLE';
SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' ENGINE=InnoDB;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `ENGINE` <> 'InnoDB' AND `TABLE_TYPE` = 'BASE TABLE';
# If previous query returned results, copy & run all outputed SQL statements
# If previous query returned results, copy & run all shown SQL statements
# Convert all tables to correct character set
# Convert all tables to correct character set
SET foreign_key_checks = 0;
SET foreign_key_checks = 0;
SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `TABLE_COLLATION` <> 'utf8_unicode_ci' AND `TABLE_TYPE` = 'BASE TABLE';
SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `TABLE_COLLATION` <> 'utf8_unicode_ci' AND `TABLE_TYPE` = 'BASE TABLE';
# If previous query returned results, copy & run all outputed SQL statements
# If previous query returned results, copy & run all shown SQL statements
@@ -43,7 +43,7 @@ Since most tools automatically make the master branch the default one and displa
...
@@ -43,7 +43,7 @@ Since most tools automatically make the master branch the default one and displa
The second problem of git flow is the complexity introduced by the hotfix and release branches.
The second problem of git flow is the complexity introduced by the hotfix and release branches.
These branches can be a good idea for some organizations but are overkill for the vast majority of them.
These branches can be a good idea for some organizations but are overkill for the vast majority of them.
Nowadays most organizations practice continuous delivery which means that your default branch can be deployed.
Nowadays most organizations practice continuous delivery which means that your default branch can be deployed.
This means that hotfixed and release branches can be prevented including all the ceremony they introduce.
This means that hotfix and release branches can be prevented including all the ceremony they introduce.
An example of this ceremony is the merging back of release branches.
An example of this ceremony is the merging back of release branches.
Though specialized tools do exist to solve this, they require documentation and add complexity.
Though specialized tools do exist to solve this, they require documentation and add complexity.
Frequently developers make a mistake and for example changes are only merged into master and not into the develop branch.
Frequently developers make a mistake and for example changes are only merged into master and not into the develop branch.
...
@@ -95,12 +95,12 @@ An 'extreme' version of environment branches are setting up an environment for e
...
@@ -95,12 +95,12 @@ An 'extreme' version of environment branches are setting up an environment for e
## Release branches with GitLab flow
## Release branches with GitLab flow
![Master and multiple release branches that vary in length with cherrypicks from master](release_branches.png)
![Master and multiple release branches that vary in length with cherry-picks from master](release_branches.png)
Only in case you need to release software to the outside world you need to work with release branches.
Only in case you need to release software to the outside world you need to work with release branches.
In this case, each branch contains a minor version (2-3-stable, 2-4-stable, etc.).
In this case, each branch contains a minor version (2-3-stable, 2-4-stable, etc.).
The stable branch uses master as a starting point and is created as late as possible.
The stable branch uses master as a starting point and is created as late as possible.
By branching as late as possible you minimize the time you have to apply bugfixes to multiple branches.
By branching as late as possible you minimize the time you have to apply bugfixes to multiple branches.
After a release branch is announced, only serious bug fixes are included in the release branch.
After a release branch is announced, only serious bug fixes are included in the release branch.
If possible these bug fixes are first merged into master and then cherry-picked into the release branch.
If possible these bug fixes are first merged into master and then cherry-picked into the release branch.
This way you can't forget to cherry-pick them into master and encounter the same bug on subsequent releases.
This way you can't forget to cherry-pick them into master and encounter the same bug on subsequent releases.
...
@@ -177,7 +177,7 @@ In GitLab this creates a comment in the issue that the merge requests mentions t
...
@@ -177,7 +177,7 @@ In GitLab this creates a comment in the issue that the merge requests mentions t
And the merge request shows the linked issues.
And the merge request shows the linked issues.
These issues are closed once code is merged into the default branch.
These issues are closed once code is merged into the default branch.
If you only want to make the reference without closing the issue you can also just mention it: "Ducktyping is preferred. #12".
If you only want to make the reference without closing the issue you can also just mention it: "Ducktyping is preferred. #12".
If you have an issue that spans across multiple repositories, the best thing is to create an issue for each repository and link all issues to a parent issue.
If you have an issue that spans across multiple repositories, the best thing is to create an issue for each repository and link all issues to a parent issue.