1.版本控制工具
常用的版本管理工具有:github,gitlab,subversion
官網:https://about.gitlab.com/
國內映象:https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/
版本管理,系統上線流程:
- 開發程式碼(開發人員)
- 測試(測試人員)
- 釋出(運維人員)
- 測試(測試人員)
- 發郵件申請釋出(開發人員)郵件發給開發的領導、抄送給運維團隊
- 填寫變更單,為了避免背鍋
- 開發領導審批
- 評估影響範圍(運維人員)
- 向運維領導彙報(運維人員)
- 與開發領導協商(運維領導)
- 釋出(運維人員)----生產環境
- 測試(測試人員)—如果出問題就回滾(運維人員)
gitlab管理命令:
2.gitlab部署流程
1.環境準備
//保證倉庫環境為阿里雲
[root@localhost yum.repos.d]# ls
CentOS-Base.repo epel.repo epel-testing.repo
epel-modular.repo epel-testing-modular.repo
//安裝git
[root@rsync ~]# yum -y install git
//安裝依賴包
[root@rsync ~]# yum -y install curl openssh-server openssh-clients postfix cronie perl
//啟動postfix服務並設定開機自啟
[root@localhost src]# systemctl restart postfix.service
[root@localhost src]# systemctl enable --now postfix.service
Created symlink /etc/systemd/system/multi-user.target.wants/postfix.service → /usr/lib/systemd/system/postfix.service.
//關閉防火牆
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@localhost ~]# setenforce 0
setenforce: SELinux is disabled
[root@localhost ~]# reboot
2.下載並部署
下載gitlab的rpm包
[root@localhost ~]# cd /usr/src/
[root@localhost src]# ls
debug kernels
[root@rhel8 src]# wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm
[root@rhel8 src]# ls
debug gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm kernels
此時安裝會發現需要一個依賴包 policycoreutils-python
wget https://mirrors.tuna.tsinghua.edu.cn/centos/7/os/x86_64/Packages/policycoreutils-python-2.5-34.el7.x86_64.rpm
安裝gitlab後直接安裝會發現無法安裝,即使新增了--nodeps去除依賴性也安裝不成功
此時我們需要使用rpm -qa|grep policy 找到policycoreutils
然後將其解除安裝rpm -e policycoreutils
[root@localhost src]# rpm -qa | grep policy
selinux-policy-3.14.3-89.el8.noarch
policycoreutils-2.9-18.el8.x86_64
selinux-policy-targeted-3.14.3-89.el8.noarch
[root@localhost src]# rpm -e policycoreutils-2.9-18.el8.x86_64
//軟體包保持即可
[root@localhost ~]# rpm -qa | grep policy
selinux-policy-3.14.3-89.el8.noarch
selinux-policy-targeted-3.14.3-89.el8.noarch
在次安裝
[root@localhost src]# rpm -ivh policycoreutils-python-2.5-34.el7.x86_64.rpm --nodeps
warning: policycoreutils-python-2.5-34.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:policycoreutils-python-2.5-34.el7################################# [100%]
//安裝gitlab
[root@localhost src]# rpm -ivh gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm
warning: gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID f27eab47: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:gitlab-ce-15.3.3-ce.0.el7 ################################# [100%]
It looks like GitLab has not been configured yet; skipping the upgrade script.
*. *.
*** ***
***** *****
.****** *******
******** ********
,,,,,,,,,***********,,,,,,,,,
,,,,,,,,,,,*********,,,,,,,,,,,
.,,,,,,,,,,,*******,,,,,,,,,,,,
,,,,,,,,,*****,,,,,,,,,.
,,,,,,,****,,,,,,
.,,,***,,,,
,*,.
_______ __ __ __
/ ____(_) /_/ / ____ _/ /_
/ / __/ / __/ / / __ `/ __ \
/ /_/ / / /_/ /___/ /_/ / /_/ /
\____/_/\__/_____/\__,_/_.___/
Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
sudo gitlab-ctl reconfigure
For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md
Help us improve the installation experience, let us know how we did with a 1 minute survey:
https://gitlab.fra1.qualtrics.com/jfe/form/SV_6kVqZANThUQ1bZb?installation=omnibus&release=15-3
3.部署私人倉庫
external_url 'http://192.168.47.137' //將此處設為gitlab的伺服器ip地址亦或域名
//過載配置檔案並重啟gitlab
[root@localhost ~]# gitlab-ctl reconfigure
[root@localhost ~]# gitlab-ctl restart
ok: run: alertmanager: (pid 6693) 0s
ok: run: gitaly: (pid 6705) 0s
ok: run: gitlab-exporter: (pid 6716) 0s
ok: run: gitlab-kas: (pid 6718) 1s
ok: run: gitlab-workhorse: (pid 6725) 0s
ok: run: logrotate: (pid 6734) 0s
ok: run: nginx: (pid 6744) 1s
ok: run: node-exporter: (pid 6749) 0s
ok: run: postgres-exporter: (pid 6753) 1s
ok: run: postgresql: (pid 6760) 0s
ok: run: prometheus: (pid 6769) 1s
ok: run: puma: (pid 6783) 0s
ok: run: redis: (pid 6788) 0s
ok: run: redis-exporter: (pid 6794) 0s
ok: run: sidekiq: (pid 6805) 0s
//檢視當前的gitlab版本
[root@localhost ~]# head -1 /opt/gitlab/version-manifest.txt
gitlab-ce 15.3.3
4.破解管理員密碼
[root@localhost ~]# gitlab-rails console -e production
--------------------------------------------------------------------------------
Ruby: ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux]
GitLab: 15.3.3 (c629a47f87f) FOSS
GitLab Shell: 14.10.0
PostgreSQL: 13.6
------------------------------------------------------------[ booted in 47.14s ]
Loading production environment (Rails 6.1.6.1)
irb(main):001:0> user = User.where(id:1).first
=> #<User id:1 @root>
irb(main):002:0> user.password = 'carr123!'
=> "carr123!" //密碼必須至少8個字元
irb(main):003:0> user.password_confirmation = 'carr123!'
=> "carr123!"
irb(main):004:0> user.save!
=> true //儲存修改,若無問題將返回true
irb(main):005:0> exit
3.gitlab管理流程
在瀏覽器中使用gitlab伺服器的ip訪問,
192.168.47.137
使用者名稱為root 預設管理員為root
密碼為剛剛設定的密碼
4.漢化
使用者旁邊下拉箭頭—preferences—localization—language–選擇簡體中文–儲存更改
5.關閉註冊功能
由於我們gitlab是私有倉庫,一般使用者都是由管理員建立和分派的,所以我們需要關閉註冊
管理員—設定–通用–註冊限制—把已啟用註冊功能的勾去掉–儲存更改
6.專案傳輸管理
建立一個專案
將平臺專案克隆到伺服器本地中
先在平臺中部署金鑰
將本地的公鑰資訊註冊到平臺
[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:5LAsmYb94yyYs6s+9yK23rCY9fdK9GWAfH32EKegAXo root@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
| ... . . . |
| o . + . + |
| . E = . = |
| o = * . o o |
| . * + S o . |
| . + . o |
| ..o + . |
|.*B+.+.. |
|B*B=+++o. |
+----[SHA256]-----+
[root@localhost ~]# cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsV/SCBM8RPr0fZWzuz8Yb/6ph9zjDu671uCH5hTxvb9jCx2HaqxRB7qjhpjPSpMl11jj2J1bZy764LWfX4mFqNAVxrhFzFj/sY5Cx0Ot5n5Lme0rwG/MlDh5xoEK1hgOkM4HRVqA/I0PC+5gjKSxEYYcp3WPUO6IrhNoEh6qfokxlPy3RnFYdEVGwjV/PLVyK8ZnLas37bS+lDpJxNILCSkENjq8wAQlRy69v37dFieSwYi8PQIbVlknYOA0SnVyFhD4p6E4bQtltQsEC6sci1H74znXu/iaMtPyJ118z3bz2g1G8rTAiEmDxk8MPAsRwy+HLFAwwT48Rs8ogq5tEDCTy/tm7m/Ijjn7OnlWRJ6bmetPxzQnFZPLWNBWlUp47j7pIQRD0uGxQK1wmJWCKiCLU++4O0eUxVjwJ+IdvltOTQeWgpDgzWfCC3vCWShwn2h+b/3NzLYvCs6A1GQcJB6aJP4Z9unQM8y+plJ5c/2bU8IMXurUy5/bD27uZmOE= root@localhost.localdomain
指定克隆
[root@localhost ~]# git clone git@192.168.47.137:gitlab-instance-41b2f8dd/linux.git
Cloning into 'linux'...
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (3/3), done.
[root@localhost ~]# ls
anaconda-ks.cfg linux
[root@localhost ~]# cd linux/
[root@localhost linux]# ls
README.md
配置郵箱和賬號
[root@localhost linux]# git config --global user.email "root@example.com"
[root@localhost linux]# git config --global user.name "root"
上傳檔案測試
[root@localhost linux]# touch ssh1
[root@localhost linux]# git add ssh1
提交事務
[root@localhost linux]# git commit -m "is file" “” 代表描述資訊
[main d19dca5] is file
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 ssh1
[root@localhost linux]# git push
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 260 bytes | 260.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
65d8467..d19dca5 main -> main
web介面新增成功
新增所有分支
[root@localhost linux]# touch hh ll
[root@localhost linux]# ls
hh ll README.md ssh1
[root@localhost linux]# git add . //代表新增所有檔案
[root@localhost linux]# git commit -m "is file"
[main 5a37f4c] is file
2 files changed, 0 insertions(+), 0 deletions(-)
create mode 100644 hh
create mode 100644 ll
[root@localhost linux]# git push
Enumerating objects: 3, done.
Counting objects: 100% (3/3), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 262 bytes | 262.00 KiB/s, done.
Total 2 (delta 0), reused 0 (delta 0), pack-reused 0
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
d19dca5..5a37f4c main -> main
新增分支
[root@localhost linux]# git branch lty
[root@localhost linux]# git push origin lty
Total 0 (delta 0), reused 0 (delta 0), pack-reused 0
remote:
remote: To create a merge request for lty, visit:
remote: http://192.168.47.137/gitlab-instance-41b2f8dd/linux/-/merge_requests/new?merge_request%5Bsource_branch%5D=lty
remote:
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
* [new branch] lty -> lty
[root@localhost linux]# git checkout lty
Switched to branch 'lty'
同步分支內容
[root@localhost linux]# touch pp
[root@localhost linux]# git add pp
[root@localhost linux]# git commit -m "is file"
[lty 491ae4d] is file
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 pp
[root@localhost linux]# git push origin lty
Enumerating objects: 3, done.
Counting objects: 100% (3/3), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 219 bytes | 219.00 KiB/s, done.
Total 2 (delta 1), reused 0 (delta 0), pack-reused 0
remote:
remote: To create a merge request for lty, visit:
remote: http://192.168.47.137/gitlab-instance-41b2f8dd/linux/-/merge_requests/new?merge_request%5Bsource_branch%5D=lty
remote:
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
5a37f4c..491ae4d lty -> lty
拉取分支內容 將lty分支的內容拉去到main分支中
[root@localhost linux]# git checkout main
Switched to branch 'main'
Your branch is up to date with 'origin/main'.
[root@localhost linux]# git pull origin lty
warning: Pulling without specifying how to reconcile divergent branches is
discouraged. You can squelch this message by running one of the following
commands sometime before your next pull:
git config pull.rebase false # merge (the default strategy)
git config pull.rebase true # rebase
git config pull.ff only # fast-forward only
You can replace "git config" with "git config --global" to set a default
preference for all repositories. You can also pass --rebase, --no-rebase,
or --ff-only on the command line to override the configured default per
invocation.
From 192.168.47.137:gitlab-instance-41b2f8dd/linux
* branch lty -> FETCH_HEAD
Updating 5a37f4c..491ae4d
Fast-forward
pp | 0
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 pp
[root@localhost linux]#
[root@localhost linux]# git push
Total 0 (delta 0), reused 0 (delta 0), pack-reused 0
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
5a37f4c..491ae4d main -> main