第22篇 如何部署gitLab進行開發版本控制

1.版本控制工具

常用的版本管理工具有：github，gitlab，subversion
官網：https://about.gitlab.com/
國內映象：https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/

版本管理，系統上線流程：

1. 開發程式碼（開發人員）
2. 測試（測試人員）
3. 釋出（運維人員）
4. 測試（測試人員）
5. 發郵件申請釋出（開發人員）郵件發給開發的領導、抄送給運維團隊
6. 填寫變更單，為了避免背鍋
7. 開發領導審批
8. 評估影響範圍（運維人員）
9. 向運維領導彙報（運維人員）
10. 與開發領導協商（運維領導）
11. 釋出（運維人員）----生產環境
12. 測試（測試人員）—如果出問題就回滾（運維人員）

gitlab管理命令:

2.gitlab部署流程

1.環境準備

//保證倉庫環境為阿里雲
[root@localhost yum.repos.d]# ls
CentOS-Base.repo   epel.repo                  epel-testing.repo
epel-modular.repo  epel-testing-modular.repo
//安裝git
[root@rsync ~]# yum -y install git
//安裝依賴包
[root@rsync ~]# yum -y install curl openssh-server openssh-clients postfix cronie  perl
//啟動postfix服務並設定開機自啟
[root@localhost src]# systemctl restart postfix.service 
[root@localhost src]# systemctl enable --now postfix.service 
Created symlink /etc/systemd/system/multi-user.target.wants/postfix.service → /usr/lib/systemd/system/postfix.service.


//關閉防火牆
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted


[root@localhost ~]# setenforce 0
setenforce: SELinux is disabled
[root@localhost ~]# reboot

2.下載並部署

下載gitlab的rpm包

[root@localhost ~]# cd /usr/src/
[root@localhost src]# ls
debug  kernels
[root@rhel8 src]# wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm
[root@rhel8 src]# ls
debug  gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm  kernels

此時安裝會發現需要一個依賴包 policycoreutils-python
wget https://mirrors.tuna.tsinghua.edu.cn/centos/7/os/x86_64/Packages/policycoreutils-python-2.5-34.el7.x86_64.rpm

安裝gitlab後直接安裝會發現無法安裝，即使新增了--nodeps去除依賴性也安裝不成功
此時我們需要使用rpm -qa|grep policy 找到policycoreutils
然後將其解除安裝rpm  -e  policycoreutils

[root@localhost src]# rpm -qa | grep policy
selinux-policy-3.14.3-89.el8.noarch
policycoreutils-2.9-18.el8.x86_64
selinux-policy-targeted-3.14.3-89.el8.noarch
[root@localhost src]# rpm -e policycoreutils-2.9-18.el8.x86_64
//軟體包保持即可
[root@localhost ~]# rpm -qa | grep policy
selinux-policy-3.14.3-89.el8.noarch
selinux-policy-targeted-3.14.3-89.el8.noarch

在次安裝
[root@localhost src]# rpm -ivh policycoreutils-python-2.5-34.el7.x86_64.rpm --nodeps
warning: policycoreutils-python-2.5-34.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Verifying...                          ################################# [100%]
Preparing...                          ################################# [100%]
Updating / installing...
   1:policycoreutils-python-2.5-34.el7################################# [100%]

//安裝gitlab
[root@localhost src]# rpm -ivh gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm 
warning: gitlab-ce-15.3.3-ce.0.el7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID f27eab47: NOKEY
Verifying...                          ################################# [100%]
Preparing...                          ################################# [100%]
Updating / installing...
   1:gitlab-ce-15.3.3-ce.0.el7        ################################# [100%]
It looks like GitLab has not been configured yet; skipping the upgrade script.

	 *.                  *.
	  ***                 ***
	 *****               *****
	.******             *******
	********            ********
   ,,,,,,,,,***********,,,,,,,,,
  ,,,,,,,,,,,*********,,,,,,,,,,,
  .,,,,,,,,,,,*******,,,,,,,,,,,,
	  ,,,,,,,,,*****,,,,,,,,,.
		 ,,,,,,,****,,,,,,
			.,,,***,,,,
				,*,.



	 _______ __  __          __
	/ ____(_) /_/ /   ____ _/ /_
   / / __/ / __/ /   / __ `/ __ \
  / /_/ / / /_/ /___/ /_/ / /_/ /
  \____/_/\__/_____/\__,_/_.___/


Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
  sudo gitlab-ctl reconfigure

For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md

Help us improve the installation experience, let us know how we did with a 1 minute survey:
https://gitlab.fra1.qualtrics.com/jfe/form/SV_6kVqZANThUQ1bZb?installation=omnibus&release=15-3

3.部署私人倉庫

external_url 'http://192.168.47.137'		//將此處設為gitlab的伺服器ip地址亦或域名
//過載配置檔案並重啟gitlab
[root@localhost ~]# gitlab-ctl reconfigure
[root@localhost ~]# gitlab-ctl restart
ok: run: alertmanager: (pid 6693) 0s
ok: run: gitaly: (pid 6705) 0s
ok: run: gitlab-exporter: (pid 6716) 0s
ok: run: gitlab-kas: (pid 6718) 1s
ok: run: gitlab-workhorse: (pid 6725) 0s
ok: run: logrotate: (pid 6734) 0s
ok: run: nginx: (pid 6744) 1s
ok: run: node-exporter: (pid 6749) 0s
ok: run: postgres-exporter: (pid 6753) 1s
ok: run: postgresql: (pid 6760) 0s
ok: run: prometheus: (pid 6769) 1s
ok: run: puma: (pid 6783) 0s
ok: run: redis: (pid 6788) 0s
ok: run: redis-exporter: (pid 6794) 0s
ok: run: sidekiq: (pid 6805) 0s


//檢視當前的gitlab版本
[root@localhost ~]# head -1 /opt/gitlab/version-manifest.txt 
gitlab-ce 15.3.3

4.破解管理員密碼

[root@localhost ~]# gitlab-rails console -e production
--------------------------------------------------------------------------------
 Ruby:         ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux]
 GitLab:       15.3.3 (c629a47f87f) FOSS
 GitLab Shell: 14.10.0
 PostgreSQL:   13.6
------------------------------------------------------------[ booted in 47.14s ]
Loading production environment (Rails 6.1.6.1)
irb(main):001:0> user = User.where(id:1).first
=> #<User id:1 @root>
irb(main):002:0> user.password = 'carr123!'
=> "carr123!"           //密碼必須至少8個字元
irb(main):003:0> user.password_confirmation = 'carr123!'
=> "carr123!"
irb(main):004:0> user.save!
=> true         //儲存修改，若無問題將返回true
irb(main):005:0> exit

3.gitlab管理流程

在瀏覽器中使用gitlab伺服器的ip訪問，
192.168.47.137

使用者名稱為root 預設管理員為root
密碼為剛剛設定的密碼

4.漢化

使用者旁邊下拉箭頭—preferences—localization—language–選擇簡體中文–儲存更改

5.關閉註冊功能

由於我們gitlab是私有倉庫，一般使用者都是由管理員建立和分派的，所以我們需要關閉註冊
管理員—設定–通用–註冊限制—把已啟用註冊功能的勾去掉–儲存更改

6.專案傳輸管理

建立一個專案

將平臺專案克隆到伺服器本地中

先在平臺中部署金鑰

將本地的公鑰資訊註冊到平臺

[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:5LAsmYb94yyYs6s+9yK23rCY9fdK9GWAfH32EKegAXo root@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
|      ... . . .  |
|     o . + . +   |
|    . E = . =    |
|   o = * . o o   |
|  . * + S o   .  |
|   . + . o       |
| ..o  + .        |
|.*B+.+..         |
|B*B=+++o.        |
+----[SHA256]-----+
[root@localhost ~]# cat .ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsV/SCBM8RPr0fZWzuz8Yb/6ph9zjDu671uCH5hTxvb9jCx2HaqxRB7qjhpjPSpMl11jj2J1bZy764LWfX4mFqNAVxrhFzFj/sY5Cx0Ot5n5Lme0rwG/MlDh5xoEK1hgOkM4HRVqA/I0PC+5gjKSxEYYcp3WPUO6IrhNoEh6qfokxlPy3RnFYdEVGwjV/PLVyK8ZnLas37bS+lDpJxNILCSkENjq8wAQlRy69v37dFieSwYi8PQIbVlknYOA0SnVyFhD4p6E4bQtltQsEC6sci1H74znXu/iaMtPyJ118z3bz2g1G8rTAiEmDxk8MPAsRwy+HLFAwwT48Rs8ogq5tEDCTy/tm7m/Ijjn7OnlWRJ6bmetPxzQnFZPLWNBWlUp47j7pIQRD0uGxQK1wmJWCKiCLU++4O0eUxVjwJ+IdvltOTQeWgpDgzWfCC3vCWShwn2h+b/3NzLYvCs6A1GQcJB6aJP4Z9unQM8y+plJ5c/2bU8IMXurUy5/bD27uZmOE= root@localhost.localdomain

指定克隆

[root@localhost ~]# git clone git@192.168.47.137:gitlab-instance-41b2f8dd/linux.git
Cloning into 'linux'...
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (3/3), done.
[root@localhost ~]# ls
anaconda-ks.cfg  linux
[root@localhost ~]# cd linux/
[root@localhost linux]# ls
README.md


配置郵箱和賬號
[root@localhost linux]# git config --global user.email "root@example.com"
[root@localhost linux]# git config --global user.name "root"

上傳檔案測試

[root@localhost linux]# touch ssh1
[root@localhost linux]# git add ssh1
提交事務
[root@localhost linux]# git commit -m "is file"			“” 代表描述資訊
[main d19dca5] is file
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 ssh1
[root@localhost linux]# git push
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 260 bytes | 260.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
   65d8467..d19dca5  main -> main

web介面新增成功

新增所有分支

[root@localhost linux]# touch hh ll
[root@localhost linux]# ls
hh  ll  README.md  ssh1
[root@localhost linux]# git add .	//代表新增所有檔案
[root@localhost linux]# git commit -m "is file"
[main 5a37f4c] is file
 2 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 hh
 create mode 100644 ll
[root@localhost linux]# git push
Enumerating objects: 3, done.
Counting objects: 100% (3/3), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 262 bytes | 262.00 KiB/s, done.
Total 2 (delta 0), reused 0 (delta 0), pack-reused 0
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
   d19dca5..5a37f4c  main -> main

新增分支

[root@localhost linux]# git branch lty
[root@localhost linux]# git push origin lty
Total 0 (delta 0), reused 0 (delta 0), pack-reused 0
remote: 
remote: To create a merge request for lty, visit:
remote:   http://192.168.47.137/gitlab-instance-41b2f8dd/linux/-/merge_requests/new?merge_request%5Bsource_branch%5D=lty
remote: 
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
 * [new branch]      lty -> lty
[root@localhost linux]# git checkout lty
Switched to branch 'lty'

同步分支內容

[root@localhost linux]# touch pp
[root@localhost linux]# git add pp
[root@localhost linux]# git commit -m "is file"
[lty 491ae4d] is file
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 pp
[root@localhost linux]# git push origin lty
Enumerating objects: 3, done.
Counting objects: 100% (3/3), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 219 bytes | 219.00 KiB/s, done.
Total 2 (delta 1), reused 0 (delta 0), pack-reused 0
remote: 
remote: To create a merge request for lty, visit:
remote:   http://192.168.47.137/gitlab-instance-41b2f8dd/linux/-/merge_requests/new?merge_request%5Bsource_branch%5D=lty
remote: 
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
   5a37f4c..491ae4d  lty -> lty

拉取分支內容 將lty分支的內容拉去到main分支中

[root@localhost linux]# git checkout main
Switched to branch 'main'
Your branch is up to date with 'origin/main'.
[root@localhost linux]# git pull origin lty
warning: Pulling without specifying how to reconcile divergent branches is
discouraged. You can squelch this message by running one of the following
commands sometime before your next pull:

  git config pull.rebase false  # merge (the default strategy)
  git config pull.rebase true   # rebase
  git config pull.ff only       # fast-forward only

You can replace "git config" with "git config --global" to set a default
preference for all repositories. You can also pass --rebase, --no-rebase,
or --ff-only on the command line to override the configured default per
invocation.

From 192.168.47.137:gitlab-instance-41b2f8dd/linux
 * branch            lty        -> FETCH_HEAD
Updating 5a37f4c..491ae4d
Fast-forward
 pp | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 pp
[root@localhost linux]# 
[root@localhost linux]# git push
Total 0 (delta 0), reused 0 (delta 0), pack-reused 0
To 192.168.47.137:gitlab-instance-41b2f8dd/linux.git
   5a37f4c..491ae4d  main -> main