GitLab

=this.img
= ("> " + this.desc-short)

Item	References
External Links	= ("[Website](" + this.url + ")"), = ("[Documentation](" + this.docs + ")")
GitLab docs	GL Markdown
Topics	Agile
Related	=(join(this.related, ", "))

Issues, Boards, Project Management

See also GitLab: Agile

• Issues
  • Tasks (type of Work Items)
  • Description templates
  • By sending an email: requires incoming email
  • From URL: pre-filled values
    > [!idea] #idea/cit Could be used to import e-mails (TopDesk calls, customer problems, …) into GitLab as issues

Markdown/HTML

HTML style guide

• open link in new tab (target="_blank") is unsafe, use instead, see GitLab Documentation

  <a href="url" target="_blank" rel="noopener noreferrer"></a>
  

Web Interface

• Quick Actions: text-based shortcuts for common actions
• gitlab-svgs: GitLab icons ^8b2ea8
  • Preview
  • Sprite icons
• GitLab logos

Snippets

GitLab documentation: Snippets

Projects

• Project and group visibility
• Badges

Authentication

Access Tokens

There is a variety of different access tokens available in GitLab: groups, impersonation, projects, … and each can be fine-grained, setting a role, permissions and an expiry date.

For example, to give read access to a project an access token with role Reporter (Guest can be insufficient) and permissions read_repository can be used. Navigate to the project and select Access Tokens from the settings menu.

• Personal
• Project
  > Use a project access token to authenticate:
  >
  > - With the GitLab API.
  > - With Git, when using HTTP Basic Authentication, use:
  > - Any non-blank value as a username.
  > - The project access token as the password.
  >
• Group
• API: personal/project/group tokens

Automation and CI/CD

By default .gitlab-ci.yml

GitLab CI/CD Documentation

• CI/CD YAML syntax reference
• GitLab CI/CD variables | predefined variables
• GitLab CI/CD for external repositories
  apparently it is possible to connect repositories, e.g. from Github, and use GitLab CI/CD
• Git submodules
• Schedule pipelines
• GitLab development with Vagrant
• Migrate from GitHub

Example YAML config

default:
interruptible: true # new pipeline may cancel running one (default false)
  image: ubuntu:latest # Docker image
  # or
  image: # docker image
    name: python:3
    pull_policy: if-not-present # default is "always", has to be enabled in runner config
variables:
  GIT_SUBMODULE_FORCE_HTTPS: "true"  # force (SSH) URLs to HTTPS
  GIT_SUBMODULE_STRATEGY: recursive  # init/update/pull SMs recursively

References

• To Be Continuous: GitLab CI templates
  > to be continuous proposes a set of GitLab CI templates developed and maintained by DevOps and technology experts to build state-of-the-art CI/CD pipelines in minutes.

Stages

• pages: special and activated for projects where GitLab Pages feature is enabled. After build stage artifacts (default public/) are deployed to configured destination

Script

Custom commands to be executed in script section

• before_script: run before every command in script section. Per stage or globally defined.

Artifacts

Projects settings

• maximum artifact size
• expiration and keeping artifacts of last successful pipeline

If deleting artifacts through the webinterface doesn’t reduce the storage consumption, you can use an API call to delete project artifacts¹²

curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/<project id>/artifacts"

Docker

Configure runner in runner config.toml (see explanations below)

[runners.docker]
image = "<image name>"
pull_policy = "if-not-present" # prioritise local images

Register runner with a config template (directory with this file has to be mounted as Docker volume)

gitlab-runner register --template-config=<config.toml>

• Docker images
  • Access image from private Container Registry
  • Docker image pull policies
• Triggers and connecting pipelines (e.g. from another project’s pipeline)
  • GitLab documentation: Triggers
  • GitLab documentation: Pipeline Triggers
  • GitLab documentation: Downstream pipelines: multi-project pipelines, parent-child pipelines

To test a pipeline job from a .gitlab-ci.yaml file

gitlab-runner exec docker <job name> \
    --docker-image=<image name>:<image tag>
    --docker-pull-policy=never \ # for local images

Webhooks

There’s a number of events to chose from as webhooks, for example Wiki page events, that can be used e.g. to trigger a pipeline (in a different project). The GitLab webinterface discourages the use of Webhooks, suggesting Integrations instead.

• Wiki page events: ⚠ only triggers when changes are done through the GitLab Wiki webinterface, not when pushing changes to the GitLab Wiki repository.

Auto DevOps

https://docs.gitlab.com/ee/topics/autodevops/index.md

Server

• Install GitLab
  Debian package didn’t work for me, but their GitLab installation script did,
  curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh | sudo bash
• Configuring Omnibus GitLab
• Security
• Database: only PostgreSQL

Console

Fixing requirement of both MFA and password some users experience

## gitlab-rails console
user = User.find_by(email: 'a.b.lastname@student.rug.nl')
user.password_automatically_set = true
user.save

LDAP

See also LWP: GitLab > LDAP

https://docs.gitlab.com/ee/administration/auth/ldap/index.html

Rake tasks

https://docs.gitlab.com/ee/raketasks/

• LDAP

  sudo gitlab-rake gitlab:ldap:check # test bind_dn and pw, print 100 users as sample
  sudo gitlab-rake gitlab:ldap:check[5] # print only 5 users
  

• reset password: Rake Task, Rails console
• Server Hooks @GitLab Documentation
• Repository Storage Types > Translate Hashed Storage Paths
  1. with admin rights: go to Admin Area > project > Gitaly relative path
  2. …

Enterprise Edition (EE)

Convert Community Edition to Enterprise Edition
Trial License
Activate

Rails Console

Documentation

• look up user info

  ```ruby
  u = User.find_by_username(‘someuser’)
  pp u.attributes

  send test email to user

  Notify.test_email(u.email, “Test email for #{u.name}”, ‘Test email’).deliver_now

```

• 2FA, MFA
  

  User.find_each(&:disable_two_factor!) # disable for all users (reset if enforced by admin settings)
  User.where(username: "username_goes_here").each(&:disable_two_factor!) # disable for certain user
  

• (Re-)Set password ^1b2997

  new_password = 'examplepassword'
  user.password = new_password
  user.password_confirmation = new_password
  user.send_only_admin_changed_your_password_notification!
  user.save!
  # root: usually UID 1, else search for root
  

Or use a Rails Runner to execute commands non-interactively

sudo gitlab-rails runner "RAILS_COMMAND"

Rake Tasks

Reset user password ^8cee12

sudo gitlab-rake "gitlab:password:reset[sidneyjones]"

Elasticsearch (EE)

https://docs.gitlab.com/ee/integration/advanced_search/elasticsearch.html

Service Desk

https://docs.gitlab.com/ee/user/project/service_desk/index.html

Wiki

GitLab Documentation: Wiki

• GitLab group wikis (Premium)
• Automatically create TOC: [[_TOC_]]
  • does nest
  • currently not possible to hide/exclude something from the TOC
• Link an external Wiki

GitLab Pages

Examples and References

• GL Website: Pages
• GL Documentation: Pages
• Getting Started
• static site generators: Gatsby, Jekyll, Hugo, Middleman, Harp, Hexo, or Brunch
  • MkDocs: my notes
• Examples
  • Sphinx: example documentation website | GitLab
  • Obsidian
• https://gitlab.gnome.org/Infrastructure/gtk-web
• Artifact size: if the artifact is too large to be deployed there are two settings. First the maximum artifact size can be set per instance, group and project in the admin settings. Second the maximum size for a page can be set in the admin settings under Preferences > Pages

References

---

1. https://stackoverflow.com/a/73820571 (2024-03-08) ↩

2. https://benlobaugh.medium.com/how-to-clean-up-gitlab-artifacts-c7ce34c70213 (2024-03-08) ↩