blob: a4c93d5f78e19e627639029f3496447115646948 [file] [log] [blame]
Ales Komarek3446a0a2016-03-08 10:21:00 +01001
OlgaGusarenkocb981942018-07-30 17:26:31 +03002=====
3Usage
4=====
Ales Komarek3446a0a2016-03-08 10:21:00 +01005
OlgaGusarenkocb981942018-07-30 17:26:31 +03006Gerrit provides web based code review and repository management for the Git
7version control system.
Ales Komarek3446a0a2016-03-08 10:21:00 +01008
9Sample pillars
10==============
11
Ales Komarek49a37292016-08-31 16:18:31 +020012Simple gerrit service
Ales Komarek3446a0a2016-03-08 10:21:00 +010013
14.. code-block:: yaml
15
16 gerrit:
17 server:
18 enabled: true
Ales Komarek7f93ce22016-08-29 23:27:47 +020019 source:
20 engine: http
21 address: https://gerrit-ci.gerritforge.com/job/Gerrit-stable-2.13/20/artifact/buck-out/gen/gerrit.war
22 hash: 2e17064b8742c4622815593ec496c571
Ales Komarek3446a0a2016-03-08 10:21:00 +010023
Ales Komarek49a37292016-08-31 16:18:31 +020024Full service setup
25
26.. code-block:: yaml
27
28 gerrit:
29 server:
Martin Polreich5ec9e542018-07-17 13:54:55 +020030 enabled: true
Ales Komarek49a37292016-08-31 16:18:31 +020031 canonical_web_url: http://10.10.10.148:8082/
32 email_private_key: ""
33 token_private_key: ""
34 initial_user:
35 full_name: John Doe
36 email: 'mail@jdoe.com'
37 username: jdoe
38 plugin:
39 download-commands:
40 engine: gerrit
41 # replication:
42 # engine: gerrit
43 reviewnotes:
44 engine: gerrit
45 singleusergroup:
46 engine: gerrit
47 ssh_rsa_key: |
48 -----BEGIN RSA PRIVATE KEY-----
49 MIIEowIBAAKCAQEAs0Y8mxS3dfs5zG8Du5vdBkfOCOng1IEUmFZIirJ8oBgJOd54
50 QgmkDFB7oP9eTCgz9k/rix1uJWhhVCMBzrWzH5IODO+tyy/tK66pv2BWtVfTDhBA
51 nShOLDNbSIBaV8E/NcrbnQN+b0alp4N7rQnavkOYl+JQncKjz1csmCodirscB9Oj
52 rdo6NG9olv9IQd/tDQxEeDyQkoW50aCEWcq7o+QaTzgnlrL+XZEzhzjdcvA9m8go
53 ...
54 jvMXms60iD/A5OpG33LWHNNzQBP486SxG75LB+Xs5sp5j2/b7VF5LJLhpGiJv9Mk
55 ydbuy8iuuvali2uF133kAlLqnrWfVTYQQI1OfW5glOv1L6kv94dU
56 -----END RSA PRIVATE KEY-----
57 ssh_rsa_key_pub: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzRjybFLd1+znMbwO7m90GR84I6eDUgRSYVkiKsnygGAk53nhCCaQMUHug/15MKDP2T+uLHW4laGFUIwHOtbMfkg4M763LL+0rrqm/YFa1V9MOEECdKE4sM1tIgFpXwT81ytudA35vRqWng3utCdq+Q5iX4lCdwqPPVyyYKh2KuxwH06Ot2jo0b2iW/0hB3+0NDER4PJCShbnRoIRZyruj5BpPOCeWsv5dkTOHON1y8D2byCgNGdCBIRx7x9Qb4dKK2F01r0/bfBGxELJzBdQ8XO14bQ7VOd3gTxrccTM4tVS7/uc/vtjiq7MKjnHGf/svbw9bTHAXbXcWXtOlRe51
58 email: mail@domain.com
59 auth:
60 engine: HTTP
61 source:
62 engine: http
63 address: https://gerrit-releases.storage.googleapis.com/gerrit-2.12.4.war
64 hash: sha256=45786a920a929c6258de6461bcf03ddec8925577bd485905f102ceb6e5e1e47c
Jakub Josef09765e12018-01-09 13:28:20 +010065 receive_timeout: 5min
66 sshd:
67 threads: 64
68 batch_threads: 16
69 max_connections_per_user: 64
Ales Komarek49a37292016-08-31 16:18:31 +020070 database:
71 engine: postgresql
72 host: localhost
73 port: 5432
74 name: gerrit
75 user: gerrit
76 password: ${_param:postgresql_gerrit_password}
Jakub Josef09765e12018-01-09 13:28:20 +010077 pool_limit: 250
Sergey Otpuschennikov584698f2018-08-24 18:29:16 +040078 pool_max_idle: 16
79
80
81Gerrit LDAP authentification
82
83.. code-block:: yaml
84
85 gerrit:
86 server:
87 auth:
88 engine: LDAP
89 ldap_server: ldap://ldap.mycompany.net
90 ldap_account_base: dc=company,dc=net
91 ldap_group_base: ou=Groups,dc=company,dc=net
Sergey Otpuschennikov9d8e8cc2018-11-06 14:08:19 +040092 ldap_account_pattern: uid=${username}
93 ldap_group_pattern: (cn=${groupname})
94 ldap_group_query: true
95 ldap_group_member_pattern: (memberUid=${username})
Sergey Otpuschennikov584698f2018-08-24 18:29:16 +040096
Jakub Josef09765e12018-01-09 13:28:20 +010097
98Gerrit change auto abandon
99
100.. code-block:: yaml
101
102 gerrit:
103 server:
104 change_cleanup:
105 abandon_after: 3months
Ales Komarek49a37292016-08-31 16:18:31 +0200106
Ales Komarek2fc39002016-09-14 11:43:56 +0200107
108Gerrit client enforcing groups
109
110.. code-block:: yaml
111
112 gerrit:
113 client:
114 group:
115 Admin001:
116 description: admin 01
117 Admin002:
118 description: admin 02
119
120
Filip Pytloun33d84dd2016-12-20 16:13:24 +0100121Gerrit client enforcing users, install using pip
Ales Komarek2fc39002016-09-14 11:43:56 +0200122
123.. code-block:: yaml
124
125 gerrit:
126 client:
Filip Pytloun33d84dd2016-12-20 16:13:24 +0100127 source:
128 engine: pip
Ales Komarek2fc39002016-09-14 11:43:56 +0200129 user:
130 jdoe:
131 fullname: John Doe
132 email: "jdoe@domain.com"
133 ssh_key: ssh-rsa
134 http_password: password
135 groups:
136 - Admin001
137
138
Ales Komarek49a37292016-08-31 16:18:31 +0200139Gerrit client enforcing projects
140
141.. code-block:: yaml
142
143 gerrit:
144 client:
145 enabled: True
Pavel Cizinsky42dba5d2018-12-12 12:01:39 +0100146 server:
Ales Komarek49a37292016-08-31 16:18:31 +0200147 host: 10.10.10.148
148 user: newt
149 key: |
150 -----BEGIN RSA PRIVATE KEY-----
151 MIIEowIBAAKCAQEAs0Y8mxS3dfs5zG8Du5vdBkfOCOng1IEUmFZIirJ8oBgJOd54
152 QgmkDFB7oP9eTCgz9k/rix1uJWhhVCMBzrWzH5IODO+tyy/tK66pv2BWtVfTDhBA
153 ...
154 l1UrxQKBgEklBTuEiDRibKGXQBwlAYvK2He09hWpqtpt9/DVel6s4A1bbTWDHyoP
155 jvMXms60iD/A5OpG33LWHNNzQBP486SxG75LB+Xs5sp5j2/b7VF5LJLhpGiJv9Mk
156 ydbuy8iuuvali2uF133kAlLqnrWfVTYQQI1OfW5glOv1L6kv94dU
157 -----END RSA PRIVATE KEY-----
Ales Komarek50c558e2016-09-05 23:34:43 +0200158 email: "Project Creator <infra@lists.domain.com>"
Ales Komarek49a37292016-08-31 16:18:31 +0200159 project:
160 test_salt_project:
161 enabled: true
162
Ales Komarek50c558e2016-09-05 23:34:43 +0200163Gerrit client enforcing project, full project example
164
165.. code-block:: yaml
166
167 gerrit:
168 client:
169 enabled: True
170 project:
171 test_salt_project:
172 enabled: true
173 access:
174 "refs/heads/*":
175 actions:
176 - name: abandon
177 group: openstack-salt-core
178 - name: create
179 group: openstack-salt-release
180 labels:
181 - name: Code-Review
182 group: openstack-salt-core
183 score: -2..+2
184 - name: Workflow
185 group: openstack-salt-core
186 score: -1..+1
187 "refs/tags/*":
188 actions:
189 - name: pushSignedTag
190 group: openstack-salt-release
Dmitry Burmistrov9efdff82018-03-21 15:07:05 +0400191 force: true
Alexander Noskov870359d2017-11-02 13:53:15 +0400192 inherit_access: All-Projects
Ales Komarek50c558e2016-09-05 23:34:43 +0200193 require_change_id: true
194 require_agreement: true
195 merge_content: true
Alexander Noskov338d3c72017-09-19 12:10:32 +0400196 action: "fast forward only"
Ales Komarek50c558e2016-09-05 23:34:43 +0200197
Ales Komarek1acb14d2016-09-09 15:14:12 +0200198.. code-block:: yaml
199
200 gerrit:
201 client:
202 enabled: True
203 group:
204 groupname:
205 enabled: true
206 members:
207 - username
208 account:
209 username:
210 enabled: true
Ivan Berezovskiy160305f2019-04-03 16:33:16 +0400211 full_name: User Name
Ales Komarek1acb14d2016-09-09 15:14:12 +0200212 email: mail@newt.cz
213 public_key: rsassh
214 http_password: passwd
215
Jiri Broulik90a79c62018-04-25 20:53:45 +0200216Gerrit client proxy
217
218.. code-block:: yaml
219
220 gerrit:
221 client:
222 proxy:
223 http_proxy: http://192.168.10.15:8000
224 https_proxy: http://192.168.10.15:8000
225 no_proxy: 192.168.10.90
Ales Komarek1acb14d2016-09-09 15:14:12 +0200226
Ales Komarek50c558e2016-09-05 23:34:43 +0200227Sample project access
228
229.. code-block:: yaml
230
231 [access "refs/*"]
232 read = group Administrators
233 read = group Anonymous Users
234 [access "refs/for/refs/*"]
235 push = group Registered Users
236 pushMerge = group Registered Users
237 [access "refs/heads/*"]
238 create = group Administrators
239 create = group Project Owners
240 forgeAuthor = group Registered Users
241 forgeCommitter = group Administrators
242 forgeCommitter = group Project Owners
243 push = group Administrators
244 push = group Project Owners
245 label-Code-Review = -2..+2 group Administrators
246 label-Code-Review = -2..+2 group Project Owners
247 label-Code-Review = -1..+1 group Registered Users
248 label-Verified = -1..+1 group Non-Interactive Users
249 submit = group Administrators
250 submit = group Project Owners
251 editTopicName = +force group Administrators
252 editTopicName = +force group Project Owners
253 [access "refs/meta/config"]
254 exclusiveGroupPermissions = read
255 read = group Administrators
256 read = group Project Owners
257 push = group Administrators
258 push = group Project Owners
259 label-Code-Review = -2..+2 group Administrators
260 label-Code-Review = -2..+2 group Project Owners
261 submit = group Administrators
262 submit = group Project Owners
263 [access "refs/tags/*"]
264 pushTag = group Administrators
265 pushTag = group Project Owners
Dmitry Burmistrov9efdff82018-03-21 15:07:05 +0400266 pushSignedTag = +force group Administrators
Ales Komarek50c558e2016-09-05 23:34:43 +0200267 pushSignedTag = group Project Owners
268 [label "Code-Review"]
269 function = MaxWithBlock
270 copyMinScore = true
271 value = -2 This shall not be merged
272 value = -1 I would prefer this is not merged as is
273 value = 0 No score
274 value = +1 Looks good to me, but someone else must approve
275 value = +2 Looks good to me, approved
276 [label "Verified"]
277 function = MaxWithBlock
278 copyMinScore = true
279 value = -1 Fails
280 value = 0 No score
281 value = +1 Verified
282
Sergey Otpuschennikov42ba1582018-08-20 15:47:09 +0400283Gerrit replication enable
284
285.. code-block:: yaml
286
287 gerrit:
288 server:
289 plugin:
290 replication:
291 engine: gerrit
292 replication:
293 gerrit2.localdomain:
294 remote_url: user@gerrit2.local.domain:/var/lib/gerrit
295 remote_port: 22
296 replication_user: gerrit2
297
298For creating ssh keys use openssh state
299
Sergey Otpuschennikovb3cca132018-10-05 20:24:44 +0400300Gerrit hide CI
301
302.. code-block:: yaml
303
304 gerrit:
305 server:
306 hideci:
307 ci_user_name: ci_user
308
Ales Komarek3446a0a2016-03-08 10:21:00 +0100309Read more
310=========
311
Ales Komarek7f93ce22016-08-29 23:27:47 +0200312* https://www.gerritcodereview.com/
Ales Komarekf93ac812016-08-31 19:37:43 +0200313* https://gerrit-review.googlesource.com/Documentation/
Ales Komarek7f93ce22016-08-29 23:27:47 +0200314* https://github.com/openstack-infra/puppet-gerrit/
315* https://gerrit-ci.gerritforge.com/
Ales Komarek10526762016-09-19 15:21:46 +0200316* https://github.com/morucci/exzuul