Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / gerrit / 62e7d4172f9617f22f96e02e8d5d8d631974655e / . / README.rst
blob: ce59ae2860f8a0f7862225bfa00c3db8b62f084f [file] [log] [blame]
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]1
OlgaGusarenkocb981942018-07-30 17:26:31 +0300[diff] [blame]2=====
3Usage
4=====
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]5
OlgaGusarenkocb981942018-07-30 17:26:31 +0300[diff] [blame]6Gerrit provides web based code review and repository management for the Git
7version control system.
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]8
9Sample pillars
10==============
11
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]12Simple gerrit service
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]13
14.. code-block:: yaml
15
16 gerrit:
17 server:
18 enabled: true
Ales Komarek7f93ce22016-08-29 23:27:47 +0200[diff] [blame]19 source:
20 engine: http
21 address: https://gerrit-ci.gerritforge.com/job/Gerrit-stable-2.13/20/artifact/buck-out/gen/gerrit.war
22 hash: 2e17064b8742c4622815593ec496c571
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]23
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]24Full service setup
25
26.. code-block:: yaml
27
28 gerrit:
29 server:
Martin Polreich5ec9e542018-07-17 13:54:55 +0200[diff] [blame]30 enabled: true
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]31 canonical_web_url: http://10.10.10.148:8082/
32 email_private_key: ""
33 token_private_key: ""
34 initial_user:
35 full_name: John Doe
36 email: 'mail@jdoe.com'
37 username: jdoe
38 plugin:
39 download-commands:
40 engine: gerrit
41 # replication:
42 # engine: gerrit
43 reviewnotes:
44 engine: gerrit
45 singleusergroup:
46 engine: gerrit
47 ssh_rsa_key: |
48 -----BEGIN RSA PRIVATE KEY-----
49 MIIEowIBAAKCAQEAs0Y8mxS3dfs5zG8Du5vdBkfOCOng1IEUmFZIirJ8oBgJOd54
50 QgmkDFB7oP9eTCgz9k/rix1uJWhhVCMBzrWzH5IODO+tyy/tK66pv2BWtVfTDhBA
51 nShOLDNbSIBaV8E/NcrbnQN+b0alp4N7rQnavkOYl+JQncKjz1csmCodirscB9Oj
52 rdo6NG9olv9IQd/tDQxEeDyQkoW50aCEWcq7o+QaTzgnlrL+XZEzhzjdcvA9m8go
53 ...
54 jvMXms60iD/A5OpG33LWHNNzQBP486SxG75LB+Xs5sp5j2/b7VF5LJLhpGiJv9Mk
55 ydbuy8iuuvali2uF133kAlLqnrWfVTYQQI1OfW5glOv1L6kv94dU
56 -----END RSA PRIVATE KEY-----
57 ssh_rsa_key_pub: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzRjybFLd1+znMbwO7m90GR84I6eDUgRSYVkiKsnygGAk53nhCCaQMUHug/15MKDP2T+uLHW4laGFUIwHOtbMfkg4M763LL+0rrqm/YFa1V9MOEECdKE4sM1tIgFpXwT81ytudA35vRqWng3utCdq+Q5iX4lCdwqPPVyyYKh2KuxwH06Ot2jo0b2iW/0hB3+0NDER4PJCShbnRoIRZyruj5BpPOCeWsv5dkTOHON1y8D2byCgNGdCBIRx7x9Qb4dKK2F01r0/bfBGxELJzBdQ8XO14bQ7VOd3gTxrccTM4tVS7/uc/vtjiq7MKjnHGf/svbw9bTHAXbXcWXtOlRe51
58 email: mail@domain.com
59 auth:
60 engine: HTTP
61 source:
62 engine: http
63 address: https://gerrit-releases.storage.googleapis.com/gerrit-2.12.4.war
64 hash: sha256=45786a920a929c6258de6461bcf03ddec8925577bd485905f102ceb6e5e1e47c
Jakub Josef09765e12018-01-09 13:28:20 +0100[diff] [blame]65 receive_timeout: 5min
66 sshd:
67 threads: 64
68 batch_threads: 16
69 max_connections_per_user: 64
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]70 database:
71 engine: postgresql
72 host: localhost
73 port: 5432
74 name: gerrit
75 user: gerrit
76 password: ${_param:postgresql_gerrit_password}
Jakub Josef09765e12018-01-09 13:28:20 +0100[diff] [blame]77 pool_limit: 250
Sergey Otpuschennikov584698f2018-08-24 18:29:16 +0400[diff] [blame]78 pool_max_idle: 16
79
80
81Gerrit LDAP authentification
82
83.. code-block:: yaml
84
85 gerrit:
86 server:
87 auth:
88 engine: LDAP
89 ldap_server: ldap://ldap.mycompany.net
90 ldap_account_base: dc=company,dc=net
91 ldap_group_base: ou=Groups,dc=company,dc=net
Sergey Otpuschennikov9d8e8cc2018-11-06 14:08:19 +0400[diff] [blame]92 ldap_account_pattern: uid=${username}
93 ldap_group_pattern: (cn=${groupname})
94 ldap_group_query: true
95 ldap_group_member_pattern: (memberUid=${username})
Sergey Otpuschennikov584698f2018-08-24 18:29:16 +0400[diff] [blame]96
Jakub Josef09765e12018-01-09 13:28:20 +0100[diff] [blame]97
98Gerrit change auto abandon
99
100.. code-block:: yaml
101
102 gerrit:
103 server:
104 change_cleanup:
105 abandon_after: 3months
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]106
Ales Komarek2fc39002016-09-14 11:43:56 +0200[diff] [blame]107
108Gerrit client enforcing groups
109
110.. code-block:: yaml
111
112 gerrit:
113 client:
114 group:
115 Admin001:
116 description: admin 01
117 Admin002:
118 description: admin 02
119
120
Ivan Berezovskiydfd5ac52019-05-17 16:04:46 +0400[diff] [blame]121Gerrit client enforcing users, install using pip. If gerrit is configured with LDAP
122it is required to set http_password as ldap user password to properly link ldap entry with gerrit account.
Ales Komarek2fc39002016-09-14 11:43:56 +0200[diff] [blame]123
124.. code-block:: yaml
125
126 gerrit:
127 client:
Filip Pytloun33d84dd2016-12-20 16:13:24 +0100[diff] [blame]128 source:
129 engine: pip
Ales Komarek2fc39002016-09-14 11:43:56 +0200[diff] [blame]130 user:
131 jdoe:
132 fullname: John Doe
133 email: "jdoe@domain.com"
134 ssh_key: ssh-rsa
135 http_password: password
136 groups:
137 - Admin001
138
139
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]140Gerrit client enforcing projects
141
142.. code-block:: yaml
143
144 gerrit:
145 client:
146 enabled: True
Pavel Cizinsky42dba5d2018-12-12 12:01:39 +0100[diff] [blame]147 server:
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]148 host: 10.10.10.148
149 user: newt
150 key: |
151 -----BEGIN RSA PRIVATE KEY-----
152 MIIEowIBAAKCAQEAs0Y8mxS3dfs5zG8Du5vdBkfOCOng1IEUmFZIirJ8oBgJOd54
153 QgmkDFB7oP9eTCgz9k/rix1uJWhhVCMBzrWzH5IODO+tyy/tK66pv2BWtVfTDhBA
154 ...
155 l1UrxQKBgEklBTuEiDRibKGXQBwlAYvK2He09hWpqtpt9/DVel6s4A1bbTWDHyoP
156 jvMXms60iD/A5OpG33LWHNNzQBP486SxG75LB+Xs5sp5j2/b7VF5LJLhpGiJv9Mk
157 ydbuy8iuuvali2uF133kAlLqnrWfVTYQQI1OfW5glOv1L6kv94dU
158 -----END RSA PRIVATE KEY-----
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]159 email: "Project Creator <infra@lists.domain.com>"
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]160 project:
161 test_salt_project:
162 enabled: true
163
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]164Gerrit client enforcing project, full project example
165
166.. code-block:: yaml
167
168 gerrit:
169 client:
170 enabled: True
171 project:
172 test_salt_project:
173 enabled: true
174 access:
Ivan Berezovskiy221add22019-06-24 16:50:17 +0400[diff] [blame]175 "refs/*":
176 - name: read
177 group: Anonymous Users
178 deny: true
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]179 "refs/heads/*":
180 actions:
181 - name: abandon
182 group: openstack-salt-core
183 - name: create
184 group: openstack-salt-release
185 labels:
186 - name: Code-Review
187 group: openstack-salt-core
188 score: -2..+2
189 - name: Workflow
190 group: openstack-salt-core
191 score: -1..+1
192 "refs/tags/*":
193 actions:
194 - name: pushSignedTag
195 group: openstack-salt-release
Dmitry Burmistrov9efdff82018-03-21 15:07:05 +0400[diff] [blame]196 force: true
Alexander Noskov870359d2017-11-02 13:53:15 +0400[diff] [blame]197 inherit_access: All-Projects
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]198 require_change_id: true
199 require_agreement: true
200 merge_content: true
Alexander Noskov338d3c72017-09-19 12:10:32 +0400[diff] [blame]201 action: "fast forward only"
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]202
Ivan Berezovskiy59484c02019-07-09 14:20:26 +0400[diff] [blame]203Gerrit client, project with secured source example
204
205.. code-block:: yaml
206
207 gerrit:
208 client:
209 enabled: True
210 project:
211 test_library:
212 enabled: true
213 description: library
214 upstream_secured: true
215 protocol: https
216 username: foo
217 password: bar
218 address: github.com/repo/library
219 access:
220 "refs/heads/*":
221 actions:
222 - name: abandon
223 group: core-team
224 - name: create
225 group: release-team
226 labels:
227 - name: Code-Review
228 group: core-team
229 score: -2..+2
230 - name: Workflow
231 group: core-team
232 score: -1..+1
233 "refs/tags/*":
234 actions:
235 - name: pushSignedTag
236 group: release-team
237 force: true
238 inherit_access: All-Projects
239 require_change_id: true
240 require_agreement: false
241 merge_content: true
242
Ales Komarek1acb14d2016-09-09 15:14:12 +0200[diff] [blame]243.. code-block:: yaml
244
245 gerrit:
246 client:
247 enabled: True
248 group:
249 groupname:
250 enabled: true
251 members:
252 - username
253 account:
254 username:
255 enabled: true
Ivan Berezovskiy160305f2019-04-03 16:33:16 +0400[diff] [blame]256 full_name: User Name
Ales Komarek1acb14d2016-09-09 15:14:12 +0200[diff] [blame]257 email: mail@newt.cz
258 public_key: rsassh
259 http_password: passwd
260
Jiri Broulik90a79c62018-04-25 20:53:45 +0200[diff] [blame]261Gerrit client proxy
262
263.. code-block:: yaml
264
265 gerrit:
266 client:
267 proxy:
268 http_proxy: http://192.168.10.15:8000
269 https_proxy: http://192.168.10.15:8000
270 no_proxy: 192.168.10.90
Ales Komarek1acb14d2016-09-09 15:14:12 +0200[diff] [blame]271
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]272Sample project access
273
274.. code-block:: yaml
275
276 [access "refs/*"]
277 read = group Administrators
278 read = group Anonymous Users
279 [access "refs/for/refs/*"]
280 push = group Registered Users
281 pushMerge = group Registered Users
282 [access "refs/heads/*"]
283 create = group Administrators
284 create = group Project Owners
285 forgeAuthor = group Registered Users
286 forgeCommitter = group Administrators
287 forgeCommitter = group Project Owners
288 push = group Administrators
289 push = group Project Owners
290 label-Code-Review = -2..+2 group Administrators
291 label-Code-Review = -2..+2 group Project Owners
292 label-Code-Review = -1..+1 group Registered Users
293 label-Verified = -1..+1 group Non-Interactive Users
294 submit = group Administrators
295 submit = group Project Owners
296 editTopicName = +force group Administrators
297 editTopicName = +force group Project Owners
298 [access "refs/meta/config"]
299 exclusiveGroupPermissions = read
300 read = group Administrators
301 read = group Project Owners
302 push = group Administrators
303 push = group Project Owners
304 label-Code-Review = -2..+2 group Administrators
305 label-Code-Review = -2..+2 group Project Owners
306 submit = group Administrators
307 submit = group Project Owners
308 [access "refs/tags/*"]
309 pushTag = group Administrators
310 pushTag = group Project Owners
Dmitry Burmistrov9efdff82018-03-21 15:07:05 +0400[diff] [blame]311 pushSignedTag = +force group Administrators
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]312 pushSignedTag = group Project Owners
313 [label "Code-Review"]
314 function = MaxWithBlock
315 copyMinScore = true
316 value = -2 This shall not be merged
317 value = -1 I would prefer this is not merged as is
318 value = 0 No score
319 value = +1 Looks good to me, but someone else must approve
320 value = +2 Looks good to me, approved
321 [label "Verified"]
322 function = MaxWithBlock
323 copyMinScore = true
324 value = -1 Fails
325 value = 0 No score
326 value = +1 Verified
327
Sergey Otpuschennikov42ba1582018-08-20 15:47:09 +0400[diff] [blame]328Gerrit replication enable
329
330.. code-block:: yaml
331
332 gerrit:
333 server:
334 plugin:
335 replication:
336 engine: gerrit
337 replication:
338 gerrit2.localdomain:
339 remote_url: user@gerrit2.local.domain:/var/lib/gerrit
340 remote_port: 22
341 replication_user: gerrit2
342
343For creating ssh keys use openssh state
344
Sergey Otpuschennikovb3cca132018-10-05 20:24:44 +0400[diff] [blame]345Gerrit hide CI
346
347.. code-block:: yaml
348
349 gerrit:
350 server:
351 hideci:
352 ci_user_name: ci_user
353
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]354Read more
355=========
356
Ales Komarek7f93ce22016-08-29 23:27:47 +0200[diff] [blame]357* https://www.gerritcodereview.com/
Ales Komarekf93ac812016-08-31 19:37:43 +0200[diff] [blame]358* https://gerrit-review.googlesource.com/Documentation/
Ales Komarek7f93ce22016-08-29 23:27:47 +0200[diff] [blame]359* https://github.com/openstack-infra/puppet-gerrit/
360* https://gerrit-ci.gerritforge.com/
Ales Komarek10526762016-09-19 15:21:46 +0200[diff] [blame]361* https://github.com/morucci/exzuul