Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / gerrit / dfd5ac57938a32c929cd48d2a9025841f9e914cc / . / README.rst
blob: 536a4d5aa53e6a29434f4c13c43e16c581f9afc0 [file] [log] [blame]
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]1
OlgaGusarenkocb981942018-07-30 17:26:31 +0300[diff] [blame]2=====
3Usage
4=====
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]5
OlgaGusarenkocb981942018-07-30 17:26:31 +0300[diff] [blame]6Gerrit provides web based code review and repository management for the Git
7version control system.
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]8
9Sample pillars
10==============
11
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]12Simple gerrit service
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]13
14.. code-block:: yaml
15
16 gerrit:
17 server:
18 enabled: true
Ales Komarek7f93ce22016-08-29 23:27:47 +0200[diff] [blame]19 source:
20 engine: http
21 address: https://gerrit-ci.gerritforge.com/job/Gerrit-stable-2.13/20/artifact/buck-out/gen/gerrit.war
22 hash: 2e17064b8742c4622815593ec496c571
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]23
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]24Full service setup
25
26.. code-block:: yaml
27
28 gerrit:
29 server:
Martin Polreich5ec9e542018-07-17 13:54:55 +0200[diff] [blame]30 enabled: true
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]31 canonical_web_url: http://10.10.10.148:8082/
32 email_private_key: ""
33 token_private_key: ""
34 initial_user:
35 full_name: John Doe
36 email: 'mail@jdoe.com'
37 username: jdoe
38 plugin:
39 download-commands:
40 engine: gerrit
41 # replication:
42 # engine: gerrit
43 reviewnotes:
44 engine: gerrit
45 singleusergroup:
46 engine: gerrit
47 ssh_rsa_key: |
48 -----BEGIN RSA PRIVATE KEY-----
49 MIIEowIBAAKCAQEAs0Y8mxS3dfs5zG8Du5vdBkfOCOng1IEUmFZIirJ8oBgJOd54
50 QgmkDFB7oP9eTCgz9k/rix1uJWhhVCMBzrWzH5IODO+tyy/tK66pv2BWtVfTDhBA
51 nShOLDNbSIBaV8E/NcrbnQN+b0alp4N7rQnavkOYl+JQncKjz1csmCodirscB9Oj
52 rdo6NG9olv9IQd/tDQxEeDyQkoW50aCEWcq7o+QaTzgnlrL+XZEzhzjdcvA9m8go
53 ...
54 jvMXms60iD/A5OpG33LWHNNzQBP486SxG75LB+Xs5sp5j2/b7VF5LJLhpGiJv9Mk
55 ydbuy8iuuvali2uF133kAlLqnrWfVTYQQI1OfW5glOv1L6kv94dU
56 -----END RSA PRIVATE KEY-----
57 ssh_rsa_key_pub: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzRjybFLd1+znMbwO7m90GR84I6eDUgRSYVkiKsnygGAk53nhCCaQMUHug/15MKDP2T+uLHW4laGFUIwHOtbMfkg4M763LL+0rrqm/YFa1V9MOEECdKE4sM1tIgFpXwT81ytudA35vRqWng3utCdq+Q5iX4lCdwqPPVyyYKh2KuxwH06Ot2jo0b2iW/0hB3+0NDER4PJCShbnRoIRZyruj5BpPOCeWsv5dkTOHON1y8D2byCgNGdCBIRx7x9Qb4dKK2F01r0/bfBGxELJzBdQ8XO14bQ7VOd3gTxrccTM4tVS7/uc/vtjiq7MKjnHGf/svbw9bTHAXbXcWXtOlRe51
58 email: mail@domain.com
59 auth:
60 engine: HTTP
61 source:
62 engine: http
63 address: https://gerrit-releases.storage.googleapis.com/gerrit-2.12.4.war
64 hash: sha256=45786a920a929c6258de6461bcf03ddec8925577bd485905f102ceb6e5e1e47c
Jakub Josef09765e12018-01-09 13:28:20 +0100[diff] [blame]65 receive_timeout: 5min
66 sshd:
67 threads: 64
68 batch_threads: 16
69 max_connections_per_user: 64
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]70 database:
71 engine: postgresql
72 host: localhost
73 port: 5432
74 name: gerrit
75 user: gerrit
76 password: ${_param:postgresql_gerrit_password}
Jakub Josef09765e12018-01-09 13:28:20 +0100[diff] [blame]77 pool_limit: 250
Sergey Otpuschennikov584698f2018-08-24 18:29:16 +0400[diff] [blame]78 pool_max_idle: 16
79
80
81Gerrit LDAP authentification
82
83.. code-block:: yaml
84
85 gerrit:
86 server:
87 auth:
88 engine: LDAP
89 ldap_server: ldap://ldap.mycompany.net
90 ldap_account_base: dc=company,dc=net
91 ldap_group_base: ou=Groups,dc=company,dc=net
Sergey Otpuschennikov9d8e8cc2018-11-06 14:08:19 +0400[diff] [blame]92 ldap_account_pattern: uid=${username}
93 ldap_group_pattern: (cn=${groupname})
94 ldap_group_query: true
95 ldap_group_member_pattern: (memberUid=${username})
Sergey Otpuschennikov584698f2018-08-24 18:29:16 +0400[diff] [blame]96
Jakub Josef09765e12018-01-09 13:28:20 +0100[diff] [blame]97
98Gerrit change auto abandon
99
100.. code-block:: yaml
101
102 gerrit:
103 server:
104 change_cleanup:
105 abandon_after: 3months
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]106
Ales Komarek2fc39002016-09-14 11:43:56 +0200[diff] [blame]107
108Gerrit client enforcing groups
109
110.. code-block:: yaml
111
112 gerrit:
113 client:
114 group:
115 Admin001:
116 description: admin 01
117 Admin002:
118 description: admin 02
119
120
Ivan Berezovskiydfd5ac52019-05-17 16:04:46 +0400[diff] [blame^]121Gerrit client enforcing users, install using pip. If gerrit is configured with LDAP
122it is required to set http_password as ldap user password to properly link ldap entry with gerrit account.
Ales Komarek2fc39002016-09-14 11:43:56 +0200[diff] [blame]123
124.. code-block:: yaml
125
126 gerrit:
127 client:
Filip Pytloun33d84dd2016-12-20 16:13:24 +0100[diff] [blame]128 source:
129 engine: pip
Ales Komarek2fc39002016-09-14 11:43:56 +0200[diff] [blame]130 user:
131 jdoe:
132 fullname: John Doe
133 email: "jdoe@domain.com"
134 ssh_key: ssh-rsa
135 http_password: password
136 groups:
137 - Admin001
138
139
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]140Gerrit client enforcing projects
141
142.. code-block:: yaml
143
144 gerrit:
145 client:
146 enabled: True
Pavel Cizinsky42dba5d2018-12-12 12:01:39 +0100[diff] [blame]147 server:
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]148 host: 10.10.10.148
149 user: newt
150 key: |
151 -----BEGIN RSA PRIVATE KEY-----
152 MIIEowIBAAKCAQEAs0Y8mxS3dfs5zG8Du5vdBkfOCOng1IEUmFZIirJ8oBgJOd54
153 QgmkDFB7oP9eTCgz9k/rix1uJWhhVCMBzrWzH5IODO+tyy/tK66pv2BWtVfTDhBA
154 ...
155 l1UrxQKBgEklBTuEiDRibKGXQBwlAYvK2He09hWpqtpt9/DVel6s4A1bbTWDHyoP
156 jvMXms60iD/A5OpG33LWHNNzQBP486SxG75LB+Xs5sp5j2/b7VF5LJLhpGiJv9Mk
157 ydbuy8iuuvali2uF133kAlLqnrWfVTYQQI1OfW5glOv1L6kv94dU
158 -----END RSA PRIVATE KEY-----
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]159 email: "Project Creator <infra@lists.domain.com>"
Ales Komarek49a37292016-08-31 16:18:31 +0200[diff] [blame]160 project:
161 test_salt_project:
162 enabled: true
163
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]164Gerrit client enforcing project, full project example
165
166.. code-block:: yaml
167
168 gerrit:
169 client:
170 enabled: True
171 project:
172 test_salt_project:
173 enabled: true
174 access:
175 "refs/heads/*":
176 actions:
177 - name: abandon
178 group: openstack-salt-core
179 - name: create
180 group: openstack-salt-release
181 labels:
182 - name: Code-Review
183 group: openstack-salt-core
184 score: -2..+2
185 - name: Workflow
186 group: openstack-salt-core
187 score: -1..+1
188 "refs/tags/*":
189 actions:
190 - name: pushSignedTag
191 group: openstack-salt-release
Dmitry Burmistrov9efdff82018-03-21 15:07:05 +0400[diff] [blame]192 force: true
Alexander Noskov870359d2017-11-02 13:53:15 +0400[diff] [blame]193 inherit_access: All-Projects
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]194 require_change_id: true
195 require_agreement: true
196 merge_content: true
Alexander Noskov338d3c72017-09-19 12:10:32 +0400[diff] [blame]197 action: "fast forward only"
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]198
Ales Komarek1acb14d2016-09-09 15:14:12 +0200[diff] [blame]199.. code-block:: yaml
200
201 gerrit:
202 client:
203 enabled: True
204 group:
205 groupname:
206 enabled: true
207 members:
208 - username
209 account:
210 username:
211 enabled: true
Ivan Berezovskiy160305f2019-04-03 16:33:16 +0400[diff] [blame]212 full_name: User Name
Ales Komarek1acb14d2016-09-09 15:14:12 +0200[diff] [blame]213 email: mail@newt.cz
214 public_key: rsassh
215 http_password: passwd
216
Jiri Broulik90a79c62018-04-25 20:53:45 +0200[diff] [blame]217Gerrit client proxy
218
219.. code-block:: yaml
220
221 gerrit:
222 client:
223 proxy:
224 http_proxy: http://192.168.10.15:8000
225 https_proxy: http://192.168.10.15:8000
226 no_proxy: 192.168.10.90
Ales Komarek1acb14d2016-09-09 15:14:12 +0200[diff] [blame]227
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]228Sample project access
229
230.. code-block:: yaml
231
232 [access "refs/*"]
233 read = group Administrators
234 read = group Anonymous Users
235 [access "refs/for/refs/*"]
236 push = group Registered Users
237 pushMerge = group Registered Users
238 [access "refs/heads/*"]
239 create = group Administrators
240 create = group Project Owners
241 forgeAuthor = group Registered Users
242 forgeCommitter = group Administrators
243 forgeCommitter = group Project Owners
244 push = group Administrators
245 push = group Project Owners
246 label-Code-Review = -2..+2 group Administrators
247 label-Code-Review = -2..+2 group Project Owners
248 label-Code-Review = -1..+1 group Registered Users
249 label-Verified = -1..+1 group Non-Interactive Users
250 submit = group Administrators
251 submit = group Project Owners
252 editTopicName = +force group Administrators
253 editTopicName = +force group Project Owners
254 [access "refs/meta/config"]
255 exclusiveGroupPermissions = read
256 read = group Administrators
257 read = group Project Owners
258 push = group Administrators
259 push = group Project Owners
260 label-Code-Review = -2..+2 group Administrators
261 label-Code-Review = -2..+2 group Project Owners
262 submit = group Administrators
263 submit = group Project Owners
264 [access "refs/tags/*"]
265 pushTag = group Administrators
266 pushTag = group Project Owners
Dmitry Burmistrov9efdff82018-03-21 15:07:05 +0400[diff] [blame]267 pushSignedTag = +force group Administrators
Ales Komarek50c558e2016-09-05 23:34:43 +0200[diff] [blame]268 pushSignedTag = group Project Owners
269 [label "Code-Review"]
270 function = MaxWithBlock
271 copyMinScore = true
272 value = -2 This shall not be merged
273 value = -1 I would prefer this is not merged as is
274 value = 0 No score
275 value = +1 Looks good to me, but someone else must approve
276 value = +2 Looks good to me, approved
277 [label "Verified"]
278 function = MaxWithBlock
279 copyMinScore = true
280 value = -1 Fails
281 value = 0 No score
282 value = +1 Verified
283
Sergey Otpuschennikov42ba1582018-08-20 15:47:09 +0400[diff] [blame]284Gerrit replication enable
285
286.. code-block:: yaml
287
288 gerrit:
289 server:
290 plugin:
291 replication:
292 engine: gerrit
293 replication:
294 gerrit2.localdomain:
295 remote_url: user@gerrit2.local.domain:/var/lib/gerrit
296 remote_port: 22
297 replication_user: gerrit2
298
299For creating ssh keys use openssh state
300
Sergey Otpuschennikovb3cca132018-10-05 20:24:44 +0400[diff] [blame]301Gerrit hide CI
302
303.. code-block:: yaml
304
305 gerrit:
306 server:
307 hideci:
308 ci_user_name: ci_user
309
Ales Komarek3446a0a2016-03-08 10:21:00 +0100[diff] [blame]310Read more
311=========
312
Ales Komarek7f93ce22016-08-29 23:27:47 +0200[diff] [blame]313* https://www.gerritcodereview.com/
Ales Komarekf93ac812016-08-31 19:37:43 +0200[diff] [blame]314* https://gerrit-review.googlesource.com/Documentation/
Ales Komarek7f93ce22016-08-29 23:27:47 +0200[diff] [blame]315* https://github.com/openstack-infra/puppet-gerrit/
316* https://gerrit-ci.gerritforge.com/
Ales Komarek10526762016-09-19 15:21:46 +0200[diff] [blame]317* https://github.com/morucci/exzuul