Demo:https://gerrit-demo.123u.com/
創(chuàng)新互聯(lián)成立與2013年,是專業(yè)互聯(lián)網(wǎng)技術(shù)服務(wù)公司,擁有項目成都網(wǎng)站建設(shè)、成都做網(wǎng)站網(wǎng)站策劃,項目實施與項目整合能力。我們以讓每一個夢想脫穎而出為使命,1280元萬寧做網(wǎng)站,已為上家服務(wù),為萬寧各地企業(yè)和個人服務(wù),聯(lián)系電話:13518219792
開源地址:https://github.com/GerritCodeReview/gerrit
Gerrit,一種開放源代碼的代碼審查軟件,提供 Code Review和 Git 倉庫的兩大功能,但實際上很多項目用的是其他的Git倉庫,例如GitLab和GitHub。同一個團(tuán)隊的程序員,可以通過web頁面相互審閱彼此修改后的代碼,決定是否能夠提交,退回或是繼續(xù)修改。它使用版本控制系統(tǒng)Git作為底層。
理論上Git雖然是一個分布式版本管理系統(tǒng),不需要中心代碼庫就能相互同步數(shù)據(jù)。而在實際的操作過程中,為了方便一個團(tuán)隊的多名開發(fā)人員通常需要指定一個確定的代碼庫用于提交和相互同步代碼。所以我們開發(fā)團(tuán)隊代碼管理一般使用如下結(jié)構(gòu):
在引入Gerrit代碼審核機(jī)制后,我們的代碼提交和同步的方式發(fā)生了變化:
首先貢獻(xiàn)者的代碼通過 git 命令(或 repo 封裝)推送到 Gerrit 管理下的 Git 版本庫,推送的提交轉(zhuǎn)化為一個一個的代碼審核任務(wù),審核任務(wù)可以通過 refs/changes/
高可用部署文檔:https://gerrit.googlesource.com/plugins/multi-master/+/master/src/main/resources/Documentation/config.md
# Git Nginx Java 安裝
yum install -y java-1.8.0-openjdk git nginx
java -version
systemctl start nginx && systemctl enable nginx
# 下載
wget https://gerrit-releases.storage.googleapis.com/gerrit-3.6.0.war
# 啟動
export GERRIT_SITE=~/gerrit_testsite
java -jar gerrit-3.6.0.war init -d /data/gerrit
~/gerrit_testsite/etc/gerrit.config 配置內(nèi)容
[gerrit]
basePath = git
canonicalWebUrl = https://gerrit.com/
serverId = 5916d32e-428a-40de-8608-cf11d8
[container]
javaOptions = "-Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance"
javaOptions = "-Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance"
user = root
javaHome = /usr/lib/jvm/java-11-openjdk-11.0.14.1.1-1.el7_9.x86_64
[index]
type = lucene
[auth]
type = ldap
[receive]
enableSignedPush = false
[sshd]
listenAddress = *:
[httpd]
listenUrl = proxy-https://gerrit.com/
[cache]
directory = cache
[ldap]
server = LDAP://10.0.150.191/
username = cn=rootu
password = ""
accountBase = OU=users
groupBase = OU=users
[sendemail]
enable = true
smtpServer = smtp.feishu.cn
smtpServerPort = 465
smtpEncryption = SSL
sslVerify = true
smtpUser = gerrit@qq.com
smtpPass = ldah6eDfJrVpeafK
from = gerrit@qq.com
Nginx 配置文件:/etc/nginx/conf.d/gerrit.conf
upstream proxy_pool_gerrit {
server 10.241.0.1:8080 weight=10;
keepalive 512;
}
server {
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/1_123u.com_bundle.crt;
ssl_certificate_key /etc/nginx/ssl/2_123u.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server_name gerrit.com;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/gerrit.access.log main;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://proxy_pool_gerrit;
}
}
server {
listen 80;
server_name gerrit.com;
access_log /var/log/nginx/gerrit.access.log main;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://10.241.0.1:8080;
}
}
啟動
gerrit_testsite]# ./bin/gerrit.sh restart
Repository name,倉名,必填,可以包含/
字符、英文大小寫、數(shù)字;
Rights inherit from,權(quán)限集成自,選填,指定已有倉名,默認(rèn)是All-Projects
;
Owner,選填,指定項目所有者,指定的所有者即便不是管理員也有Review+2等權(quán)限;
Create initial empty commit,用于指定是否創(chuàng)建一個空提交,默認(rèn)為True;
Only serve as parent for other repositories,用于指定當(dāng)前倉僅作為Parent倉,默認(rèn)為False
[root@test-lwj-150-64 gerrit_testsite]# cd git/
[root@test-lwj-150-64 git]# pwd
/root/gerrit_testsite/git
[root@test-lwj-150-64 git]# rm -rf bubble.git/
[root@test-lwj-150-64 git]# git clone --bare git@git.intra.123u.com:sa/bubble.git
Cloning into bare repository 'bubble.git'...
remote: Counting objects: 63, done.
remote: Compressing objects: 100% (54/54), done.
remote: Total 63 (delta 14), reused 0 (delta 0)
Receiving objects: 100% (63/63), 436.15 KiB | 3.83 MiB/s, done.
Resolving deltas: 100% (14/14), done.
[root@test-lwj-150-64 git]# ls
All-Projects.git All-Users.git bubble.git test_repo.git
[root@test-lwj-150-64 git]# ll bubble.git/
total 20
-rw-r--r-- 1 root root 23 May 31 15:06 HEAD
drwxr-xr-x 2 root root 6 May 31 15:06 branches
-rw-r--r-- 1 root root 128 May 31 15:06 config
-rw-r--r-- 1 root root 73 May 31 15:06 description
drwxr-xr-x 2 root root 4096 May 31 15:06 hooks
drwxr-xr-x 2 root root 21 May 31 15:06 info
drwxr-xr-x 4 root root 30 May 31 15:06 objects
-rw-r--r-- 1 root root 365 May 31 15:06 packed-refs
drwxr-xr-x 4 root root 31 May 31 15:06 refs
# 在gerrit_testsite/etc/replication.config配置添加如下內(nèi)容;
[remote "bubble"]
projects = bubble
url = git@git.com:sa/bubble.git
push = +refs/heads/*:refs/heads/*
push = +refs/tags/*:refs/tags/*
push = +refs/changes/*:refs/changes/*
threads = 3
[root@test-lwj-150-64 gerrit_testsite]# ./bin/gerrit.sh restart
Stopping Gerrit Code Review: OK
Starting Gerrit Code Review: OK
本地Git用戶配置要和Gerrit用戶信息一致,使用域賬號登入即可
本地公鑰已添加到Gerrit用戶配置中
本地Git版本不能太低,否則會出現(xiàn)未知的錯誤
注:在初次克隆代碼時需要從服務(wù)器下載hook腳本用于每次審查自動生成change-id。
[dev@test-lwj-150-64 ~]$ git clone "ssh://test@gerrit-demo.123u.com:/bubble" && scp -p -P test@gerrit-demo.123u.com:hooks/commit-msg "bubble/.git/hooks/"
Cloning into 'bubble'...
remote: Counting objects: 63, done
remote: Finding sources: 100% (63/63)
remote: Total 63 (delta 14), reused 63 (delta 14)
Receiving objects: 100% (63/63), 436.16 KiB | 3.16 MiB/s, done.
Resolving deltas: 100% (14/14), done.
commit-msg 100% 1790 666.8KB/s 00:00
[dev@test-lwj-150-64 ~]$ ls
bubble test_repo
[dev@test-lwj-150-64 ~]$ ls bubble/
conf dao go.mod main.go README.md setting templates
controller example.png go.sum models routers static testlog.txt
[dev@test-lwj-150-64 ~]$
[dev@test-lwj-150-64 bubble]$ echo "" >> testlog.txt
[dev@test-lwj-150-64 bubble]$ git add .
[dev@test-lwj-150-64 bubble]$ git commit -m "update tesetlog 1.0.0"
# 如果沒有develop分支,則會自動創(chuàng)建
[gerrit@test-lwj-150-64 bubble]$ git push origin HEAD:refs/for/develop
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Delta compression using up to 4 threads
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 309 bytes | 309.00 KiB/s, done.
Total 3 (delta 1), reused 0 (delta 0), pack-reused 0
remote: Resolving deltas: 100% (1/1)
remote: Processing changes: refs: 1, new: 1, done
remote:
remote: SUCCESS
remote:
remote: http://10.0.150.64:8080/c/bubble/+/103 update tesetlog 1.0.0 [NEW]
remote:
To ssh://gerrit.com:/bubble
* [new reference] HEAD -> refs/for/develop
默認(rèn)只有Project Owners和Administrator群組用戶擁有“Code-Review”選項+2的權(quán)限(提交通過)
普通用戶的“Code-Review”選項只能選擇+1(審核建議)
多人評審后當(dāng)總分>=2時,表示審核通過,進(jìn)入下一步的代碼驗證流程;否則需要提交者返工修改。
這里使用藍(lán)盾Devops平臺作為CICD流程示例,配置了代碼庫進(jìn)行監(jiān)聽并自動觸發(fā)CI任務(wù)。
由Gerrit code 代碼審核過之后,通過merge request之后會自動同步到Gitlab倉庫, 同時會自動觸發(fā)構(gòu)建任務(wù)
參考: