Gitlab/GitHub: Difference between revisions

From QEMU
 
(One intermediate revision by the same user not shown)
Line 6: Line 6:
There is a user qemu-deploy on qemu.org for CI/CD jobs that need to deploy to the qemu.org web root.  The private key is stored into a file variable SSH_PRIVATE_KEY_FILE of the [https://gitlab.com/qemu-project/qemu qemu] and [https://gitlab.com/qemu-project/qemu-web qemu-web] GitLab repositories.  If you need it for any reason (you shouldn't), please ask the [[AdminContacts|owners for the GitLab organization]].
There is a user qemu-deploy on qemu.org for CI/CD jobs that need to deploy to the qemu.org web root.  The private key is stored into a file variable SSH_PRIVATE_KEY_FILE of the [https://gitlab.com/qemu-project/qemu qemu] and [https://gitlab.com/qemu-project/qemu-web qemu-web] GitLab repositories.  If you need it for any reason (you shouldn't), please ask the [[AdminContacts|owners for the GitLab organization]].


If you need to use the key, also please coordinate with qemu.org owners to have a "temporary" private key added to ~qemu-deploy/.ssh/authorized_keys first.  Only switch to the existing private key when everything works.  This ensures for example that the private key is not leaked into job logs!
If you need to use the key, also please coordinate with qemu.org owners to have a "temporary" private key added to <tt>~qemu-deploy/.ssh/authorized_keys</tt> first (note: the .ssh/authorized_keys file is made immutable with <tt>chattr +i</tt>).  Only switch to the existing private key when everything works.  This ensures for example that the private key is not leaked into job logs!


=== Creating a new repository ===
=== Creating a new repository ===

Latest revision as of 17:57, 19 January 2021

Gitlab project

gitlab project

Deploying from Gitlab CI/CD to qemu.org

There is a user qemu-deploy on qemu.org for CI/CD jobs that need to deploy to the qemu.org web root. The private key is stored into a file variable SSH_PRIVATE_KEY_FILE of the qemu and qemu-web GitLab repositories. If you need it for any reason (you shouldn't), please ask the owners for the GitLab organization.

If you need to use the key, also please coordinate with qemu.org owners to have a "temporary" private key added to ~qemu-deploy/.ssh/authorized_keys first (note: the .ssh/authorized_keys file is made immutable with chattr +i). Only switch to the existing private key when everything works. This ensures for example that the private key is not leaked into job logs!

Creating a new repository

To setup a mirror from an upstream repository to Gitlab:

  1. Create the new repository on https://gitlab.com/qemu-project
  2. Click Settings->Repository
  3. Expand "Mirroring repositories"
  4. When creating the Pull mirroring rule, choose "Keep divergent refs"

To mirror the repository to GitHub, you will need admin access on Gitlab and GitHub.

  1. Create the new repository on https://github.com/qemu
  2. Do not close GitHub, open the source repo https://gitlab.com/qemu-project/projectname
  3. Click Setting->Repository
  4. Expand "Mirroring repositories"
  5. Set "Git repository URL" to ssh://git@github.com/qemu/projectname.git
  6. Set "Mirror direction" to Push
  7. Click "Detect host keys"
  8. Set "Authentication method" to "SSH public key"
  9. Click "Mirror repository"
  10. Click the suitcase icon ("Copy SSH public key")
  11. Go back to GitHub, do not close Gitlab
    1. Click Settings (on the top bar with Code, Issues, etc.)
    2. Click Deploy keys (on the left column)
    3. Click "Add deploy key"
    4. Type whatever you want for Title ("gitlab mirroring"), paste into key
    5. Click "Allow write access"
    6. Click "Add key"
  12. On Gitlab click the retry icon

To mirror the GitLab repository from qemu.org, you will need root access on qemu.org:

REPONAME=repo.git
cd /srv/git
git init --bare $REPONAME
mv hooks/post-update.sample hooks/post-update
git remote add --mirror=fetch gitlab https://gitlab.com/qemu-project/$REPONAME
git config remote.gitlab.mirror true
echo $REPONAME >> ~gituser/repos

GitHub project

github organization