Hide last authors
| author | version | line-number | content |
|---|---|---|---|
 |
1.1 | 1 | {{toc/}} |
| 2 | |||
| 3 | [[image:url:https://about.gitlab.com/images/press/logo/png/gitlab-icon-rgb.png||data-xwiki-image-style-alignment="end" height="250"]] | ||
| 4 | |||
| 5 | = General = | ||
| 6 | |||
| 7 | DevOps-as-a-Service provides GitLab as an optional part of the toolchain. It covers the following built-in DevOps features according to the Service Description: | ||
| 8 | |||
| 9 | (% style="list-style-type:square" %) | ||
| 10 | * Source Code Management | ||
| 11 | * Continuous Integration / Delivery | ||
| 12 | |||
| 13 | Because the built-in registry feature is not enabled at the moment, GitLab doesn't cover the functions (% style="letter-spacing:0.0px" %)Artifact Repository / Docker Registry. For this, [[Harbor>>doc:Harbor.WebHome]] has to be used. | ||
| 14 | |||
| 15 | (% style="letter-spacing:0.0px" %)GitLab contains lightweight Issue tracking and Wiki functions. Because these functions are not an appropriate replacement for full-featured issue tracking and wiki systems like Jira, YouTrack, Confluence or XWiki, they are deactivated by default. | ||
| 16 | |||
| |
2.2 | 17 | (% style="letter-spacing:0.0px" %)The following information only includes relevant information regarding provisioning the service within DevOps-as-a-Service. It's not a documentation how to use GitLab. For this, we recommend to study the comprehensive GitLab documentation at (%%)[[https:~~/~~/docs.gitlab.com/>>https://docs.gitlab.com/]](% style="letter-spacing:0.0px" %). |
| |
1.1 | 18 | |
| 19 | = Software Source = | ||
| 20 | |||
| |
2.2 | 21 | GitLab is provided as Community Edition (CE) [[https:~~/~~/gitlab.com/gitlab-org/gitlab>>https://gitlab.com/gitlab-org/gitlab]]. |
| |
1.1 | 22 | |
| 23 | Thus only those GitLab features are provided which are bundled into the Community Edition. See also [[GitLab Feature Comparison>>https://about.gitlab.com/pricing/feature-comparison/||shape="rect"]] and [[GitLab Features>>url:https://about.gitlab.com/features/||shape="rect"]] for a documentation and comparison of the different editions aka tiers. | ||
| 24 | |||
| 25 | {{info}} | ||
| |
2.1 | 26 | The list of features contained in the Community Edition may vary. |
| |
1.1 | 27 | {{/info}} |
| 28 | |||
| 29 | = Configuration = | ||
| 30 | |||
| 31 | (% style="color:#404040" %)The following relevant configuration aspects apply: | ||
| 32 | |||
| 33 | (% style="list-style-type:square" %) | ||
| 34 | * Users with system administration permissions remain in the DevOps-as-a-Service team (like for the other tools). The Owner role within a group is the highest role a user of a customer can get, see also "Users, Projects, Groups and Roles" | ||
| 35 | * GitLab is integrated in the Single-Sign-On domain (SSO) of a specific DevOps-as-a-Service instance | ||
| 36 | * The management of users and groups is performed exclusively using the self-service portal of DevOps-as-a-Service | ||
| 37 | * The built-in registry feature is not enabled | ||
| 38 | |||
| 39 | = Users, Projects, Groups and Roles = | ||
| 40 | |||
| 41 | The management of users, groups and the assignment of users to groups in GitLab is performed exclusively using the self-service portal of DevOps-as-a-Service. | ||
| 42 | |||
| 43 | (% style="list-style-type:square" %) | ||
| 44 | * When a user is created in the self-service portal and assigned to GitLab, then this user is created in GitLab automatically. Corresponding actions occur when locking or deleting a user. | ||
| 45 | * When a new project is created in the self-service portal, then a so called "group" is created in GitLab automatically. Corresponding actions occur when renaming or deleting a project. | ||
| 46 | * When a user is assigned to a project in the self-service portal, then this user is assigned to a group in GitLab according to the following mapping: | ||
| 47 | |||
| 48 | (% class="table-bordered" %) | ||
| 49 | (% class="active" %)|=(% style="text-align: left;" %)((( | ||
| 50 | Project Role | ||
| 51 | )))|=(% style="text-align: left;" %)((( | ||
| 52 | GitLab Group Members Permission | ||
| 53 | ))) | ||
| 54 | |(% colspan="1" %)((( | ||
| 55 | Admin | ||
| 56 | )))|(% colspan="1" %)((( | ||
| 57 | Owner | ||
| 58 | ))) | ||
| 59 | |(% colspan="1" %)((( | ||
| 60 | Master | ||
| 61 | )))|(% colspan="1" %)((( | ||
| 62 | Maintainer | ||
| 63 | ))) | ||
| 64 | |(% colspan="1" %)((( | ||
| 65 | Developer | ||
| 66 | )))|(% colspan="1" %)((( | ||
| 67 | Developer | ||
| 68 | ))) | ||
| 69 | |(% style="text-align:left" %)((( | ||
| 70 | Viewer | ||
| 71 | )))|(% style="text-align:left" %)((( | ||
| 72 | Reporter | ||
| 73 | ))) | ||
| 74 | |||
| 75 | Regarding Group Permissions in GitLab, see [[https:~~/~~/docs.gitlab.com/ee/user/permissions.html#group-members-permissions>>url:https://docs.gitlab.com/ee/user/permissions.html#group-members-permissions||rel="nofollow" shape="rect" style="text-decoration: none;" class="external-link"]]. | ||
| 76 | |||
| 77 | Subgroups are created by the users itself. The subgroups inherit the users and roles of the superordinate group. | ||
| 78 | |||
| 79 | The following configuration options are disabled. Use the self-service portal instead: | ||
| 80 | |||
| 81 | (% style="list-style-type:square" %) | ||
| 82 | * Creation of users | ||
| 83 | * Changing the user name | ||
| 84 | * Creation or deletion of groups | ||
| 85 | * User management for other users (name, deletion) | ||
| 86 | |||
| 87 | {{error}} | ||
| |
2.1 | 88 | The following configuration options are dangerous and should not be done in GitLab: |
| |
1.1 | 89 | |
| 90 | (% style="list-style-type:square" %) | ||
| 91 | * Assignment of users to groups with defined roles → use the self-service portal for assigning users | ||
| 92 | * Activation of 2FA for a user → 2FA of SSO should be used instead | ||
| 93 | * Disconnecting from OpenID for own account | ||
| 94 | * Deletion of own account → use the self-service portal for deleting users | ||
| 95 | {{/error}} | ||
| 96 | |||
| 97 | = Known Issues = | ||
| 98 | |||
| 99 | (% style="color:#172b4d" %)There are [[some known issues for using GitLab>>doc:GitLab.Known Issues of User Management for GitLab.WebHome]] within DevOps-as-a-Service, especially in relation to the central user and project management in the self-service portal. These issues are not real errors, but rather provide assistance on how to avoid inconsistencies between GitLab and the central user management using the self-service portal. | ||
| 100 | |||
| 101 | = GitLab Runner = | ||
| 102 | |||
| 103 | GitLab Runners are not an integrated part of the GitLab offering. Runners can be provided by one of these options: | ||
| 104 | |||
| 105 | (% style="list-style-type:square" %) | ||
| 106 | * Runners are provided by DevOps-as-a-Service as a contract option, based on dedicated virtual Runner hosts | ||
| 107 | * Customer provides and maintains its own host or Docker based runners at any cloud and connects to the GitLab instance | ||
| 108 | |||
| 109 |