GitLab: Difference between revisions

Help

From Wikitech

Browse history interactively

← Older edit Newer edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 21:22, 4 October 2021

GitLab

External resources:

This page contains SRE related topics for GitLab. For GitLab application specific information, please see https://www.mediawiki.org/wiki/GitLab (under Implementation).

GitLab is reachable at https://gitlab.wikimedia.org/. We run multiple instances of GitLab:

gitlab1001 runs production GitLab serving https://gitlab.wikimedia.org/
gitlab2001 runs a passive GitLab replica serving https://gitlab-replica.wikimedia.org/ (WIP)
gitlab-ansible-test in WMCS gitlab-test project serving https://gitlab-test.wmcloud.org/

GitLab instances

gitlab1001 and gitlab2001 are setup using puppet and Ansible. The base configuration currently lives in profile::gitlab. Additional GitLab specific configuration comes from gitlab-ansible. Its planned to migrate all of the logic to puppet and drop Ansible (see T283076). GitLab is installed as a Omnibus installation on all instances. So all GitLab components are installed using the official packages and are executed on a single host. The reasons for this setup can be found in the Initialization docs in Mediawiki.

GitLab login is implemented with SSO using the CAS/SSO. So users will be redirected to idp.wikimedia.org to login to the SSO portal. Authentication is currently open to all users with a Wikimedia developer account.

GitLab runners

For our current and future runner setups, see GitLab/Gitlab Runner.

Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=GitLab&oldid=1927916"

Category:

SRE Service Operations

@@ Line 15: / Line 15: @@
 ** [https://phabricator.wikimedia.org/project/view/5057/ GitLab in Phabricator]
 }}
 This page contains SRE related topics for GitLab. For GitLab application specific information, please see https://www.mediawiki.org/wiki/GitLab (under Implementation).
@@ Line 23: / Line 22: @@
 * gitlab1001 runs production GitLab serving https://gitlab.wikimedia.org/
 * gitlab2001 runs a passive GitLab [[GitLab/Replica|replica]] serving https://gitlab-replica.wikimedia.org/ (WIP)
-* gitlab-ansible-test in WMCS gitlab-test project
+* gitlab-ansible-test in WMCS gitlab-test project serving https://gitlab-test.wmcloud.org/
-* gitlab in WMCS gitlab-test project
 == GitLab instances ==
@@ Line 30: / Line 28: @@
 gitlab1001 and gitlab2001 are setup using puppet and Ansible. The base configuration currently lives in [[gerrit:plugins/gitiles/operations/puppet/+/refs/heads/production/modules/profile/manifests/gitlab.pp|profile::gitlab]]. Additional GitLab specific configuration comes from [[gerrit:plugins/gitiles/operations/gitlab-ansible|gitlab-ansible]]. Its planned to migrate all of the logic to puppet and drop Ansible (see [[phab:T283076|T283076]]). GitLab is installed as a [https://docs.gitlab.com/omnibus/ Omnibus installation] on all instances. So all GitLab components are installed using the official packages and are executed on a single host. The reasons for this setup can be found in the [[mw:GitLab/Initialization|Initialization docs in Mediawiki]].
-GitLab login is implemented with SSO using the [[CAS-SSO|CAS/SSO]]. So users will be redirected to idp.wikimedia.org to login to the SSO portal. Groups <code>ops</code>, <code>wmf</code> or <code>nda</code> are needed to access GitLab currently.<ref>https://gerrit.wikimedia.org/r/c/operations/puppet/+/709383/2/hieradata/role/common/idp.yaml#175</ref>
+GitLab login is implemented with SSO using the [[CAS-SSO|CAS/SSO]]. So users will be redirected to idp.wikimedia.org to login to the SSO portal. Authentication is currently open to all users with a Wikimedia developer account.
 == GitLab runners ==