├── destroyGerrit.sh ├── Dockerfile ├── gerrit-init.nohup ├── README.md ├── upgradeGerrit.sh ├── gerrit-create-group.sh ├── createGerrit.sh ├── gerrit-user-to-group.sh ├── gerrit-upload-ssh-key.sh ├── setupGerrit.sh ├── gerrit-create-user.sh └── LICENSE /destroyGerrit.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | GERRIT_NAME=${GERRIT_NAME:-gerrit} 3 | GERRIT_VOLUME=${GERRIT_VOLUME:-gerrit-volume} 4 | PG_GERRIT_NAME=${PG_GERRIT_NAME:-pg-gerrit} 5 | docker stop ${GERRIT_NAME} 6 | docker rm -v ${GERRIT_NAME} 7 | docker volume rm ${GERRIT_VOLUME} 8 | docker stop ${PG_GERRIT_NAME} 9 | docker rm -v ${PG_GERRIT_NAME} 10 | docker volume rm pg-gerrit-volume 11 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM openfrontier/gerrit:latest 2 | 3 | MAINTAINER zsx 4 | 5 | ENV INITIAL_ADMIN_USER admin 6 | ENV INITIAL_ADMIN_PASSWORD admin 7 | ENV GERRIT_LOCAL_URL http://localhost:8080/gerrit 8 | ENV JENKINS_REMOTE_URL http://jenkins:8080/jenkins 9 | 10 | COPY gerrit-create-user.sh /usr/local/bin/gerrit-create-user.sh 11 | COPY gerrit-upload-ssh-key.sh /usr/local/bin/gerrit-upload-ssh-key.sh 12 | COPY gerrit-init.nohup /docker-entrypoint-init.d/gerrit-init.nohup 13 | 14 | RUN chmod +x /usr/local/bin/*.sh /docker-entrypoint-init.d/gerrit-init.nohup 15 | -------------------------------------------------------------------------------- /gerrit-init.nohup: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | echo "Initializing Gerrit..." 6 | gerrit-create-user.sh -t ldap -u ${INITIAL_ADMIN_USER} -p ${INITIAL_ADMIN_PASSWORD} 7 | gerrit-create-user.sh -t internal -A ${INITIAL_ADMIN_USER} -P ${INITIAL_ADMIN_PASSWORD} -u jenkins -f "Jenkins Server" 8 | #/add_user_to_group.sh -A ${GERRIT_USERNAME} -P ${GERRIT_PASSWORD} -u ${JENKINS_USERNAME} -g Administrators 9 | #/add_user_to_group.sh -A ${GERRIT_USERNAME} -P ${GERRIT_PASSWORD} -u ${INITIAL_ADMIN_USER} -g "Administrators" 10 | 11 | gerrit-upload-ssh-key.sh -A ${INITIAL_ADMIN_USER} -P ${INITIAL_ADMIN_PASSWORD} -k id_rsa.pub -u jenkins 12 | 13 | exit 0 14 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # gerrit-ci docker 2 | This docker image is an extension of the [Gerrit docker](https://hub.docker.com/r/openfrontier/gerrit/). 3 | 4 | ## Usage 5 | This project is utilized by the [ci-compose project](https://github.com/openfrontier/ci-compose) to demonstrate how to start a gerrit-jenkins-nexus environment in seconds. 6 | This project can also be utilized as a demo about how to extend the [Gerrit docker](https://hub.docker.com/r/openfrontier/gerrit/) by adding a nohup script to accomplish some setup works while the Gerrit service is starting up. 7 | 8 | ## Todo 9 | Fix createGerrit.sh, destroyGerrit.sh and upgradeGerrit.sh in order to make it works with the [ci project](https://github.com/openfrontier/ci). 10 | -------------------------------------------------------------------------------- /upgradeGerrit.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | GERRIT_WEBURL=${GERRIT_WEBURL:-$1} 4 | LDAP_SERVER=${LDAP_SERVER:-$2} 5 | LDAP_ACCOUNTBASE=${LDAP_ACCOUNTBASE:-$3} 6 | SMTP_SERVER=${SMTP_SERVER:-$4} 7 | USER_EMAIL=${USER_EMAIL:-$5} 8 | SMTP_USER=${SMTP_USER:$6} 9 | SMTP_PASS=${SMTP_PASS:$7} 10 | HTTPD_LISTENURL=${HTTPD_LISTENURL:-http://*:8080} 11 | GERRIT_NAME=${GERRIT_NAME:-gerrit} 12 | GERRIT_VOLUME=${GERRIT_VOLUME:-gerrit-volume} 13 | PG_GERRIT_NAME=${PG_GERRIT_NAME:-pg-gerrit} 14 | GERRIT_IMAGE_NAME=${GERRIT_IMAGE_NAME:-openfrontier/gerrit} 15 | CI_NETWORK=${CI_NETWORK:-ci-network} 16 | 17 | # Stop and Delete gerrit container. 18 | if [ -z "$(docker ps -a | grep ${GERRIT_VOLUME})" ]; then 19 | echo "${GERRIT_VOLUME} does not exist." 20 | exit 1 21 | elif [ -z "$(docker ps -a | grep ${PG_GERRIT_NAME})" ]; then 22 | echo "${PG_GERRIT_NAME} does not exist." 23 | exit 1 24 | elif [ -n "$(docker ps | grep ${GERRIT_NAME} | grep -v ${PG_GERRIT_NAME})" ]; then 25 | docker stop ${GERRIT_NAME} 26 | fi 27 | if [ -n "$(docker ps -a | grep ${GERRIT_NAME} | grep -v ${GERRIT_VOLUME} | grep -v ${PG_GERRIT_NAME})" ]; then 28 | docker rm -v ${GERRIT_NAME} 29 | fi 30 | 31 | # Start Gerrit. 32 | docker run \ 33 | --name ${GERRIT_NAME} \ 34 | --net ${CI_NETWORK} \ 35 | -p 29418:29418 \ 36 | --volumes-from ${GERRIT_VOLUME} \ 37 | -e WEBURL=${GERRIT_WEBURL} \ 38 | -e HTTPD_LISTENURL=${HTTPD_LISTENURL} \ 39 | -e DATABASE_TYPE=postgresql \ 40 | -e AUTH_TYPE=LDAP \ 41 | -e LDAP_SERVER=${LDAP_SERVER} \ 42 | -e LDAP_ACCOUNTBASE=${LDAP_ACCOUNTBASE} \ 43 | -e SMTP_SERVER=${SMTP_SERVER} \ 44 | -e SMTP_USER=${SMTP_USER} \ 45 | -e SMTP_PASS=${SMTP_PASS} \ 46 | -e USER_EMAIL=${USER_EMAIL} \ 47 | -e GERRIT_INIT_ARGS='--install-plugin=download-commands' \ 48 | --restart=unless-stopped \ 49 | -d ${GERRIT_IMAGE_NAME} 50 | 51 | -------------------------------------------------------------------------------- /gerrit-create-group.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | # Usage 6 | usage() { 7 | echo "Usage:" 8 | echo " ${0} -A -P -g " 9 | exit 1 10 | } 11 | 12 | # Constants configurable via environment 13 | GERRIT_URL=${GERRIT_LOCAL_URL:-'http://localhost:8080/gerrit'} 14 | 15 | # Constants 16 | SLEEP_TIME=10 17 | MAX_RETRY=10 18 | 19 | while getopts "A:P:g:" opt; do 20 | case "${opt}" in 21 | A) 22 | admin_user=${OPTARG} 23 | ;; 24 | P) 25 | admin_password=${OPTARG} 26 | ;; 27 | g) 28 | target_group=${OPTARG} 29 | ;; 30 | *) 31 | echo "Invalid parameter(s) or option(s)." 32 | usage 33 | ;; 34 | esac 35 | done 36 | 37 | # Validate options 38 | if [ -z "${admin_user}" ] || [ -z "${admin_password}" ] || [ -z "${target_group}" ]; then 39 | echo "Parameters missing" 40 | usage 41 | fi 42 | 43 | echo "Testing Gerrit Connection" 44 | until curl --location --output /dev/null --silent --write-out "%{http_code}\\n" "${GERRIT_URL}/login" | grep "401" &> /dev/null 45 | do 46 | echo "Gerrit unavailable, sleeping for ${SLEEP_TIME}" 47 | sleep "${SLEEP_TIME}" 48 | done 49 | 50 | # Check exists 51 | target_group=$(echo -e "${target_group}" | sed 's/ /%20/g') 52 | ret=$(curl --user "${admin_user}:${admin_password}" --output /dev/null --silent --write-out "%{http_code}" "${GERRIT_URL}/a/groups/${target_group}") 53 | if [[ ${ret} -eq 200 ]] ; then 54 | echo "Group already exists: ${target_group}" 55 | exit 0 56 | fi 57 | 58 | # Add group 59 | echo "Creating group: ${target_group}" 60 | count=0 61 | until [ ${count} -ge ${MAX_RETRY} ] 62 | do 63 | ret=$(curl --request PUT --user "${admin_user}:${admin_password}" --output /dev/null --silent --write-out "%{http_code}" "${GERRIT_URL}/a/groups/${target_group}") 64 | if [[ ${ret} -eq 201 ]]; then 65 | echo "Group ${target_group} was created" 66 | break 67 | fi 68 | echo "Unable to create group ${target_group}, response code ${ret}, retry ... ${count}" 69 | count=$((count+1)) 70 | sleep ${SLEEP_TIME} 71 | done 72 | -------------------------------------------------------------------------------- /createGerrit.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | GERRIT_WEBURL=${GERRIT_WEBURL:-$1} 4 | LDAP_SERVER=${LDAP_SERVER:-$2} 5 | LDAP_ACCOUNTBASE=${LDAP_ACCOUNTBASE:-$3} 6 | SMTP_SERVER=${SMTP_SERVER:-$4} 7 | USER_EMAIL=${USER_EMAIL:-$5} 8 | SMTP_USER=${SMTP_USER:-$6} 9 | SMTP_PASS=${SMTP_PASS:-$7} 10 | HTTPD_LISTENURL=${HTTPD_LISTENURL:-http://*:8080} 11 | GERRIT_NAME=${GERRIT_NAME:-gerrit} 12 | GERRIT_VOLUME=${GERRIT_VOLUME:-gerrit-volume} 13 | PG_GERRIT_NAME=${PG_GERRIT_NAME:-pg-gerrit} 14 | GERRIT_IMAGE_NAME=${GERRIT_IMAGE_NAME:-openfrontier/gerrit-ci} 15 | POSTGRES_IMAGE=${POSTGRES_IMAGE:-postgres} 16 | CI_NETWORK=${CI_NETWORK:-ci-network} 17 | 18 | # Start PostgreSQL. 19 | docker volume create --name pg-gerrit-volume 20 | 21 | docker run \ 22 | --name ${PG_GERRIT_NAME} \ 23 | --net ${CI_NETWORK} \ 24 | --volume pg-gerrit-volume:/var/lib/postgresql/data \ 25 | -P \ 26 | -e POSTGRES_USER=gerrit2 \ 27 | -e POSTGRES_PASSWORD=gerrit \ 28 | -e POSTGRES_DB=reviewdb \ 29 | --restart=unless-stopped \ 30 | -d ${POSTGRES_IMAGE} 31 | 32 | while [ -z "$(docker logs ${PG_GERRIT_NAME} 2>&1 | grep 'autovacuum launcher started')" ]; do 33 | echo "Waiting postgres ready." 34 | sleep 1 35 | done 36 | 37 | # Create Gerrit volume. 38 | docker volume create --name ${GERRIT_VOLUME} 39 | 40 | # Start Gerrit. 41 | docker run \ 42 | --name ${GERRIT_NAME} \ 43 | --net ${CI_NETWORK} \ 44 | -p 29418:29418 \ 45 | --volume ${GERRIT_VOLUME}:/var/gerrit/review_site \ 46 | -e WEBURL=${GERRIT_WEBURL} \ 47 | -e HTTPD_LISTENURL=${HTTPD_LISTENURL} \ 48 | -e DATABASE_TYPE=postgresql \ 49 | -e DB_PORT_5432_TCP_ADDR=${PG_GERRIT_NAME} \ 50 | -e DB_PORT_5432_TCP_PORT=5432 \ 51 | -e DB_ENV_POSTGRES_DB=reviewdb \ 52 | -e DB_ENV_POSTGRES_USER=gerrit2 \ 53 | -e DB_ENV_POSTGRES_PASSWORD=gerrit \ 54 | -e AUTH_TYPE=LDAP \ 55 | -e LDAP_SERVER=${LDAP_SERVER} \ 56 | -e LDAP_ACCOUNTBASE=${LDAP_ACCOUNTBASE} \ 57 | -e SMTP_SERVER=${SMTP_SERVER} \ 58 | -e SMTP_USER=${SMTP_USER} \ 59 | -e SMTP_PASS=${SMTP_PASS} \ 60 | -e USER_EMAIL=${USER_EMAIL} \ 61 | -e GERRIT_INIT_ARGS='--install-plugin=download-commands --install-plugin=replication' \ 62 | -e INITIAL_ADMIN_USER=${GERRIT_ADMIN_UID} \ 63 | -e INITIAL_ADMIN_PASSWORD=${GERRIT_ADMIN_PWD} \ 64 | -e JENKINS_HOST=jenkins \ 65 | -e GITWEB_TYPE=gitiles \ 66 | --restart=unless-stopped \ 67 | -d ${GERRIT_IMAGE_NAME} 68 | 69 | -------------------------------------------------------------------------------- /gerrit-user-to-group.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | # Usage 6 | usage() { 7 | echo "Usage:" 8 | echo " ${0} -u -g -A -P " 9 | exit 1 10 | } 11 | 12 | # Constants configurable via environment 13 | GERRIT_URL=${GERRIT_LOCAL_URL:-'http://localhost:8080/gerrit'} 14 | 15 | # Constants 16 | SLEEP_TIME=10 17 | MAX_RETRY=10 18 | 19 | while getopts "u:g:A:P:" opt; do 20 | case "${opt}" in 21 | u) 22 | username=${OPTARG} 23 | ;; 24 | g) 25 | target_group=${OPTARG} 26 | ;; 27 | A) 28 | admin_user=${OPTARG} 29 | ;; 30 | P) 31 | admin_password=${OPTARG} 32 | ;; 33 | *) 34 | echo "Invalid parameter(s) or option(s)." 35 | usage 36 | ;; 37 | esac 38 | done 39 | 40 | # Validate options 41 | if [ -z "${admin_user}" ] || [ -z "${admin_password}" ] || [ -z "${username}" ] || [ -z "${target_group}" ]; then 42 | echo "Parameters missing" 43 | usage 44 | fi 45 | 46 | echo "Testing Gerrit Connection" 47 | until curl --location --output /dev/null --silent --write-out "%{http_code}\\n" "${GERRIT_URL}/login" | grep "401" &> /dev/null 48 | do 49 | echo "Gerrit unavailable, sleeping for ${SLEEP_TIME}" 50 | sleep "${SLEEP_TIME}" 51 | done 52 | 53 | # Check exists 54 | username=$(echo -e "${username}" | sed 's/ /%20/g') 55 | ret=$(curl --user "${admin_user}:${admin_password}" --output /dev/null --silent --write-out "%{http_code}" "${GERRIT_URL}/a/accounts/${username}") 56 | if [[ ${ret} -eq 404 ]] ; then 57 | echo "User does not exists: ${username}" 58 | exit 0 59 | fi 60 | 61 | target_group=$(echo -e "${target_group}" | sed 's/ /%20/g') 62 | ret=$(curl --user "${admin_user}:${admin_password}" --output /dev/null --silent --write-out "%{http_code}" "${GERRIT_URL}/a/groups/${target_group}") 63 | if [[ ${ret} -eq 404 ]] ; then 64 | echo "Group does not exists: ${target_group}" 65 | exit 0 66 | fi 67 | 68 | # Add user to group 69 | echo "Adding user: ${username}, to group: ${target_group}" 70 | count=0 71 | until [ ${count} -ge ${MAX_RETRY} ] 72 | do 73 | json_request="{ \"members\": [ \"${username}\" ] }" 74 | ret=$(curl --request POST --user "${admin_user}:${admin_password}" --header 'Content-Type: application/json; charset=UTF-8' --data "${json_request}" --output /dev/null --silent --write-out "%{http_code}" "${GERRIT_URL}/a/groups/${target_group}/members.add") 75 | if [[ ${ret} -eq 200 ]]; then 76 | echo "User ${username} was added to a group ${target_group}" 77 | break 78 | fi 79 | 80 | echo "Unable to add user ${username} to a group ${target_group}, response code ${ret}, retry ... ${count}" 81 | count=$((count+1)) 82 | sleep ${SLEEP_TIME} 83 | done 84 | -------------------------------------------------------------------------------- /gerrit-upload-ssh-key.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | # Usage 6 | usage() { 7 | echo "Usage:" 8 | echo " ${0} -A -P -k -u " 9 | exit 1 10 | } 11 | 12 | # Constants configurable via environment 13 | GERRIT_URL=${GERRIT_LOCAL_URL:-'http://localhost:8080/gerrit'} 14 | JENKINS_URL=${JENKINS_REMOTE_URL:-'http://jenkins:8080/jenkins'} 15 | 16 | # Constants 17 | SLEEP_TIME=10 18 | 19 | while getopts "A:P:k:u:" opt; do 20 | case "${opt}" in 21 | A) 22 | username=${OPTARG} 23 | ;; 24 | P) 25 | password=${OPTARG} 26 | ;; 27 | k) 28 | key=${OPTARG} 29 | ;; 30 | u) 31 | user=${OPTARG} 32 | ;; 33 | *) 34 | echo "Invalid parameter(s) or option(s)." 35 | usage 36 | ;; 37 | esac 38 | done 39 | 40 | if [ -z "${username}" ] || [ -z "${password}" ] || [ -z "${key}" ] || [ -z "${user}" ]; then 41 | echo "Parameters missing" 42 | usage 43 | fi 44 | 45 | key=$(echo -e "${key}" | sed 's/ /%20/g') 46 | user=$(echo -e "${user}" | sed 's/ /%20/g') 47 | 48 | echo "Testing Jenkins Connection & Key Presence" 49 | until curl --location --user ${username}:${password} --output /dev/null --silent --write-out "%{http_code}\\n" "${JENKINS_URL}/userContent/${key}" | grep "200" &> /dev/null 50 | do 51 | echo "Jenkins or key unavailable, sleeping for ${SLEEP_TIME}" 52 | sleep "${SLEEP_TIME}" 53 | done 54 | 55 | echo "Retrieving value: ${key}" 56 | ssh_key=$(curl --silent --request GET --user ${username}:${password} "${JENKINS_URL}/userContent/${key}") 57 | 58 | echo "Checking if \"${user}\" exists" 59 | if curl --location --output /dev/null --silent --write-out "%{http_code}\\n" "${GERRIT_URL}/accounts/${user}" | grep "404" &> /dev/null; then 60 | echo "User does not exist: ${user}" 61 | exit 1 62 | fi 63 | 64 | echo "* Verify public-key existence" 65 | # Download the stored key and decode from to UTF-8 66 | # Using echo -e the -n switch from echo allows to remove the trailing \n that echo would add 67 | # The decode part is necessary as Gerrit correctly encode the SSH key and as a result = sign is converted to \u003d 68 | stored_key=$(echo -e $(curl --user ${username}:${password} --silent "${GERRIT_URL}/a/accounts/${user}/sshkeys" | grep "ssh_public_key" | awk '{split($0, a, ": "); print a[2]}' | sed 's/[",]//g')) 69 | if [[ "$stored_key" == "$ssh_key" ]]; then 70 | echo "* Stored key is the same as downloaded, skipping it ..." 71 | exit 0 72 | else 73 | echo "* Stored key is not same as downloaded, uploading it ..." 74 | fi 75 | 76 | echo "Uploading public-key to Gerrit user \"${user}\"" 77 | ret=$(curl --request POST --user "${username}:${password}" -H "Content-Type: text/plain" --data "${ssh_key}" --output /dev/null --silent --write-out "%{http_code}" "${GERRIT_URL}/a/accounts/${user}/sshkeys") 78 | if [[ ${ret} -eq 201 ]]; then 79 | echo "Public-key was uploaded" 80 | else 81 | echo "Public-key was uploaded with the invalid response code: ${ret}" 82 | fi 83 | -------------------------------------------------------------------------------- /setupGerrit.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | HOST_NAME=${HOST_NAME:-$1} 5 | GERRIT_WEBURL=${GERRIT_WEBURL:-$2} 6 | GERRIT_ADMIN_UID=${GERRIT_ADMIN_UID:-$3} 7 | GERRIT_ADMIN_PWD=${GERRIT_ADMIN_PWD:-$4} 8 | GERRIT_ADMIN_EMAIL=${GERRIT_ADMIN_EMAIL:-$5} 9 | SSH_KEY_PATH=${SSH_KEY_PATH:-~/.ssh/id_rsa} 10 | CHECKOUT_DIR=./git 11 | 12 | 13 | #Remove appended '/' if existed. 14 | GERRIT_WEBURL=${GERRIT_WEBURL%/} 15 | 16 | # Add ssh-key 17 | cat "${SSH_KEY_PATH}.pub" | curl --data @- --user "${GERRIT_ADMIN_UID}:${GERRIT_ADMIN_PWD}" ${GERRIT_WEBURL}/a/accounts/self/sshkeys 18 | 19 | #gather server rsa key 20 | ##TODO: This is not an elegant way. 21 | [ -f ~/.ssh/known_hosts ] && mv ~/.ssh/known_hosts ~/.ssh/known_hosts.bak 22 | ssh-keyscan -p 29418 -t rsa ${HOST_NAME} > ~/.ssh/known_hosts 23 | 24 | #checkout project.config from All-Project.git 25 | [ -d ${CHECKOUT_DIR} ] && mv ${CHECKOUT_DIR} ${CHECKOUT_DIR}.$$ 26 | mkdir ${CHECKOUT_DIR} 27 | 28 | git init ${CHECKOUT_DIR} 29 | cd ${CHECKOUT_DIR} 30 | 31 | #start ssh agent and add ssh key 32 | eval $(ssh-agent) 33 | ssh-add "${SSH_KEY_PATH}" 34 | 35 | #git config 36 | git config user.name ${GERRIT_ADMIN_UID} 37 | git config user.email ${GERRIT_ADMIN_EMAIL} 38 | git remote add origin ssh://${GERRIT_ADMIN_UID}@${HOST_NAME}:29418/All-Projects 39 | #checkout project.config 40 | git fetch -q origin refs/meta/config:refs/remotes/origin/meta/config 41 | git checkout meta/config 42 | 43 | #add label.Verified 44 | git config -f project.config label.Verified.function MaxWithBlock 45 | git config -f project.config --add label.Verified.defaultValue 0 46 | git config -f project.config --add label.Verified.value "-1 Fails" 47 | git config -f project.config --add label.Verified.value "0 No score" 48 | git config -f project.config --add label.Verified.value "+1 Verified" 49 | ##commit and push back 50 | git commit -a -m "Added label - Verified" 51 | 52 | #Change global access right 53 | ##Remove anonymous access right. 54 | git config -f project.config --unset access.refs/*.read "group Anonymous Users" 55 | ##add Jenkins access and verify right 56 | git config -f project.config --add access.refs/heads/*.read "group Non-Interactive Users" 57 | git config -f project.config --add access.refs/tags/*.read "group Non-Interactive Users" 58 | git config -f project.config --add access.refs/heads/*.label-Code-Review "-1..+1 group Non-Interactive Users" 59 | git config -f project.config --add access.refs/heads/*.label-Verified "-1..+1 group Non-Interactive Users" 60 | ##add project owners' right to add verify flag 61 | git config -f project.config --add access.refs/heads/*.label-Verified "-1..+1 group Project Owners" 62 | ##commit and push back 63 | git commit -a -m "Change access right." -m "Add access right for Jenkins. Remove anonymous access right" 64 | git push origin meta/config:meta/config 65 | 66 | #stop ssh agent 67 | kill ${SSH_AGENT_PID} 68 | 69 | cd - 70 | rm -rf ${CHECKOUT_DIR} 71 | [ -d ${CHECKOUT_DIR}.$$ ] && mv ${CHECKOUT_DIR}.$$ ${CHECKOUT_DIR} 72 | 73 | echo "finish gerrit setup" 74 | -------------------------------------------------------------------------------- /gerrit-create-user.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | # Usage 6 | usage() { 7 | echo "Usage:" 8 | echo " ${0} -t -u -p -f -A -P -g " 9 | exit 1 10 | } 11 | 12 | # Constants configurable via environment 13 | GERRIT_URL=${GERRIT_LOCAL_URL:-'http://localhost:8080/gerrit'} 14 | 15 | # Constants 16 | SLEEP_TIME=10 17 | MAX_RETRY=10 18 | 19 | type="internal" 20 | 21 | while getopts "t:u:p:f:A:P:g:" opt; do 22 | case "${opt}" in 23 | t) 24 | type=${OPTARG} 25 | ;; 26 | u) 27 | username=${OPTARG} 28 | ;; 29 | p) 30 | password=${OPTARG} 31 | ;; 32 | f) 33 | full_name=${OPTARG} 34 | ;; 35 | A) 36 | admin_user=${OPTARG} 37 | ;; 38 | P) 39 | admin_password=${OPTARG} 40 | ;; 41 | g) 42 | target_group=${OPTARG} 43 | ;; 44 | *) 45 | echo "Invalid parameter(s) or option(s)." 46 | usage 47 | ;; 48 | esac 49 | done 50 | 51 | # Validate options 52 | case "${type}" in 53 | ldap) 54 | if [ -z "${username}" ] || [ -z "${password}" ]; then 55 | echo "Parameters missing" 56 | usage 57 | fi 58 | ;; 59 | internal) 60 | if [ -z "${admin_user}" ] || [ -z "${admin_password}" ] || [ -z "${username}" ] || [ -z "${full_name}" ]; then 61 | echo "Parameters missing" 62 | usage 63 | fi 64 | ;; 65 | *) 66 | echo "Invalid parameter(s) or option(s)." 67 | usage 68 | ;; 69 | esac 70 | 71 | echo "Testing Gerrit Connection" 72 | until curl --location --output /dev/null --silent --write-out "%{http_code}\\n" "${GERRIT_URL}/login" | grep "401" &> /dev/null 73 | do 74 | echo "Gerrit unavailable, sleeping for ${SLEEP_TIME}" 75 | sleep "${SLEEP_TIME}" 76 | done 77 | 78 | # Check exists 79 | username=$(echo -e "${username}" | sed 's/ /%20/g') 80 | ret=$(curl --output /dev/null --silent --write-out "%{http_code}" "${GERRIT_URL}/accounts/${username}") 81 | if [[ ${ret} -eq 200 ]] ; then 82 | echo "User already exists: ${username}" 83 | exit 0 84 | fi 85 | 86 | # Add user 87 | echo "Creating user: ${username}" 88 | count=0 89 | until [ ${count} -ge ${MAX_RETRY} ] 90 | do 91 | case "${type}" in 92 | ldap) 93 | ret=$(curl --request POST --data "username=${username}&password=${password}" --output /dev/null --silent --write-out "%{http_code}" "${GERRIT_URL}/login") 94 | if [[ ${ret} -eq 302 ]]; then 95 | echo "LDAP user ${username} was found in database" 96 | break 97 | fi 98 | echo "Unable to find user ${username} in LDAP database, response code ${ret}, retry ... ${count}" 99 | ;; 100 | internal) 101 | if [[ -z "${target_group}" ]]; then 102 | target_group="Non-Interactive Users" 103 | echo "Target group was not specified, defaulting to non-interactive" 104 | fi 105 | json_request="{ \"name\": \"${full_name}\", \"groups\": [ \"${target_group}\" ] }" 106 | ret=$(curl --request PUT --user "${admin_user}:${admin_password}" --header 'Content-Type: application/json; charset=UTF-8' --data "${json_request}" --output /dev/null --silent --write-out "%{http_code}" "${GERRIT_URL}/a/accounts/${username}") 107 | if [[ ${ret} -eq 201 ]]; then 108 | echo "User ${username} was created" 109 | break 110 | fi 111 | echo "Unable to create user ${username}, response code ${ret}, retry ... ${count}" 112 | ;; 113 | esac 114 | count=$((count+1)) 115 | sleep ${SLEEP_TIME} 116 | done 117 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "{}" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright {yyyy} {name of copyright owner} 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | 203 | --------------------------------------------------------------------------------