Gitlab中可以通过设定ssh-key进行免密push操作,同时Gitlab也提供了相应的Rest API进行操作,这篇文章将进行具体介绍对于当前用户的操作方式。
liumiaocn:gitlab liumiao$ cat docker-compose.yml version: '2' services: # Version Control service: Gitlab gitlab: image: gitlab/gitlab-ce:12.10.5-ce.0 ports: - "32001:80" volumes: - ./log/:/var/log/gitlab - ./data/:/var/opt/gitlab - ./conf/:/etc/gitlab restart: "no" liumiaocn:gitlab liumiao$事前准备
创建如下目录:
liumiaocn:gitlab liumiao$ ls docker-compose.yml liumiaocn:gitlab liumiao$ mkdir -p log data conf liumiaocn:gitlab liumiao$ ls conf data docker-compose.yml log liumiaocn:gitlab liumiao$启动
启动命令:docker-compose up -d
登录并创建apitoken 登录URL- http://localhost:32001
注:此处设定root用户密码,由于后续直接使用token进行用户创建,示例说明中不再直接需要使用root设定的密码。
通过settings菜单或者直接使用如下URL,创建api用的token
- http://localhost:32001/profile/personal_access_tokens
添加名为liumiao的用户,也可通过界面操作进行,此步可以跳过
执行命令 access_token=“7F2jdsYyeDsuhGnyTvPz” gitlab_url=“localhost:32001” curl -X POST -H “PRIVATE-TOKEN: ${access_token}” http://${gitlab_url}/api/v4/users -H ‘cache-control: no-cache’ -H ‘content-type: application/json’ -d ‘{ “email”: “liumiaocn@outlook.com”, “username”: “liumiao”, “password”: “12341234”, “name”: “liumiao”, “skip_confirmation”: “true” }’
执行日志示例:
liumiaocn:~ liumiao$ curl -X POST -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/users -H 'cache-control: no-cache' -H 'content-type: application/json' -d '{ "email": "liumiaocn@outlook.com",
> "username": "liumiao",
> "password": "12341234",
> "name": "liumiao",
> "skip_confirmation": "true"
> }' |jq .
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 898 100 759 100 139 1785 327 --:--:-- --:--:-- --:--:-- 2112
{
"id": 2,
"name": "liumiao",
"username": "liumiao",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/95c1f7ff72d71b448592a335ba80fb64?s=80&d=identicon",
"web_url": "http://2dba3d4f4dfa/liumiao",
"created_at": "2020-07-19T21:35:27.312Z",
"bio": null,
"location": null,
"public_email": "",
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": "",
"organization": null,
"job_title": "",
"work_information": null,
"last_sign_in_at": null,
"confirmed_at": "2020-07-19T21:35:27.148Z",
"last_activity_on": null,
"email": "liumiaocn@outlook.com",
"theme_id": 1,
"color_scheme_id": 1,
"projects_limit": 100000,
"current_sign_in_at": null,
"identities": [],
"can_create_group": true,
"can_create_project": true,
"two_factor_enabled": false,
"external": false,
"private_profile": false,
"is_admin": false
}
liumiaocn:~ liumiao$
设定ssh-key的图形方式
通过GitLab的界面操作,可以很容易地设定ssh-key,首先登录之后选择用户菜单中的Settings
然后选择SSH Keys左侧菜单项即可通过界面方式对ssh-key进行操作
liumiaocn:~ liumiao$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/Users/liumiao/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/liumiao/.ssh/id_rsa. Your public key has been saved in /Users/liumiao/.ssh/id_rsa.pub. The key fingerprint is: SHA256:FgCQGZ5XL0dLvCYw3F34LQzXgR0bePHsNdGe94jPWXk liumiao@liumiaocn The key's randomart image is: +---[RSA 3072]----+ | o*.ooooo.==+ ..| | .o.+..==.+ += o| | o .o. =* o. ooo| | . .oo.+ .. o+| | oS . ...+| | . . ..E| | o o.| | + | | | +----[SHA256]-----+ liumiaocn:~ liumiao$
这样在当前用户的HOME下的.ssh目录中就会有如下rsa方式的公钥和私钥,注意设定的是公钥,私钥是需要我们自己妥善保管的,公钥是可以从私钥中取出来的,详细展开内容可以参看:
- https://blog.csdn.net/liumiaocn/category_9573907.html
使用user/keys可以添加当前指定用户的token,执行示例命令与日志如下所示
liumiaocn:~ liumiao$ curl -X POST -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/user/keys -H 'cache-control: no-cache' -H 'content-type: application/json' -d '{"title": "ssh key for local mac os",
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9V0ynK5YE84hoeK8LonTw2zixdrSrbR8yuaK1tGuvWD/OZ/P/zDjLHmcJqrK7tB1pgbWAmne8hhXjgNPNHglPp+epU6rP+a3VfDNA6bmbeMQDs/8IW89lhHE0PhIG4zalntgx2sPlhmqVi0XXn77RFXF8h0kbGPIL/nXwvGXfx7GQBpCmhqioJX7kXTReEEdLA6Ec7LgYYZUTorNlZkw3D+beuezyHt+zE6ggpP3aDDigaeMXlf2yfdClpETCIure4vxvXBHBZt9dy54A+YJNcPgY49Pj4Z6C2KVqTS9kM+fQ1gHZsjP9vbObh0TmsV0Zffy0HXwayNqiIutuk65RdVxTCjdCiz/9Lwxza9P7PcJEmb6tW+me/QROKT1LsJH6gn59ufGiB+OsmBg9lK+CaG+CVi0WGDmPKlh/oJ+noGQGgr0NHxkBqJLTim1HCCS5rb2U+ynjtHSKEKZ5BMqxG4ci6WZOsJg/gedefHA9R5Xd3TJkGas+2P3nfjB5zJM= liumiao@liumiaocn",
"expires_at": "2020-09-19T00:00:00.000Z"
}' |jq .
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1345 100 680 100 665 8607 8417 --:--:-- --:--:-- --:--:-- 17025
{
"id": 4,
"title": "ssh key for local mac os",
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9V0ynK5YE84hoeK8LonTw2zixdrSrbR8yuaK1tGuvWD/OZ/P/zDjLHmcJqrK7tB1pgbWAmne8hhXjgNPNHglPp+epU6rP+a3VfDNA6bmbeMQDs/8IW89lhHE0PhIG4zalntgx2sPlhmqVi0XXn77RFXF8h0kbGPIL/nXwvGXfx7GQBpCmhqioJX7kXTReEEdLA6Ec7LgYYZUTorNlZkw3D+beuezyHt+zE6ggpP3aDDigaeMXlf2yfdClpETCIure4vxvXBHBZt9dy54A+YJNcPgY49Pj4Z6C2KVqTS9kM+fQ1gHZsjP9vbObh0TmsV0Zffy0HXwayNqiIutuk65RdVxTCjdCiz/9Lwxza9P7PcJEmb6tW+me/QROKT1LsJH6gn59ufGiB+OsmBg9lK+CaG+CVi0WGDmPKlh/oJ+noGQGgr0NHxkBqJLTim1HCCS5rb2U+ynjtHSKEKZ5BMqxG4ci6WZOsJg/gedefHA9R5Xd3TJkGas+2P3nfjB5zJM= liumiao@liumiaocn",
"created_at": "2020-07-19T21:50:49.034Z",
"expires_at": null
}
liumiaocn:~ liumiao$
结果确认:注意当前用户是root
使用/user/keys即可
liumiaocn:~ liumiao$ curl -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/user/keys |jq .
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 682 100 682 0 0 13640 0 --:--:-- --:--:-- --:--:-- 13640
[
{
"id": 4,
"title": "ssh key for local mac os",
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9V0ynK5YE84hoeK8LonTw2zixdrSrbR8yuaK1tGuvWD/OZ/P/zDjLHmcJqrK7tB1pgbWAmne8hhXjgNPNHglPp+epU6rP+a3VfDNA6bmbeMQDs/8IW89lhHE0PhIG4zalntgx2sPlhmqVi0XXn77RFXF8h0kbGPIL/nXwvGXfx7GQBpCmhqioJX7kXTReEEdLA6Ec7LgYYZUTorNlZkw3D+beuezyHt+zE6ggpP3aDDigaeMXlf2yfdClpETCIure4vxvXBHBZt9dy54A+YJNcPgY49Pj4Z6C2KVqTS9kM+fQ1gHZsjP9vbObh0TmsV0Zffy0HXwayNqiIutuk65RdVxTCjdCiz/9Lwxza9P7PcJEmb6tW+me/QROKT1LsJH6gn59ufGiB+OsmBg9lK+CaG+CVi0WGDmPKlh/oJ+noGQGgr0NHxkBqJLTim1HCCS5rb2U+ynjtHSKEKZ5BMqxG4ci6WZOsJg/gedefHA9R5Xd3TJkGas+2P3nfjB5zJM= liumiao@liumiaocn",
"created_at": "2020-07-19T21:50:49.034Z",
"expires_at": null
}
]
liumiaocn:~ liumiao$
方式2: 查询指定用户ssh-key
使用/users/${userid}/keys可查询指定用户,比如:
liumiaocn:~ liumiao$ curl -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/users/1/keys |jq .
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 682 100 682 0 0 8023 0 --:--:-- --:--:-- --:--:-- 8023
[
{
"id": 4,
"title": "ssh key for local mac os",
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9V0ynK5YE84hoeK8LonTw2zixdrSrbR8yuaK1tGuvWD/OZ/P/zDjLHmcJqrK7tB1pgbWAmne8hhXjgNPNHglPp+epU6rP+a3VfDNA6bmbeMQDs/8IW89lhHE0PhIG4zalntgx2sPlhmqVi0XXn77RFXF8h0kbGPIL/nXwvGXfx7GQBpCmhqioJX7kXTReEEdLA6Ec7LgYYZUTorNlZkw3D+beuezyHt+zE6ggpP3aDDigaeMXlf2yfdClpETCIure4vxvXBHBZt9dy54A+YJNcPgY49Pj4Z6C2KVqTS9kM+fQ1gHZsjP9vbObh0TmsV0Zffy0HXwayNqiIutuk65RdVxTCjdCiz/9Lwxza9P7PcJEmb6tW+me/QROKT1LsJH6gn59ufGiB+OsmBg9lK+CaG+CVi0WGDmPKlh/oJ+noGQGgr0NHxkBqJLTim1HCCS5rb2U+ynjtHSKEKZ5BMqxG4ci6WZOsJg/gedefHA9R5Xd3TJkGas+2P3nfjB5zJM= liumiao@liumiaocn",
"created_at": "2020-07-19T21:50:49.034Z",
"expires_at": null
}
]
liumiaocn:~ liumiao$
注意:此处返回的key的id也是每次递增,从1开始,本文示例显示为4,说明抓取日志之前经过三次添加和删除的操作。
操作:删除用户ssh-key(当前用户)操作日志如下所示:
liumiaocn:~ liumiao$ keyid=4
liumiaocn:~ liumiao$ curl -X DELETE -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/user/keys/${keyid}
liumiaocn:~ liumiao$ echo $?
0
liumiaocn:~ liumiao$
结果确认
liumiaocn:~ liumiao$ curl -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/user/keys
[]liumiaocn:~ liumiao$
本例中当前用户创建时指定了过期时间,但是结果并未显示(此选项为Optinal),具体问题后续继续确认。
