Skip to content

Tips for GitLab

Jump to bottom
Marco Donadoni edited this page May 29, 2024 · 2 revisions

Contents

  1. Configure Personal Access Tokens locally
  2. Configure GitLab integration locally

Configure Personal Access Tokens locally

To test the GitLab integration locally on your computer, you can create a PAT (Personal Access Token) on GitLab and manually add it as a secret to REANA.

Note

You can use a PAT to test the REANA-GitLab integration, with the exception of the OAuth authentication flow.

  1. On GitLab, go to Preferences -> Access Tokens and create a new token with api scope.

  2. Save the token in an environment variable:

    $ read -s GITLAB_TOKEN
# paste token here

  3. Add your username and your token to the REANA secrets:

    $ reana-client secrets-add --env gitlab_user="your_gitlab_username"
$ reana-client secrets-add --env gitlab_access_token="$GITLAB_TOKEN"

You should now be able to see your GitLab repositories in your REANA profile page.

Configure GitLab integration locally

Warning

The following instructions cannot be used with GitLab@CERN, as it is not possible to easily create custom applications anymore. However these steps can be useful to test other GitLab instances.

Prerequisites

  • Ideally, in order for the GitLab webhook to access your machine, you should be inside the CERN network, with an accessible hostname.

Authentication

REANA-UI uses Single Sign-On (SSO) for Authentication.

  1. Register an OAuth client.
  • client_id: A unique text string that identifies your client, e.g. reana-johndoe.
  • redirect_id: Your REANA-Server hostname followed by /oauth/authorized/cern/, e.g. https://reana-johndoe.cern.ch/oauth/authorized/cern/
  • Application Homepage: Your REANA-Server hostname, e.g. https://reana-johndoe.cern.ch.
  • Description: Whatever description you like.

  1. Set up REANA_SERVER_URL env var accordingly before running REANA-UI so it's properly set in config.js E.g. export REANA_SERVER_URL=https://reana-johndoe.cern.ch:30443

  2. Configure SSO-related environment variables. You can do this in two ways:

    • Setting the variables before deploying on reanahub/reana's helm/reana-dev/values.yaml.

      + reana_hostname: <hostname> # e.g. "reana-johndoe.cern.ch"
debug:
  enabled: false
ui:
  enabled: false
...
secrets:
  ...
  cern:
    sso:
-      CERN_CONSUMER_KEY: <CHANGEME>
+      CERN_CONSUMER_KEY: <real_cern_consumer_client_id>
-      CERN_CONSUMER_SECRET: <CHANGEME>
+      CERN_CONSUMER_SECRET: <real_cern_consumer_secret>
...

    • Changing the variable names directly on the REANA-Server deployment if you made a mistake and you don't want to deploy REANA again:

      $ kubectl set env deployment/reana-server \
  CERN_CONSUMER_KEY=reana-johndoe \
  CERN_CONSUMER_SECRET=<my-generated-secret>

    • CERN_CONSUMER_KEY: client_id of your OAuth client previously registered.

    • CERN_CONSUMER_SECRET: Generated secret, it can be consulted here by clicking on the [Manage] link of the your corresponding OAuth client.

  3. Now you should be able to login into REANA-UI. You will be redirected to the CERN SSO page to enter your credentials and then back to REANA-UI site.

GitLab integration

Note that CERN does not offer gitlab-test.cern.ch anymore, but the following instructions can be applied to other instances of GitLab.

To setup the GitLab integration locally you need to follow these steps:

  1. Create an application on gitlab-test.cern.ch, to do that go to Settings > Applications:

  • Name: Application name, e.g. reana-jonhdoe.

  • Redirect URI: Your hostname followed by /api/gitlab e.g. https://reana-johndoe.cern.ch/api/gitlab

    Select api scope and Save application.

  1. Configure GitLab-related environment variables. You can do this directly on the reanahub/reana's helm/reana-dev/values.yaml:

    + reana_hostname: <hostname> # e.g. "reana-johndoe.cern.ch"
debug:
  enabled: false
ui:
  enabled: false
...
secrets:
  ...
  gitlab:
-    REANA_GITLAB_OAUTH_APP_ID: <CHANGEME>
+    REANA_GITLAB_OAUTH_APP_ID: <real_gitlab_oauth_app_id>
-    REANA_GITLAB_OAUTH_APP_SECRET: <CHANGEME>
+    REANA_GITLAB_OAUTH_APP_SECRET: <real_gitlab_oauth_app_secret>
-    REANA_GITLAB_HOST: <CHANGEME>
+    REANA_GITLAB_HOST: gitlab-test.cern.ch
...
    • REANA_GITLAB_OAUTH_APP_ID: ID generated when the application is created. It can be consulted on the GitLab application page.
    • REANA_GITLAB_OAUTH_APP_SECRET: Secret generated when the application is created. It can be consulted on the GitLab application page.
    • REANA_GITLAB_HOST: GitLab instance URL, e.g. gitlab-test.cern.ch

  2. Rebuild the image and deploy:

$ reana-dev cluster-build --mode debug
$ reana-dev cluster-deploy --mode debug
$ eval $(reana-dev client-setup-environment --server-hostname https://reana-johndoe.cern.ch:30443)
  1. Run REANA-UI, log in and go to the projects page. Click on Connect with GitLab and you will be redirected to a page like this one:

Take into account that you should access your REANA-UI site with your hostname instead of http://localhost:3000, e.g. http://reana-johndoe.cern.ch:3000. Otherwise the SSO and GitLab integrations won't work as expected.

  1. Authorize the GitLab application and you will be able to see all your GitLab projects. Select any of them and click on Connect project. A webhook will be created for this repository so whenever you push some changes to it, as long as it is REANA-compatible and it has a reana.yaml file, a workflow will be started updating the commit status.

REANA reproducible analysis platform
blog.reana.io | docs.reana.io | forum.reana.io | www.reana.io | @gitter | @mattermost | @twitter

Introduction

Getting started

Issue lifecycle

Understanding code base

Technology tips and tricks

Clone this wiki locally