getting started with gitlab

Posted on December 1, 2018 by Jeanne Boyarsky

CodeRanch is talking about moving to Git for our source code. Some of the moderators expressed a preference for GitLab. I’ve used GitHub, but not GitLab so decided to try it out with one of my personal projects. Looking at it, GitLab has built in CI so I want to see if i can switch to that and get off Jenkins for my pet project.

Signing up for GitLab

You can register with a new account for GitLab or use your credentials for other services including Google, Twitter, GitHub and BitBucket. It feels weird to me to sign in for a version control system with the credentials for another version control system so I created a new account.

While signing up, it automatically imported my gravatar. I had an old picture on there so fixed that. I then added some basic information to my GitLab profile

I set up an SSH key to make it easy to commit from my home computer:

Settings
SSH Keys
Paste in key

I also set up two factor:

Settings
Account
The very first option is “Enable two factor authentication”
It uses Google Authenticator which is my first choice of two factor. They also supply backup codes.

Migrating a repository from GitHub

GitLab has a page about migrating from GitHub. The most important pre-requisite is to make sure each committer to the GitHub project has an account on GitLab. Conveniently, I am the only person who has ever committed to this project!

I then migrated in:

Create a personal access token on GitHub just for this migration
Click “Create a project”
Choose “Import a project” tab
Enter personal access token for github and choose “List your repositories”. Note that this lists both your personal repositories and all of these for GitHub organizations you have access to
Click “Import” on the row next to the repository to migrate. (There’s also an “Import all” on top. I’m not looking to migrate all my repositories though!). Nothing appeared to happen for a minute. I must have missed a status warning. But then the page refreshed and had a “done” checkbox.
Delete the personal access token from GitHub. I don’t like to leave extra access laying around enabled

I confirmed the same number of commits (including the latest), branches and tags are all there.

Jenkins integration

I’ve been running this job on Jenkins each night to check for changes. Since this is a public repository, accessing it for polling is easy and worked on the first shot. While I’d like to switch to GitLab CI, I’m going with incremental progress. GitLab has a good page on interacting with Jenkins.

I temporarily made this a private project to re-test. I confirmed that I could commit and that Jenkins failed to pull. Then I tried to set up Jenkins to be able to interact with project.

When using my own account, I can set up a token with read access to all my projects, but not a specific one. I think I’d have to create an extra account on GitLab for Jenkins if I wanted it to have only access to specific projects. Since this is just an experiment, I’ll use my own token for now.

Failing with the GitLab plugin

Installed the GitLab plugin on Jenkins
In GitLab, went to Settings > Access Tokens
Created a token with read_repository permissions
In Jenkins, manage > Configure System
Add a GitLab Connection. I like that it uses Jenkins Credentials for securing the token
Click “Test Connection”
Using https://gitlab.com/boyarsky gives Client error: HTTP 401 Unauthorized
Using https://gitlab.com/ gives Client error: HTTP 403 Forbidden

I noticed that the Jenkins GitLab plugin is not well supported. The primary committer wrote that he doesn’t use GitLab daily anymore and this affects his time spent on this project.

At this point, I gave up and just set up polling. I created a credential with the username boyarsky and the password as my personal access token. (That I set up while attempting to get GitLab working.) This worked on the first shot.

Now time to start looking at GitLab Ci…

using spring RestTemplate and 2 factor authenication to add issues to github

Posted on April 20, 2014 by Jeanne Boyarsky

Last month, I figured out how to use Spring’s RestTemplate to add issues to github programmatically figuring it would save me time in the future. Well, the future is here. I needed to add 16 issues (one per milestone.) I run my program and get a 401. In particular, I got

Apr 20, 2014 6:42:18 PM org.springframework.web.client.RestTemplate handleResponseError

WARNING: GET request for "https://api.github.com/repos/boyarsky/repoName/issues" resulted in 401 (Unauthorized); invoking error handler

Exception in thread "main" org.springframework.web.client.HttpClientErrorException: 401 Unauthorized

at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:91)

at org.springframework.web.client.RestTemplate.handleResponseError(RestTemplate.java:588)

at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:546)

at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:502)

at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:444)

at jb.Trial2.main(Trial2.java:29)

Right. I’ve changed my password AND enabled two factor authentication on github in the past month. Luckily, it was easy to switch my program to two factor. Here’s what I did.

Create personal use token

I created a second personal use token just like I did for for my git commmand line use by going to the applications page and clicking “generate new token”. I chose to create a separate token so I could revoke access as soon as I’m done running the web service.

Testing the token

Per the getting started with oauth doc, I ran a command line to test the token:

curl -i -H 'Authorization: token notMy40CharToken' \

https://api.github.com/user

Wrote another trial program

I adapted my second trial program from the initial iterations to test out two factor.

package jb;

import org.springframework.http.*;
import org.springframework.web.client.*;

/**
 * Call a web service that uses authenticated user to test passing credentials
 *
 * @author jeanne
 *
 */
public class Trial3 {

	public static void main(String[] args) {
		String url = "https://api.github.com/repos/boyarsky/oca-ocp-book/issues";

		HttpHeaders headers = new HttpHeaders();

		String personalToken = "notMy40CharToken";
		headers.add("Authorization", "token " + personalToken);

		// ignore result because just testing connectivity
		HttpEntity<String> request = new HttpEntity<String>(headers);
		RestTemplate template = new RestTemplate();
		template.exchange(url, HttpMethod.GET, request, Object[].class);
		System.out.println("success");
	}

}

I then replaced the authentication part of my real program and it worked like a charm. Even with the changes to the program, it was faster than creating 16 issues by hand with the proper text/assignee/milestone.

Delete the personal token

I deleted the token to ensure it never gets used again. I don’t want to run the program by accident with my credentials. Or accidentally post the token here.

github and two factor authentication

Posted on April 12, 2014 by Jeanne Boyarsky

Two years ago, I set up two factor authentication for my gmail account. Last year, github announced the ability of two factor. I hadn’t noticed at the time. Today, I logged on to change my password since github was in the list of applications affected by Heartbleed and saw the option.

How it works

Github gives you a choice of second factor

Google Authenticator mobile application (I already had the iPad app installed for gmail so this was convenient)
text to mobile phone (I have this set a secondary)
written down one time use passwords (kept as tertiary)

Linking the mobile app to github

Open the mobile app
Click “edit” pencil
Click “+” to add an account.
On your computer, go to your github account settings and click to enable two factory. You will be given a QR code to scan which automatically links the two. There is also the option of typing in a long text code.

That’s it. Now Google Authenticator generates two numeric codes. One for gmail and one for github.

Actually using two factor

Unlike gmail, you probably don’t usually sign on two github using the browser. Let’s look at three ways of signing in.

Through the browser

I immediately logged out in the browser.
Enter my password to sign back in
Enter my two factor code

Through the github Mac app

Github > Github preferences
Click sign out
Enter my username/password to sign back in
Enter my two factor code

Through the command line

On the account settings page, create a new personal token
Leave the default privileges checked. (It’s great there is this much control)
```
git credential-osxkeychain erase
```
git pull (or any other operation that requires a network call to github)
Enter your user id
Enter your new generated token (not your password)

Current apps

As you might expect, the account settings page shows which apps have access. I saw “GitHub for Mac” and “GitHub for Windows” on there. My first thought was “I don’t use Windows.” Then I remembered that I use git to communicate between my Mac and Windows VM.

Github references

Web service

I also had to update my web service code to call the two factor version.

Action items

If you haven’t already, please change your passwords for sites in this list or enabling two factor will protect you in the future. Also change your passwords for any sites which use the same password as one of those in the list.

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky

Java/J2EE Software Development and Technology Discussion Blog

Tag Archives: github

getting started with gitlab

Signing up for GitLab

Migrating a repository from GitHub

Jenkins integration

Failing with the GitLab plugin

using spring RestTemplate and 2 factor authenication to add issues to github

Signing up for GitLab

Migrating a repository from GitHub

Jenkins integration

Failing with the GitLab plugin

Share this:

Share this:

Share this: