scripts-gitlab
- TAGS: Script
创建用户
cat <<\EOF> gitlab_adduser.sh #!/bin/bash # https://docs.gitlab.com/ee/api/users.html#create-a-user set -eu git_url=https://kubegitlab.cici.com access_token=glpat-X87Lxxxxxxx read -p "Please input new username: " newuser read -p "email: " email #newuser=j.xu #[email protected] default_password=Rc1208_@2024 curl -s -X POST "${git_url}/api/v4/users" \ -H "PRIVATE-TOKEN: ${access_token}" \ -H "Content-Type: application/json" \ -d '{"username": "'"$newuser"'", "name": "'"$newuser"'", "email": "'"$email"'", "password": "'"${default_password}"'", "skip_confirmation": true}' >/dev/null [ $? -eq 0 ] && echo -e "\n\nSuccessfully created user.\nPlease login ${git_url} \nusername: $newuser \ndefault_password: ${default_password}" ||:
效果
]$ gitlab_adduser.sh Please input new username: adsf email: [email protected] Successfully created user. Please login https://kubegitlab.cicicom username: adsf default_password: Rc1208_@2024
git-分组下项目迁移
# 创建用户组、添加上传账号并关联sshkey # 获取待克隆组项目 pricateToken=mCS1kfv9VQ6SeY2f9Fzk ## 找到分组信息 # ?per_page=3&page=2 将输出限制为每页3个条目(每页 = 3) ,并请求第二页(每页 = 2) curl -H "PRIVATE-TOKEN: mCS1kfv9VQ6SeY2f9Fzk" http://git.cici.com/api/v4/groups #"id":156,ttp://git.cici.com/groups/english-new #"id":262 http://git.cici.com/groups/english-new-abroad #idList["e"]=156 #idList["a"]=262 >repo.txt curl -H "PRIVATE-TOKEN: $pricateToken" 'http://git.cici.com/api/v4/groups/156/projects?visibility=internal&per_page=3000' |jq .[].ssh_url_to_repo >>repo.txt curl -H "PRIVATE-TOKEN: $pricateToken" 'http://git.cici.com/api/v4/groups/156/projects?visibility=private&per_page=3000' |jq .[].ssh_url_to_repo >>repo.txt # 下载 克隆一个完整的项目到本地(包含所有分支及tag) cat repo.txt | sed 's@^@git clone --mirror @g'|bash # 迁移到新项目 for p in *.git;do cd ~/xuchangwei/gitdir/${p}; pwd # 远程创建项目 curl -k --request POST --header "PRIVATE-TOKEN:mCS1kfv9VQ6SeY2f9Fzk" --data "name=${p%.git}&namespace_id=262" http://git.cici.com/api/v4/projects # 修改关联项目 git remote set-url origin [email protected]:english-new-abroad/$p git remote -v git push --mirror done cd ..
扫描中文字符
在 jenkins pipline 中添加脚本
...
dir("${code_path}") {
script {
if(service_name == "xx-website") {
echo "该服务不加质量检测."
} else {
sh 'bash /data/ci/devops_scripts/gitlab/git_check.sh rummy ${service_name}'
}
...
需要:
钉钉通知:send_msg.py
检测逻辑:git_check.sh
检测逻辑:git_check.sh
#!/bin/env bash # app_name=$1 # application name service_name=$2 BUILD_URL=$(echo ${BUILD_URL} | sed 's@jenkins/@@g') function git_last() { git_log=`git log --name-status -p -1` w_file=() if echo "$git_log" |grep 'Merge:'; then git_commit=`echo "$git_log" |grep 'Merge:'|awk '{print $2,$3}'` else git_commit=`echo "$git_log" |grep 'commit '|awk '{print $2}'` fi for ci in $(echo "$git_commit");do echo "CommitID: $ci" git_file=$(git log --name-only -1 $ci|grep -vE "^$|Author:|Date:|Merge:|[[:space:]]"|sort|uniq) for f in $(echo "$git_file"); do #echo "git log -p -1 $ci -- $f|grep '^+' | rg '[\x{4e00}-\x{9f5a}]'" if git log -p -1 $ci -- $f|grep '^+' | rg '[\x{4e00}-\x{9f5a}]' ;then #echo $f w_file+=("$f") fi done warn_file=$(echo "${w_file[*]}"|tr ' ' '\n'|sort |uniq) notify done } function git_time_check() { git_file=$(git log --after="$(date +%F -d '30days ago')" --name-only|grep -vE "^$|Author:|Date:|Merge:|[[:space:]]"|sort|uniq) warn_file=$(rg '[\x{4e00}-\x{9f5a}]' -l $git_file 2>/dev/null) notify } function notify() { if [ -n "$warn_file" ]; then echo -e "\033[31mWarning\033[0m: Found Chinese character files, please repair: " echo "$warn_file" echo python3 /data/ci/devops_scripts/gitlab/send_msg.py $app_name $service_name "$warn_file" "${BUILD_URL}" #python3 /data/ci/devops_scripts/gitlab/send_msg.py jasper $service_name "$warn_file" exit 11 else echo "Chinese character detection: Passed" fi } function get_file() { echo "Chinese character detection..." #git_time_check git_last } get_file
钉钉通知:send_msg.py
# python 3.8 import sys import time import hmac import hashlib import base64 import urllib.parse import requests # secret token app_secret_map = { "rummy": ["Sertes", "tokenxxxx"], "jasper": ["SE", ""] } def sign_cal(app_name): timestamp = str(round(time.time() * 1000)) secret = app_secret_map.get(app_name)[0] secret_enc = secret.encode('utf-8') string_to_sign = '{}\n{}'.format(timestamp, secret) string_to_sign_enc = string_to_sign.encode('utf-8') hmac_code = hmac.new(secret_enc, string_to_sign_enc, digestmod=hashlib.sha256).digest() sign = urllib.parse.quote_plus(base64.b64encode(hmac_code)) return timestamp, sign # timestamp = str(round(time.time() * 1000)) # secret = 'SECxxxx' # secret_enc = secret.encode('utf-8') # string_to_sign = '{}\n{}'.format(timestamp, secret) # string_to_sign_enc = string_to_sign.encode('utf-8') # hmac_code = hmac.new(secret_enc, string_to_sign_enc, digestmod=hashlib.sha256).digest() # sign = urllib.parse.quote_plus(base64.b64encode(hmac_code)) # print(timestamp) # print(sign) def send_msg(app_name, service_name, git_files, build_url): timestamp, sign = sign_cal(app_name) ding_token = app_secret_map.get(app_name)[1] url = f"https://oapi.dingtalk.com/robot/send?access_token={ding_token}×tamp={timestamp}&sign={sign}" # data = {"msgtype": "text", # "text": {"content": "platformxx"} # }890 time_now = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())).strip() data = { "msgtype": "markdown", "markdown": { "title": f"{service_name}", "text": f"#### {service_name}服务发布终止, 中文检测未通过. \n > " f"time: {time_now} \n > \n详情: {build_url} \n {git_files} \n" }, "at": { "atMobiles": [ "150XXXXXXXX" ], "atUserIds": [ "user123" ], "isAtAll": False } } r = requests.post(url, json=data, ) # print(r.json(), type(r.json())) if __name__ == '__main__': app_name = sys.argv[1] # application name service_name = sys.argv[2] git_files = sys.argv[3] build_url = sys.argv[4] send_msg(app_name, service_name, git_files, build_url)
git 勾子
Git钩子是在Git命令执行时自动调用的脚本程序。GitLab支持多种Git钩子,其中pre-commit钩子可以用于检查提交之前的代码更改,并在必要时拒绝提交。
以下是一个使用pre-commit钩子来检查本地代码中是否包含中文字符的示例:
- 在本地Git存储库中创建pre-commit钩子文件,并给执行权限:
vim .git/hooks/pre-commit #!/bin/bash echo "Checking for Chinese characters in files..." if git diff --cached --diff-filter=AM HEAD |grep '^+'|grep -P "[\x{4e00}-\x{9fa5}]"; then echo "Error: There are files containing Chinese characters. Please remove them and try again." exit 1 fi chmod +x .git/hooks/pre-commit
全局服务器勾子: https://docs.gitlab.cn/jh/administration/server_hooks.html