自动将部分git repo推送到Google Cloud Bucket [英] Automating pushing parts of a git repo to google cloud bucket
问题描述
在进行此设置时,我的想法是我要处理我的存储库,并将其私有存储在Gitlab中.然后,我将创建一个.gitlab-ci.yml文件,该文件在每次推送时都会触发对Google Source Repo的推送,从而触发更新项目存储区的操作.
In setting this up, my thinking was that I'd work on my repo and have it privately stored with Gitlab. I'd then create a .gitlab-ci.yml file which on every push it would trigger a push to a Google Source Repo which triggers actions to update the project's bucket.
I went through the Generating Static Credentials guide which seems to link to a very antiquated page to which instructs you to create a .gitcookies file which will store your static credentials. I don't understand what it's giving me or how I can put those as a secret into Gitlab to use to trigger a push to a remote git repo.
这种方法似乎更为简单,因为我不必创建凭据,因为GCR中的所有内容都可以适当地访问该gcloud项目,但是我可能在这里完全不了解.但是,从另一方面来说,从文档看来,我完全不可能创建要存储在Gitlab中的静态凭证,然后将其同步到gcloud存储桶.
This approach seems simpler given I didn't have to create credentials since everything in the GCR has appropriate access to that gcloud project but I may be totally off base here. But on the flip side, creating static credentials that I'd store in Gitlab which could then sync to the gcloud storage bucket didn't seem entirely possible to me from the documentation.
- 我想做的是可能的吗?
- 仅创建自定义的仅推送凭证并让Gitlab运行程序处理存储桶同步实际上是否更容易?
谢谢!
推荐答案
如果您可以访问自己的GitLab服务器,则可以确保git使用了凭据帮助程序,该帮助程序会将凭据缓存在服务器端. br> 或在GitLab构建代理机器上进行相同的操作.
If you have access to your own GitLab server, you could instead make sure git is using a credential helper, which will cache your credentials on the server side.
Or make the same operation on the GitLab build agent machine.
在Linux或MacOS X上):
on Linux or MacOS X):
git config credential.helper gcloud.sh
或在Windows上:
Or on Windows:
git config credential.helper gcloud.cmd
如果没有(意味着gitlab.com,没有对GitLab服务器/代理的控制/访问权限),则需要包含一个脚本,该脚本将在您的回购源(已加密)中生成该gitcookie文件.
例如,请参见 mholt/caddy/dist/gitcookie.sh.enc ,由
If not (meaning gitlab.com, no control/access to GitLab server/agent), you would need to include a script that will generate that gitcookie file in the sources of your repo, encrypted.
See for instance mholt/caddy/dist/gitcookie.sh.enc, which is used by mholt/caddy/.travis.yml#L17 in TravisCI (but can be adapted to GitLab CI)
#Decrypts a script that installs an authenticated cookie
# for git to use when cloning from googlesource.com.
# Bypasses "bandwidth limit exceeded" errors.
# See github.com/golang/go/issues/12933
- if [ "$TRAVIS_PULL_REQUEST" = "false" ];
then openssl aes-256-cbc -K $encrypted_3df18f9af81d_key \
-iv $encrypted_3df18f9af81d_iv \
-in dist/gitcookie.sh.enc -out dist/gitcookie.sh -d; fi
$encrypted_3df18f9af81d_key和$encrypted_3df18f9af81d_iv将在运行时传递给构建.
这是因为 TravisCI支持传递加密变量.
同样, GitLab-CI提供受保护的变量.
The $encrypted_3df18f9af81d_key and $encrypted_3df18f9af81d_iv would be passed to the build at runtime.
That is because TravisCI supports passing encrypted variables.
Similarly, GitLab-CI offers protected variables.
gitcookie.sh的示例:
#!/bin/sh
touch ~/.gitcookies
chmod 0600 ~/.gitcookies
git config --global http.cookiefile ~/.gitcookies
tr , \\t <<\__END__ >>~/.gitcookies
go.googlesource.com,FALSE,/,TRUE,1234...(customid),o,git-shenli.pingcap.com=1/afgrd....(secret)
go-review.googlesource.com,FALSE,/,TRUE,1234...(customid),o,git-shenli.pingcap.com=1/afgrd....(secret)
__END__
这篇关于自动将部分git repo推送到Google Cloud Bucket的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
