使用场景
为了进行规范化配置管理工作,基于gitlab
规范分支管理流程,经常需要新建分支、设置保护分支和操作分支封板等,若只有几个工程则直接在gitlab
web界面上操作即可,一旦工程数量增多,则会消耗大量时间,故考虑可通过gitlab
提供的web api
编写脚本进行自动化操作
Api指南
此处摘要部分官网API
文档指南,所有api
操作都需要在gitlab
上申请访问令牌,该令牌应当至少包含api访问权限
获取工程列表
支持多种参数过滤,非必传
Get a list of all visible projects across GitLab for the authenticated user. When accessed without authentication, only public projects with “simple” fields are returned.
GET /projects
Attribute Type Required Description archived
boolean no Limit by archived status visibility
string no Limit by visibility public
,internal
, orprivate
order_by
string no Return projects ordered by id
,name
,path
,created_at
,updated_at
, orlast_activity_at
fields. Default iscreated_at
sort
string no Return projects sorted in asc
ordesc
order. Default isdesc
search
string no Return list of projects matching the search criteria simple
boolean no Return only limited fields for each project. This is a no-op without authentication as then only simple fields are returned. owned
boolean no Limit by projects explicitly owned by the current user membership
boolean no Limit by projects that the current user is a member of starred
boolean no Limit by projects starred by the current user statistics
boolean no Include project statistics with_custom_attributes
boolean no Include custom attributes in response (admins only) with_issues_enabled
boolean no Limit by enabled issues feature with_merge_requests_enabled
boolean no Limit by enabled merge requests feature with_programming_language
string no Limit by projects which use the given programming language wiki_checksum_failed
boolean no Limit projects where the wiki checksum calculation has failed (Introduced in GitLab Premium 11.2) repository_checksum_failed
boolean no Limit projects where the repository checksum calculation has failed (Introduced in GitLab Premium 11.2) min_access_level
integer no Limit by current user minimal access level
分支操作
创建分支
需要传递仓库ID、源分支名、新分支名称
Create a new branch in the repository.
POST /projects/:id/repository/branches
Parameters:
Attribute Type Required Description id
integer yes ID or URL-encoded path of the project owned by the authenticated user. branch
string yes Name of the branch. ref
string yes Branch name or commit SHA to create branch from. Example request:
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/repository/branches?branch=newbranch&ref=master
保护分支
分支保护等级说明
Valid access levels
The access levels are defined in the
ProtectedRefAccess.allowed_access_levels
method. Currently, these levels are recognized:0 => No access 30 => Developer access 40 => Maintainer access 60 => Admin access
需要传递分支名称、访问级别等信息
Protects a single repository branch or several project repository branches using a wildcard protected branch.
POST /projects/:id/protected_branches curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" 'https://gitlab.example.com/api/v4/projects/5/protected_branches?name=*-stable&push_access_level=30&merge_access_level=30&unprotect_access_level=40'
Attribute Type Required Description id
integer/string yes The ID or URL-encoded path of the project owned by the authenticated user name
string yes The name of the branch or wildcard push_access_level
string no Access levels allowed to push (defaults: 40
, maintainer access level)merge_access_level
string no Access levels allowed to merge (defaults: 40
, maintainer access level)unprotect_access_level
string no Access levels allowed to unprotect (defaults: 40
, maintainer access level)allowed_to_push
array no Array of access levels allowed to push, with each described by a hash allowed_to_merge
array no Array of access levels allowed to merge, with each described by a hash allowed_to_unprotect
array no Array of access levels allowed to unprotect, with each described by a hash code_owner_approval_required
boolean no Prevent pushes to this branch if it matches an item in the CODEOWNERS
file. (defaults: false)
取消保护分支
需要传递仓库ID、分支名称
Unprotects the given protected branch or wildcard protected branch.
DELETE /projects/:id/protected_branches/:name curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" 'https://gitlab.example.com/api/v4/projects/5/protected_branches/*-stable'
Attribute Type Required Description id
integer/string yes The ID or URL-encoded path of the project owned by the authenticated user name
string yes The name of the branch
删除分支
需要传递仓库ID和分支名称
Delete a branch from the repository.
Note: In the case of an error, an explanation message is provided.
DELETE /projects/:id/repository/branches/:branch
Parameters:
Attribute Type Required Description id
integer/string yes ID or URL-encoded path of the project owned by the authenticated user. branch
string yes Name of the branch. Example request:
curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/repository/branches/newbranch
接口测试
使用postman对接口进行测试
获取工程列表
通过该接口可以查询所有工程的ID,注意,该接口默认使用了分页
脚本编写
批量创建分支
定义工程ID数组,对数组进行遍历,并设置基础分支变量,方便调整,此处默认写死基础分支,有需要也可以通过变量传递
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
base_branch="BasicBranch"
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
curl --request POST --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/repository/branches?branch=$branch_name&ref=$base_branch"
done
批量保护分支
此处写死了分支访问级别,可参照上文的参数进行配置
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
# 访问权限均为 Maintainer access
curl --request POST --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/protected_branches?name=$branch_name&push_access_level=40&merge_access_level=40&unprotect_access_level=40"
done
批量取消保护分支
调用对应的删除接口即可
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
# 访问权限均为 Maintainer access
curl --request DELETE --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/protected_branches/$branch_name"
done
批量分支封板
分支封板即设置访问级别为no one
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
# 分支封板
curl --request POST --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/protected_branches?name=$branch_name&push_access_level=0&merge_access_level=0&unprotect_access_level=40"
done
批量删除分支
删除分支属于危险操作,操作需谨慎,因为不管是否为保护分支,都可以直接删除,而且通过api操作不会弹出确认操作
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
echo "删除项目ID:$id 的 $branch_name 分支"
curl --request DELETE --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/repository/branches/$branch_name"
done