使用场景
为了进行规范化配置管理工作,基于gitlab规范分支管理流程,经常需要新建分支、设置保护分支和操作分支封板等,若只有几个工程则直接在gitlab web界面上操作即可,一旦工程数量增多,则会消耗大量时间,故考虑可通过gitlab 提供的web api编写脚本进行自动化操作
Api指南
此处摘要部分官网API文档指南,所有api操作都需要在gitlab上申请访问令牌,该令牌应当至少包含api访问权限
获取工程列表
支持多种参数过滤,非必传
Get a list of all visible projects across GitLab for the authenticated user. When accessed without authentication, only public projects with “simple” fields are returned.
GET /projects
Attribute Type Required Description archivedboolean no Limit by archived status visibilitystring no Limit by visibility public,internal, orprivateorder_bystring no Return projects ordered by id,name,path,created_at,updated_at, orlast_activity_atfields. Default iscreated_atsortstring no Return projects sorted in ascordescorder. Default isdescsearchstring no Return list of projects matching the search criteria simpleboolean no Return only limited fields for each project. This is a no-op without authentication as then only simple fields are returned. ownedboolean no Limit by projects explicitly owned by the current user membershipboolean no Limit by projects that the current user is a member of starredboolean no Limit by projects starred by the current user statisticsboolean no Include project statistics with_custom_attributesboolean no Include custom attributes in response (admins only) with_issues_enabledboolean no Limit by enabled issues feature with_merge_requests_enabledboolean no Limit by enabled merge requests feature with_programming_languagestring no Limit by projects which use the given programming language wiki_checksum_failedboolean no Limit projects where the wiki checksum calculation has failed (Introduced in GitLab Premium 11.2) repository_checksum_failedboolean no Limit projects where the repository checksum calculation has failed (Introduced in GitLab Premium 11.2) min_access_levelinteger no Limit by current user minimal access level
分支操作
创建分支
需要传递仓库ID、源分支名、新分支名称
Create a new branch in the repository.
POST /projects/:id/repository/branchesParameters:
Attribute Type Required Description idinteger yes ID or URL-encoded path of the project owned by the authenticated user. branchstring yes Name of the branch. refstring yes Branch name or commit SHA to create branch from. Example request:
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/repository/branches?branch=newbranch&ref=master
保护分支
分支保护等级说明
Valid access levels
The access levels are defined in the
ProtectedRefAccess.allowed_access_levelsmethod. Currently, these levels are recognized:0 => No access 30 => Developer access 40 => Maintainer access 60 => Admin access
需要传递分支名称、访问级别等信息
Protects a single repository branch or several project repository branches using a wildcard protected branch.
POST /projects/:id/protected_branches curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" 'https://gitlab.example.com/api/v4/projects/5/protected_branches?name=*-stable&push_access_level=30&merge_access_level=30&unprotect_access_level=40'
Attribute Type Required Description idinteger/string yes The ID or URL-encoded path of the project owned by the authenticated user namestring yes The name of the branch or wildcard push_access_levelstring no Access levels allowed to push (defaults: 40, maintainer access level)merge_access_levelstring no Access levels allowed to merge (defaults: 40, maintainer access level)unprotect_access_levelstring no Access levels allowed to unprotect (defaults: 40, maintainer access level)allowed_to_pusharray no Array of access levels allowed to push, with each described by a hash allowed_to_mergearray no Array of access levels allowed to merge, with each described by a hash allowed_to_unprotectarray no Array of access levels allowed to unprotect, with each described by a hash code_owner_approval_requiredboolean no Prevent pushes to this branch if it matches an item in the CODEOWNERSfile. (defaults: false)
取消保护分支
需要传递仓库ID、分支名称
Unprotects the given protected branch or wildcard protected branch.
DELETE /projects/:id/protected_branches/:name curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" 'https://gitlab.example.com/api/v4/projects/5/protected_branches/*-stable'
Attribute Type Required Description idinteger/string yes The ID or URL-encoded path of the project owned by the authenticated user namestring yes The name of the branch
删除分支
需要传递仓库ID和分支名称
Delete a branch from the repository.
Note: In the case of an error, an explanation message is provided.
DELETE /projects/:id/repository/branches/:branchParameters:
Attribute Type Required Description idinteger/string yes ID or URL-encoded path of the project owned by the authenticated user. branchstring yes Name of the branch. Example request:
curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/5/repository/branches/newbranch
接口测试
使用postman对接口进行测试
获取工程列表
通过该接口可以查询所有工程的ID,注意,该接口默认使用了分页
脚本编写
批量创建分支
定义工程ID数组,对数组进行遍历,并设置基础分支变量,方便调整,此处默认写死基础分支,有需要也可以通过变量传递
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
base_branch="BasicBranch"
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
curl --request POST --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/repository/branches?branch=$branch_name&ref=$base_branch"
done批量保护分支
此处写死了分支访问级别,可参照上文的参数进行配置
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
# 访问权限均为 Maintainer access
curl --request POST --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/protected_branches?name=$branch_name&push_access_level=40&merge_access_level=40&unprotect_access_level=40"
done批量取消保护分支
调用对应的删除接口即可
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
# 访问权限均为 Maintainer access
curl --request DELETE --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/protected_branches/$branch_name"
done批量分支封板
分支封板即设置访问级别为no one
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
# 分支封板
curl --request POST --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/protected_branches?name=$branch_name&push_access_level=0&merge_access_level=0&unprotect_access_level=40"
done批量删除分支
删除分支属于危险操作,操作需谨慎,因为不管是否为保护分支,都可以直接删除,而且通过api操作不会弹出确认操作
#!/usr/bin/env bash
# 访问令牌
PRIVATE_TOKEN="XXXX"
# 分支名称
branch_name=$1
# 项目ID
projectids=(47 48 50 51 52 54 55 56 58 59 60 62 63 64 65 67 68 69 70 71 74 75 89 90 91 92 93 95 103 104 113 114 115 143)
for id in "${projectids[@]}" ; do
echo "删除项目ID:$id 的 $branch_name 分支"
curl --request DELETE --header "PRIVATE-TOKEN: $PRIVATE_TOKEN" "http://10.139.6.26:7077/api/v4/projects/$id/repository/branches/$branch_name"
done