Gerrit是一款开源免费的基于 web 的代码审查工具，是基于 Git 的版本控制系统。在代码入库之前对开发人员的提交进行审阅，检视通过的代码才能提交入库。本文记录如何安装部署gerrit平台。

Gerrit简介

Gerrit代码审查工具也是一个Git服务器，使用Git作为底层版本控制系统，当前的版本使用Java开发。

一个典型的Git项目包含一个远程中央仓库，

https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.2/intro-how-gerrit-works.html

Gerrit在Git中央仓库基础上引入了一个额外的概念:存储修改的暂存区，

https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.2/intro-how-gerrit-works.html

push的代码更改会被存储到暂存区（Pending changes），其他人评审通过后就可以将更改提交到代码库 (Authoritative Repository)。

下面介绍如何安装部署gerrit。

环境准备

本文介绍Linux中gerrit的安装配置方法，Windows安装可参考官方文档：https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.2/install.html

1. 安装Java

Linux服务器需要先安装好Java环境

1 2	$ sudo apt-get update $ sudo apt install openjdk-11-jdk

检查：

$ java -version
openjdk version "11.0.19" 2023-04-18
OpenJDK Runtime Environment (build 11.0.19+7-post-Ubuntu-0ubuntu122.04.1)
OpenJDK 64-Bit Server VM (build 11.0.19+7-post-Ubuntu-0ubuntu122.04.1, mixed mode, sharing)

2. 安装Git

安装git

1
2
3

$ sudo apt install git
$ git --version
git version 2.34.1

3. 安装Apache

安装Apache用于http认证

$ sudo apt install apache2
$ service apache2 start
* Starting Apache httpd web server apache2                                                     $ service apache2 status
 * apache2 is running

4. 设置防火墙

1 2	sudo ufw allow 'Apache Full' sudo ufw allow http

Gerrit安装配置

1. 下载

gerrit各版本下载地址：https://www.gerritcodereview.com/releases-readme.html

war包下载完成后把它发送到Linux服务器，如果服务器可以联网，也可以直接执行以下命令下载：

1	$ wget https://gerrit-releases.storage.googleapis.com/gerrit-3.7.2.war –no-check-certificate

2. 安装

执行以下命令安装Gerrit：

$ cd ~/gerrit
$ export GERRIT_SITE=~/gerrit/gerrit_testsite
$ java -jar gerrit*.war init -d $GERRIT_SITE
Using secure store: com.google.gerrit.server.securestore.DefaultSecureStore
[2023-06-26 16:23:02,100] [main] INFO  com.google.gerrit.server.config.GerritServerConfigProvider : No /root/gerrit/gerrit_testsite/etc/gerrit.config; assuming defaults

*** Gerrit Code Review 3.7.2
***

Create '/root/gerrit/gerrit_testsite' [Y/n]?

*** Git Repositories
***

Location of Git repositories   [git]: /root/gerrit/gitrepo

*** JGit Configuration
***

Auto-configured "receive.autogc = false" to disable auto-gc after git-receive-pack.

*** Index
***

Type                           [lucene]:

*** User Authentication
***

Authentication method          [openid/?]: HTTP
Get username from custom HTTP header [y/N]? n
SSO logout URL                 :
Enable signed push support     [y/N]? y
Use case insensitive usernames [Y/n]?

*** Review Labels
***

Install Verified label         [y/N]?

*** Email Delivery
***

SMTP server hostname           [localhost]: smtp.163.com
SMTP server port               [(default)]:
SMTP encryption                [none/?]:
SMTP username                  [root]: XXXXXXXXXX@163.com
zhiyo2016@163.com's password   :
              confirm password :
error: Passwords did not match; try again
zhiyo2016@163.com's password   :
              confirm password :
error: Passwords did not match; try again
zhiyo2016@163.com's password   :
              confirm password :

*** Container Process
***

Run as                         [root]:
Java runtime                   [/usr/lib/jvm/java-11-openjdk-amd64]:
Copy gerrit-3.7.2.war to /root/gerrit/gerrit_testsite/bin/gerrit.war [Y/n]?
Copying gerrit-3.7.2.war to /root/gerrit/gerrit_testsite/bin/gerrit.war

*** SSH Daemon
***

Listen on address              [*]:
Listen on port                 [29418]:
Generating SSH host key ... rsa... ed25519... ecdsa 256... ecdsa 384... ecdsa 521... done

*** HTTP Daemon
***

Behind reverse proxy           [y/N]? Y
Proxy uses SSL (https://)      [y/N]? n
Subdirectory on proxy server   [/]:
Listen on address              [*]:
Listen on port                 [8081]:
Canonical URL                  [http://haiyong./]:

*** Cache
***


*** Plugins
***

Installing plugins.
Install plugin codemirror-editor version v3.7.2 [y/N]? y
Installed codemirror-editor v3.7.2
Install plugin commit-message-length-validator version v3.7.2 [y/N]? y
Installed commit-message-length-validator v3.7.2
Install plugin delete-project version v3.7.2 [y/N]? y
Installed delete-project v3.7.2
Install plugin download-commands version v3.7.2 [y/N]? y
Installed download-commands v3.7.2
Install plugin gitiles version v3.7.2 [y/N]? y
Installed gitiles v3.7.2
Install plugin hooks version v3.7.2 [y/N]? y
Installed hooks v3.7.2
Install plugin plugin-manager version v3.7.2 [y/N]? y
Installed plugin-manager v3.7.2
Install plugin replication version v3.7.2 [y/N]? y
Installed replication v3.7.2
Install plugin reviewnotes version v3.7.2 [y/N]? y
Installed reviewnotes v3.7.2
Install plugin singleusergroup version v3.7.2 [y/N]? y
Installed singleusergroup v3.7.2
Install plugin webhooks version v3.7.2 [y/N]? y
Installed webhooks v3.7.2
Initializing plugins.

============================================================================
Welcome to the Gerrit community

Find more information on the homepage: https://www.gerritcodereview.com
Discuss Gerrit on the mailing list: https://groups.google.com/g/repo-discuss
============================================================================
Initialized /root/gerrit/gerrit_testsite
Init complete, reindexing accounts,changes,groups,projects with: reindex --site-path /root/gerrit/gerrit_testsite --threads 1 --index accounts --index changes --index groups --index projectsReindexed 0 documents in accounts index in 0.0s (0.0/s)
Index accounts in version 12 is ready
Reindexing groups:      100% (2/2)
Reindexed 2 documents in groups index in 0.2s (13.3/s)
Index groups in version 9 is ready
Reindexing changes: Slicing projects: 100% (2/2), done
Reindexed 0 documents in changes index in 0.0s (0.0/s)
Index changes in version 79 is ready
Reindexing projects:    100% (2/2)
Reindexed 2 documents in projects index in 0.1s (31.3/s)
Index projects in version 5 is ready
Executing /root/gerrit/gerrit_testsite/bin/gerrit.sh start
Starting Gerrit Code Review: OK
Waiting for server on haiyong.:80 ... OK
Opening http://haiyong./#/admin/projects/ ...FAILED
Open Gerrit with a JavaScript capable browser:
  http://haiyong./#/admin/projects/

注意：邮箱密码需要填写授权码。

查看状态：

root@haiyong:~/gerrit# /root/gerrit/gerrit_testsite/bin/gerrit.sh status
Checking arguments to Gerrit Code Review:
  GERRIT_SITE            =  /root/gerrit/gerrit_testsite
  GERRIT_CONFIG          =  /root/gerrit/gerrit_testsite/etc/gerrit.config
  GERRIT_PID             =  /root/gerrit/gerrit_testsite/logs/gerrit.pid
  GERRIT_TMP             =  /root/gerrit/gerrit_testsite/tmp
  GERRIT_WAR             =  /root/gerrit/gerrit_testsite/bin/gerrit.war
  GERRIT_FDS             =  1024
  GERRIT_USER            =  root
  GERRIT_STARTUP_TIMEOUT =  90
  JAVA                   =  /usr/lib/jvm/java-11-openjdk-amd64/bin/java
  JAVA_OPTIONS           =   -Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance -Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance
  RUN_EXEC               =  /usr/bin/perl -e '$x=$ENV{JAVA};exec $x @ARGV;die $!' -- GerritCodeReview
  RUN_ARGS               =   -Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance -Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance  -jar /root/gerrit/gerrit_testsite/bin/gerrit.war daemon -d /root/gerrit/gerrit_testsite

Gerrit running pid=9233

其中 ~/gerrit 是我的gerrit安装路径，出现 Starting Gerrit Code Review: OK 表示启动成功。

gerrit配置文件路径为：/root/gerrit/gerrit_testsite/etc/gerrit.config，我的gerrit.config文件内容如下：

[gerrit]
        basePath = /root/gerrit/gitrepo
        canonicalWebUrl = http://172.23.23.31:80/
        serverId = d78c2ea9-2a4f-4b8f-a759-8f4544c6dfa4
[container]
        javaOptions = "-Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance"
        javaOptions = "-Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance"
        user = root
        javaHome = /usr/lib/jvm/java-11-openjdk-amd64
[index]
        type = LUCENE
[auth]
        type = HTTP
        userNameCaseInsensitive = true
[receive]
        enableSignedPush = false
[sendemail]
        smtpServer = smtp.163.com
        smtpUser = XXXXXXXX@163.com
        smtpServerPort = 25
        from = XXXXXXXX@163.com
[sshd]
        listenAddress = *:29418
[httpd]
        listenUrl = proxy-http://172.23.23.31:8081/
[cache]
        directory = cache

secure.config文件存放邮箱的授权码：/root/gerrit/gerrit_testsite/etc/secure.config

[auth]
        registerEmailPrivateKey = 0hJ1V5ABrDdL************q8TH8g4JFio=
[sendemail]
        smtpPass = U********GGPGA

停止命令：

1 2	$ /root/gerrit/gerrit_testsite/bin/gerrit.sh stop Stopping Gerrit Code Review: OK

启动命令：

1 2	$ /root/gerrit/gerrit_testsite/bin/gerrit.sh start Starting Gerrit Code Review: OK

重启命令：

1
2
3

$ /root/gerrit/gerrit_testsite/bin/gerrit.sh restart
Stopping Gerrit Code Review: OK
Starting Gerrit Code Review: OK

3. apache2反向代理

编辑配置文件vim /etc/apache2/sites-available/000-default.conf，添加如下内容：

<VirtualHost *:80>
        ServerName 172.23.23.31

        ProxyRequests Off
        ProxyVia Off
        ProxyPreserveHost On

        <Proxy *>
          Order deny,allow
          Allow from all
        </Proxy>

        <Location "/login/">
                AuthType Basic
                AuthName "Gerrit Code Review"
                Require valid-user
                AuthBasicProvider file
                AuthUserFile /etc/apache2/passwords
        </Location>

        AllowEncodedSlashes On

        ProxyPass / http://172.23.23.31:8081/

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

AuthUserFile 是用来保存gerrit用户名密码的文件。

开启SSL、Proxy、Rewrite模块：进入apache2的安装目录/etc/apache2/mods-enabled/，开启功能模块：

$ cd /etc/apache2/mods-enabled

sudo ln -s ../mods-available/proxy.load
sudo ln -s ../mods-available/proxy.conf
sudo ln -s ../mods-available/proxy_http.load
sudo ln -s ../mods-available/proxy_balancer.conf
sudo ln -s ../mods-available/proxy_balancer.load
sudo ln -s ../mods-available/rewrite.load
sudo ln -s ../mods-available/ssl.conf
sudo ln -s ../mods-available/ssl.load
sudo ln -s ../mods-available/slotmem_shm.load
sudo ln -s ../mods-available/socache_shmcb.load

4. 创建用户名密码

使用 htpasswd 命令创建用户名密码：

1 2	$ touch /etc/apache2/passwords $ sudo htpasswd -cb /etc/apache2/passwords admin admin

5. 启动

启动apache2：

$ sudo /etc/init.d/apache2 restart
 * Restarting Apache httpd web server apache2
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Action 'start' failed.
The Apache error log may have more information.
$ killall -9 nginx
$ sudo /etc/init.d/apache2 restart
 * Restarting Apache httpd web server apache2                                                                    [ OK ]

重启gerrit：

1	$ /root/gerrit/gerrit_testsite/bin/gerrit.sh restart

启动成功后，浏览器访问gerrit：http://172.23.23.31/，其中172.23.23.31是我的服务器IP地址。

页面会弹出登录页面，输入创建的管理员用户名密码进行登录。

认证成功后会跳转到gerrit页面

6. 邮箱配置

登录成功后，进入’Settings’ > ‘Email Addresses’ 配置邮箱。

点击 ‘Send verification’ 后设置的邮箱会收到一封认证邮件

访问邮件中的链接即可认证成功。

用户创建

和前面介绍的创建管理员账户一样，使用htpasswd 命令创建普通用户：

1 2	$ sudo htpasswd -b /etc/apache2/passwords gerrit 123456 Adding password for user gerrit

创建成功后使用用户名密码登录gerrit并配置邮箱即可。

创建项目仓库

主要有四种创建仓库方式：

1、Web页面进入’Browse’ > ‘Repositories’ > ‘CREATE NEW’

创建完成后进行仓库配置：

2、通过gerrit REST API创建

请求接口为 PUT /projects/{project-name}，请求次数参考https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.2/rest-api-projects.html#create-project

3、通过SSH 命令创建

1	ssh -p <port> <host> gerrit create-project { <NAME> }

可用参数选项可参考https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.2/cmd-create-project.html

4、也可以直接在gerrit服务器上手动创建

具体可参考https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.2/project-configuration.html#manual_project_creation

拉取项目仓库(http方式)

这里介绍使用HTTP方式克隆仓库的方法。

进入个人设置页面，找到HTTP Credentials，点击Generate new password

复制生成的HTTP Credentials用于认证。

进入要克隆的仓库，选择HTTP方式，复制clone命令。

$ git clone "http://admin@172.23.23.31:80/a/gerritDemo" && (cd "gerritDemo" && mkdir -p `git rev-parse --git-dir`/hooks/ && curl -Lo `git rev-parse --git-dir`/hooks/commit-msg http://172.23.23.31:80/tools/hooks/commit-msg && chmod +x `git rev-parse --git-dir`/hooks/commit-msg)

如果弹出认证框，输入前面生成的HTTP Credentials。

上面的clone代码执行完成后，仓库 /.git/hooks 目录下面会有一个commit-msg钩子文件。

提交代码

提交示例：

$ echo test > test.txt
$ git status
On branch master
Your branch is up to date with 'origin/master'.

Untracked files:
  (use "git add <file>..." to include in what will be committed)
        test.txt

nothing added to commit but untracked files present (use "git add" to track)
$ git add test.txt
warning: in the working copy of 'test.txt', LF will be replaced by CRLF the next time Git touches it
$ git commit -m "gerrit提交测试"
[master 6e78c4e] gerrit提交测试
 1 file changed, 1 insertion(+)
 create mode 100644 test.txt

$ git push --progress "origin" master:refs/for/master
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Writing objects: 100% (3/3), 303 bytes | 303.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
remote: Processing changes: refs: 1, new: 1, done
remote:
remote: SUCCESS
remote:
remote:   http://192.168.30.8:8081/c/gerritDemo/+/1 gerrit提交测试 [NEW]
remote:
To ssh://192.168.30.8:29418/gerritDemo
 * [new reference]   master -> refs/for/master

注意：push的远程分支为 refs/for/master，如果使用master分支会直接push到中央仓库，不会到暂存区。

审核代码

push成功后登录gerrit，可以看到刚才的提交

进入此次提交详细页面，可对提交的代码进行评审：

具体操作方法这里不做更多介绍了，可参考官方示例：https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.2/intro-gerrit-walkthrough.html

评审通过后，点击SUBMIT提交到主仓库。

参考文档

--THE END--
Gerrit

本文标题:代码评审平台Gerrit安装配置方法介绍(Ubuntu)

文章作者:hiyo

文章链接:https://hiyongz.github.io/posts/devtest-notes-for-gerrit-install-in-ubuntu/

许可协议:本博客文章除特别声明外，均采用CC BY-NC-ND 4.0 许可协议。转载请保留原文链接及作者。