Gitlab: SSH-Keys管理(API方式:当前用户)
Gitlab中可以通过设定ssh-key进行免密push操作,同时Gitlab也提供了相应的Rest API进行操作,这篇文章将进行具体介绍对于当前用户的操作方式。
环境准备
docker-compose文件
liumiaocn:gitlab liumiao$ cat docker-compose.ymlversion: '2'services:# Version Control service: Gitlabgitlab:image: gitlab/gitlab-ce:12.10.5-ce.0ports:- "32001:80"volumes:- ./log/:/var/log/gitlab- ./data/:/var/opt/gitlab- ./conf/:/etc/gitlabrestart: "no"liumiaocn:gitlab liumiao$
事前准备
创建如下目录:
liumiaocn:gitlab liumiao$ lsdocker-compose.ymlliumiaocn:gitlab liumiao$ mkdir -p log data confliumiaocn:gitlab liumiao$ lsconf data docker-compose.yml logliumiaocn:gitlab liumiao$
启动
启动命令:docker-compose up -d
登录并创建apitoken
登录URL
- http://localhost:32001
注:此处设定root用户密码,由于后续直接使用token进行用户创建,示例说明中不再直接需要使用root设定的密码。
创建api用的token
通过settings菜单或者直接使用如下URL,创建api用的token
- http://localhost:32001/profile/personal\_access\_tokens
事前准备
添加名为liumiao的用户,也可通过界面操作进行,此步可以跳过
执行命令
access_token=“7F2jdsYyeDsuhGnyTvPz”
gitlab_url=“localhost:32001”
curl -X POST -H “PRIVATE-TOKEN: ${access_token}” http://$\{gitlab\_url\}/api/v4/users
-H ‘cache-control: no-cache’
-H ‘content-type: application/json’
-d ‘{ “email”: “liumiaocn@outlook.com”,
“username”: “liumiao”,
“password”: “12341234”,
“name”: “liumiao”,
“skip_confirmation”: “true”
}’
执行日志示例:
liumiaocn:~ liumiao$ curl -X POST -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/users -H 'cache-control: no-cache' -H 'content-type: application/json' -d '{ "email": "liumiaocn@outlook.com",> "username": "liumiao",> "password": "12341234",> "name": "liumiao",> "skip_confirmation": "true"> }' |jq .% Total % Received % Xferd Average Speed Time Time Time CurrentDload Upload Total Spent Left Speed100 898 100 759 100 139 1785 327 --:--:-- --:--:-- --:--:-- 2112{"id": 2,"name": "liumiao","username": "liumiao","state": "active","avatar_url": "https://www.gravatar.com/avatar/95c1f7ff72d71b448592a335ba80fb64?s=80&d=identicon","web_url": "http://2dba3d4f4dfa/liumiao","created_at": "2020-07-19T21:35:27.312Z","bio": null,"location": null,"public_email": "","skype": "","linkedin": "","twitter": "","website_url": "","organization": null,"job_title": "","work_information": null,"last_sign_in_at": null,"confirmed_at": "2020-07-19T21:35:27.148Z","last_activity_on": null,"email": "liumiaocn@outlook.com","theme_id": 1,"color_scheme_id": 1,"projects_limit": 100000,"current_sign_in_at": null,"identities": [],"can_create_group": true,"can_create_project": true,"two_factor_enabled": false,"external": false,"private_profile": false,"is_admin": false}liumiaocn:~ liumiao$
设定ssh-key的图形方式
通过GitLab的界面操作,可以很容易地设定ssh-key,首先登录之后选择用户菜单中的Settings
然后选择SSH Keys左侧菜单项即可通过界面方式对ssh-key进行操作
创建本地用户的ssh-key
liumiaocn:~ liumiao$ ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key (/Users/liumiao/.ssh/id_rsa):Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /Users/liumiao/.ssh/id_rsa.Your public key has been saved in /Users/liumiao/.ssh/id_rsa.pub.The key fingerprint is:SHA256:FgCQGZ5XL0dLvCYw3F34LQzXgR0bePHsNdGe94jPWXk liumiao@liumiaocnThe key's randomart image is:+---[RSA 3072]----+| o*.ooooo.==+ ..|| .o.+..==.+ += o|| o .o. =* o. ooo|| . .oo.+ .. o+|| oS . ...+|| . . ..E|| o o.|| + || |+----[SHA256]-----+liumiaocn:~ liumiao$
这样在当前用户的HOME下的.ssh目录中就会有如下rsa方式的公钥和私钥,注意设定的是公钥,私钥是需要我们自己妥善保管的,公钥是可以从私钥中取出来的,详细展开内容可以参看:
- https://blog.csdn.net/liumiaocn/category_9573907.html
操作:添加用户ssh-key(当前用户)
使用user/keys可以添加当前指定用户的token,执行示例命令与日志如下所示
liumiaocn:~ liumiao$ curl -X POST -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/user/keys -H 'cache-control: no-cache' -H 'content-type: application/json' -d '{"title": "ssh key for local mac os","key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9V0ynK5YE84hoeK8LonTw2zixdrSrbR8yuaK1tGuvWD/OZ/P/zDjLHmcJqrK7tB1pgbWAmne8hhXjgNPNHglPp+epU6rP+a3VfDNA6bmbeMQDs/8IW89lhHE0PhIG4zalntgx2sPlhmqVi0XXn77RFXF8h0kbGPIL/nXwvGXfx7GQBpCmhqioJX7kXTReEEdLA6Ec7LgYYZUTorNlZkw3D+beuezyHt+zE6ggpP3aDDigaeMXlf2yfdClpETCIure4vxvXBHBZt9dy54A+YJNcPgY49Pj4Z6C2KVqTS9kM+fQ1gHZsjP9vbObh0TmsV0Zffy0HXwayNqiIutuk65RdVxTCjdCiz/9Lwxza9P7PcJEmb6tW+me/QROKT1LsJH6gn59ufGiB+OsmBg9lK+CaG+CVi0WGDmPKlh/oJ+noGQGgr0NHxkBqJLTim1HCCS5rb2U+ynjtHSKEKZ5BMqxG4ci6WZOsJg/gedefHA9R5Xd3TJkGas+2P3nfjB5zJM= liumiao@liumiaocn","expires_at": "2020-09-19T00:00:00.000Z"}' |jq .% Total % Received % Xferd Average Speed Time Time Time CurrentDload Upload Total Spent Left Speed100 1345 100 680 100 665 8607 8417 --:--:-- --:--:-- --:--:-- 17025{"id": 4,"title": "ssh key for local mac os","key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9V0ynK5YE84hoeK8LonTw2zixdrSrbR8yuaK1tGuvWD/OZ/P/zDjLHmcJqrK7tB1pgbWAmne8hhXjgNPNHglPp+epU6rP+a3VfDNA6bmbeMQDs/8IW89lhHE0PhIG4zalntgx2sPlhmqVi0XXn77RFXF8h0kbGPIL/nXwvGXfx7GQBpCmhqioJX7kXTReEEdLA6Ec7LgYYZUTorNlZkw3D+beuezyHt+zE6ggpP3aDDigaeMXlf2yfdClpETCIure4vxvXBHBZt9dy54A+YJNcPgY49Pj4Z6C2KVqTS9kM+fQ1gHZsjP9vbObh0TmsV0Zffy0HXwayNqiIutuk65RdVxTCjdCiz/9Lwxza9P7PcJEmb6tW+me/QROKT1LsJH6gn59ufGiB+OsmBg9lK+CaG+CVi0WGDmPKlh/oJ+noGQGgr0NHxkBqJLTim1HCCS5rb2U+ynjtHSKEKZ5BMqxG4ci6WZOsJg/gedefHA9R5Xd3TJkGas+2P3nfjB5zJM= liumiao@liumiaocn","created_at": "2020-07-19T21:50:49.034Z","expires_at": null}liumiaocn:~ liumiao$
结果确认:注意当前用户是root
操作: 查询用户ssh-key
方式1: 查询当前用户
使用/user/keys即可
liumiaocn:~ liumiao$ curl -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/user/keys |jq .% Total % Received % Xferd Average Speed Time Time Time CurrentDload Upload Total Spent Left Speed100 682 100 682 0 0 13640 0 --:--:-- --:--:-- --:--:-- 13640[{"id": 4,"title": "ssh key for local mac os","key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9V0ynK5YE84hoeK8LonTw2zixdrSrbR8yuaK1tGuvWD/OZ/P/zDjLHmcJqrK7tB1pgbWAmne8hhXjgNPNHglPp+epU6rP+a3VfDNA6bmbeMQDs/8IW89lhHE0PhIG4zalntgx2sPlhmqVi0XXn77RFXF8h0kbGPIL/nXwvGXfx7GQBpCmhqioJX7kXTReEEdLA6Ec7LgYYZUTorNlZkw3D+beuezyHt+zE6ggpP3aDDigaeMXlf2yfdClpETCIure4vxvXBHBZt9dy54A+YJNcPgY49Pj4Z6C2KVqTS9kM+fQ1gHZsjP9vbObh0TmsV0Zffy0HXwayNqiIutuk65RdVxTCjdCiz/9Lwxza9P7PcJEmb6tW+me/QROKT1LsJH6gn59ufGiB+OsmBg9lK+CaG+CVi0WGDmPKlh/oJ+noGQGgr0NHxkBqJLTim1HCCS5rb2U+ynjtHSKEKZ5BMqxG4ci6WZOsJg/gedefHA9R5Xd3TJkGas+2P3nfjB5zJM= liumiao@liumiaocn","created_at": "2020-07-19T21:50:49.034Z","expires_at": null}]liumiaocn:~ liumiao$
方式2: 查询指定用户ssh-key
使用/users/${userid}/keys可查询指定用户,比如:
liumiaocn:~ liumiao$ curl -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/users/1/keys |jq .% Total % Received % Xferd Average Speed Time Time Time CurrentDload Upload Total Spent Left Speed100 682 100 682 0 0 8023 0 --:--:-- --:--:-- --:--:-- 8023[{"id": 4,"title": "ssh key for local mac os","key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9V0ynK5YE84hoeK8LonTw2zixdrSrbR8yuaK1tGuvWD/OZ/P/zDjLHmcJqrK7tB1pgbWAmne8hhXjgNPNHglPp+epU6rP+a3VfDNA6bmbeMQDs/8IW89lhHE0PhIG4zalntgx2sPlhmqVi0XXn77RFXF8h0kbGPIL/nXwvGXfx7GQBpCmhqioJX7kXTReEEdLA6Ec7LgYYZUTorNlZkw3D+beuezyHt+zE6ggpP3aDDigaeMXlf2yfdClpETCIure4vxvXBHBZt9dy54A+YJNcPgY49Pj4Z6C2KVqTS9kM+fQ1gHZsjP9vbObh0TmsV0Zffy0HXwayNqiIutuk65RdVxTCjdCiz/9Lwxza9P7PcJEmb6tW+me/QROKT1LsJH6gn59ufGiB+OsmBg9lK+CaG+CVi0WGDmPKlh/oJ+noGQGgr0NHxkBqJLTim1HCCS5rb2U+ynjtHSKEKZ5BMqxG4ci6WZOsJg/gedefHA9R5Xd3TJkGas+2P3nfjB5zJM= liumiao@liumiaocn","created_at": "2020-07-19T21:50:49.034Z","expires_at": null}]liumiaocn:~ liumiao$
注意:此处返回的key的id也是每次递增,从1开始,本文示例显示为4,说明抓取日志之前经过三次添加和删除的操作。
操作:删除用户ssh-key(当前用户)
操作日志如下所示:
liumiaocn:~ liumiao$ keyid=4liumiaocn:~ liumiao$ curl -X DELETE -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/user/keys/${keyid}liumiaocn:~ liumiao$ echo $?0liumiaocn:~ liumiao$
结果确认
liumiaocn:~ liumiao$ curl -H "PRIVATE-TOKEN: ${access_token}" http://${gitlab_url}/api/v4/user/keys[]liumiaocn:~ liumiao$
注意事项
本例中当前用户创建时指定了过期时间,但是结果并未显示(此选项为Optinal),具体问题后续继续确认。
迷南。
女爷i
怼烎@
港控/mmm°
还没有评论,来说两句吧...