Based on the Open Frontier Gerrit Docker Image project.
The maintenance of Gerrit as an EDP component will be conducted in this repository.
EDP Gerrit Docker Image is a Gerrit code review system with an external database integrated with OpenLDAP. This image is small and fast because it is based on the openjdk:jre-alpine
or the openjdk:jre-slim
Docker official images.
The latest
is not production ready because new features will be tested on it first.
The branch tags like 2.14.x
or 2.15.x
are used to track the releases of Gerrit. Approved new features will be merged to these branches first then included in the next release.
To start the container, follow the steps below:
- Run the following command to initialize and start Gerrit:
docker run -d -p 8080:8080 -p 29418:29418 epamedp/edp-gerrit
- Open your browser to
http://<docker host url>:8080
.
docker run -d -p 8080:8080 -p 29418:29418 -e AUTH_TYPE=HTTP epamedp/edp-gerrit
- Create a volume container.
docker run --name gerrit_volume epamedp/edp-gerrit echo "Gerrit volume container."
- Initialize and start gerrit using volume created above.
docker run -d --volumes-from gerrit_volume -p 8080:8080 -p 29418:29418 epamedp/edp-gerrit
DO NOT use host volumes in particular directories under the home directory like ~/gerrit
as a gerrit volume!!! Use named volume instead!!!
- Create a docker volume for the gerrit site.
docker volume create gerrit_volume
- Initialize and start gerrit using the local directory created above.
docker run -d -v gerrit_volume:/var/gerrit/review_site -p 8080:8080 -p 29418:29418 epamedp/edp-gerrit
When calling gerrit init --batch, it is possible to list plugins to be installed with --install-plugin=<plugin_name>. This can be done using the GERRIT_INIT_ARGS environment variable. See Gerrit Documentation for more information.
#Install download-commands plugin on start up
docker run -d -p 8080:8080 -p 29418:29418 -e GERRIT_INIT_ARGS='--install-plugin=download-commands'
epamedp/edp-gerrit
Similarly to the Postgres image, if you would like to do additional configuration mid-script, add one or more
*.sh
or *.nohup
scripts under /docker-entrypoint-init.d
. This directory is created by default. Scripts in /docker-entrypoint-init.d
are run after
gerrit has been initialized, but before any of the gerrit config is customized, allowing you to programmatically override environment variables in entrypoint
scripts. *.nohup
scripts are run into the background with nohup command.
You can also extend the image with a simple Dockerfile
. The following example will add some scripts to initialize the container on start up.
FROM epamedp/edp-gerrit:latest
COPY gerrit-create-user.sh /docker-entrypoint-init.d/gerrit-create-user.sh
COPY gerrit-upload-ssh-key.sh /docker-entrypoint-init.d/gerrit-upload-ssh-key.sh
COPY gerrit-init.nohup /docker-entrypoint-init.d/gerrit-init.nohup
RUN chmod +x /docker-entrypoint-init.d/*.sh /docker-entrypoint-init.d/*.nohup
All attributes in gerrit.config database section are supported.
All attributes in gerrit.config ldap section are supported.
#Start gerrit docker to connect with an already existed postgres.
docker run \
--name gerrit \
-p 8080:8080 \
-p 29418:29418 \
-e WEBURL=http://your.site.domain:8080 \
-e DATABASE_TYPE=postgresql \
-e DATABASE_HOSTNAME=postgres.hostname \
-e DATABASE_PORT=5432 \
-e DATABASE_DATABASE=reviewdb \
-e DATABASE_USERNAME=gerrit2 \
-e DATABASE_PASSWORD=gerrit \
-e AUTH_TYPE=LDAP \
-e LDAP_SERVER=ldap://ldap.server.address \
-e LDAP_ACCOUNTBASE=<ldap-basedn> \
-d epamedp/edp-gerrit
# Start postgres docker
docker run \
--name pg-gerrit \
-p 5432:5432 \
-e POSTGRES_USER=gerrit2 \
-e POSTGRES_PASSWORD=gerrit \
-e POSTGRES_DB=reviewdb \
-d postgres
#Start gerrit docker ( AUTH_TYPE=HTTP_LDAP is also supported )
docker run \
--name gerrit \
--link pg-gerrit:db \
-p 8080:8080 \
-p 29418:29418 \
-e WEBURL=http://your.site.domain:8080 \
-e DATABASE_TYPE=postgresql \
-e AUTH_TYPE=LDAP \
-e LDAP_SERVER=ldap://ldap.server.address \
-e LDAP_ACCOUNTBASE=<ldap-basedn> \
-d epamedp/edp-gerrit
Some basic attributes in gerrit.config sendmail section are supported.
#Start gerrit docker with sendemail supported.
#All SMTP_* attributes are optional.
#Sendemail function will be disabled if SMTP_SERVER is not specified.
docker run \
--name gerrit \
-p 8080:8080 \
-p 29418:29418 \
-e WEBURL=http://your.site.domain:8080 \
-e SMTP_SERVER=smtp.server.address \
-e SMTP_SERVER_PORT=25 \
-e SMTP_ENCRYPTION=tls \
-e SMTP_USER=<smtp user> \
-e SMTP_PASS=<smtp password> \
-e SMTP_CONNECT_TIMEOUT=10sec \
-e SMTP_FROM=USER \
-d epamedp/edp-gerrit
All attributes in gerrit.config user section are supported.
#Start gerrit docker with user info provided.
#All USER_* attributes are optional.
docker run \
--name gerrit \
-p 8080:8080 \
-p 29418:29418 \
-e WEBURL=http://your.site.domain:8080 \
-e USER_NAME=gerrit \
-e USER_EMAIL=gerrit@your.site.domain \
-d epamedp/edp-gerrit
docker run \
--name gerrit \
-p 8080:8080 \
-p 29418:29418 \
-e AUTH_TYPE=OAUTH \
# Don't forget to set Gerrit FQDN for correct OAuth
-e WEBURL=http://my-gerrit.example.com \
-e OAUTH_ALLOW_EDIT_FULL_NAME=true \
-e OAUTH_ALLOW_REGISTER_NEW_EMAIL=true \
# Google OAuth
-e OAUTH_GOOGLE_RESTRICT_DOMAIN=your.site.domain \
-e OAUTH_GOOGLE_CLIENT_ID=1234567890 \
-e OAUTH_GOOGLE_CLIENT_SECRET=dakjhsknksbvskewu-googlesecret \
-e OAUTH_GOOGLE_LINK_OPENID=true \
# Github OAuth
-e OAUTH_GITHUB_CLIENT_ID=abcdefg \
-e OAUTH_GITHUB_CLIENT_SECRET=secret123 \
# GitLab OAuth
# How to obtain secrets: https://docs.gitlab.com/ee/integration/oauth_provider.html
-e OAUTH_GITLAB_ROOT_URL=http://my-gitlab.example.com/ \
-e OAUTH_GITLAB_CLIENT_ID=abcdefg \
-e OAUTH_GITLAB_CLIENT_SECRET=secret123 \
# Bitbucket OAuth
-e OAUTH_BITBUCKET_CLIENT_ID=abcdefg \
-e OAUTH_BITBUCKET_CLIENT_SECRET=secret123 \
-e OAUTH_BITBUCKET_FIX_LEGACY_USER_ID=true \
-d epamedp/edp-gerrit
docker run \
--name gerrit \
-p 8080:8080 \
-p 29418:29418 \
-e WEBURL=http://my-gerrit.example.com \
-e DOWNLOAD_SCHEMES="http ssh" \
-e GERRIT_INIT_ARGS="--install-plugin=replication" \
-e REPLICATION_REMOTES="bitbucket github" \
-e REPLICATE_ON_STARTUP=true \
-e REPLICATION_MAX_RETRIES=3 \
-e BITBUCKET_URL=https://bitbucket.org/${BB_ORG}/${name}.git \
-e BITBUCKET_PROJECTS="demo* prod*" \
-e BITBUCKET_USERNAME=${BB_USER} \
-e BITBUCKET_PASSWORD=${BB_PASSWORD} \
-e BITBUCKET_MIRROR=true \
-e BITBUCKET_TIMEOUT=60 \
-e BITBUCKET_THREADS=2 \
-e BITBUCKET_RESCHEDULE_DELAY=15 \
-e BITBUCKET_REPLICATION_DELAY=15 \
-e BITBUCKET_REPLICATION_RETRY=1 \
-e BITBUCKET_REPLICATION_MAX_RETRIES=5 \
-e BITBUCKET_REPLICATE_PERMISSIONS=false \
-e BITBUCKET_CREATE_MISSING_REPOSITORIES=false \
-e GITHUB_URL=https://${GH_USER}@github.com/${GH_ORG}/${name}.git \
-e GITHUB_PASSWORD=${GH_PASSWORD} \
-d epamedp/edp-gerrit
docker run \
--name gerrit \
-p 8080:8080 \
-p 29418:29418 \
-e GITWEB_TYPE=gitiles \
-d epamedp/edp-gerrit
docker run \
--name gerrit \
-p 8080:8080 \
-p 29418:29418 \
-e DOWNLOAD_SCHEMES=http ssh \
-d epamedp/edp-gerrit
DO NOT USE. Only for use in a development environment. When this is the configured authentication method a hyperlink titled "Become" appears in the top right corner of the page, taking the user to a form where they can enter the username of any existing user account, and immediately login as that account, without any authentication taking place. This form of authentication is only useful for the GWT hosted mode shell, where OpenID authentication redirects might be risky to the developer's host computer, and HTTP authentication is not possible.
docker run \
--name gerrit \
-p 8080:8080 \
-p 29418:29418 \
-e AUTH_TYPE=DEVELOPMENT_BECOME_ANY_ACCOUNT \
-d epamedp/edp-gerrit
Gerrit is launched using the daemon
action of its init script. This
brings the server up without forking and sends error log messages to the
console. An alternative is to start Gerrit using supervise
which is
very similar to daemon
except that error log messages are persisted to
${GERRIT_SITE}/logs/error_log
.
Gerrit can be started with a non-default action using the
GERRIT_START_ACTION
environment variable. For example, Gerrit can be
started with supervise
as follows:
docker run \
-e GERRIT_START_ACTION=supervise \
-v ~/gerrit_volume:/var/gerrit/review_site \
-p 8080:8080 \
-p 29418:29418 \
-d epamedp/edp-gerrit
NOTE: Not all init actions make sense for starting Gerrit in a Docker
container. Specifically, invoking Gerrit with start
forks the server
before returning which will cause the container to exit soon after.
Run the following command, to sync timezone with the host server:
docker run -d -p 8080:8080 -p 29418:29418 -v /etc/localtime:/etc/localtime:ro epamedp/edp-gerrit
The docker container automatically writes the current gerrit version into ${GERRIT_HOME}/review_site/gerrit_version
, in order to detect whether a full upgrade should be performed.
This check can be disabled via the IGNORE_VERSIONCHECK
environment variable.
Note that for major version upgrades a full reindex might be necessary. Check the Gerrit upgrade notes for details. For large repositories, the full reindex can take 30 min or more.
docker run \
-e IGNORE_VERSIONCHECK=1 \
-v ~/gerrit_volume:/var/gerrit/review_site \
-p 8080:8080 \
-p 29418:29418 \
-d epamedp/edp-gerrit