GitLab at CC-IN2P3

Service description

GitLab is a collaborative hosted git service.

GitLab is destined to academic users members of the federation eduGAIN and their collaborators, for a professional use only.

Our GitLab instance is deployed using the Community Edition version.

If you have any problem, please open a ticket to user support.


Quality of Service

Our engagement is a Best Effort type: we are putting all effort to afford service continuity.

We consider this service as highly critical (level 2).

Compliance with the terms of use

We reserve the right to disable/remove accounts or projects that do not comply with the terms of use, in particular the rights to intellectual property.

Project visibility

There is 3 levels visibility for a project (and the code it contains):

  • Private: the project is visible and may be cloned only by the owner and users or group that he has explicitly added
  • Internal: the project is visible and may be cloned by any logged user.
  • Public: the project can be cloned without any authentication. It will also be listed on the public access directory (/public).

By default, every new project is set as private but it can inherit its visibility from its parent group.

User accounts

How to Sign-up

  • academic users should register using eduGAIN federation, by clicking on [Shibboleth]
  • other users must register by clicking [Sign-up]

It would be preferable if the e-mail used to register is an institutional e-mail.

For non-eduGAIN users who wish to get a full access, someone belonging to a partner organization should vouch for you to user support.

New non-eduGAIN users will be, by default, set as external. Validators will unlock the account after verification.

SSH configuration

The recommended way to interact with a git repository (project) is to use SSH. You can follow this documentation to help configure your SSH key.

Add Shibboleth as a Social sign-in method

When an account is created using the standard [Sign-up] method, the user won’t be able to use Shibboleth authentication. To be able to do it, you should configure it in your profile:

Profile Settings > Account > Social sign-in

The goal is to use the Single Sign On method proposed by the Identity federations.

Shibboleth duplicates

When registering with Shibboleth, GitLab builds the username field using the first part of the e-mail address up to the @ character. This may create duplicates with already registered usernames from the user organizations. To avoid it you have to:

  • Register using the [Sign-up] option and choosing a different username
  • Add Shibboleth as a Social sign-in method (explained above)

Continuous Integration/Deployment

The continuous integration platform is based on GitLab. You must configure your GitLab project to use a Runner; thus each commit or push triggers the execution of continuous integration pipelines.

Information concerning continuous integration (pipelines, jobs, environments, etc.) are displayed in the “CI/CD” menu of the GitLab vertical menu.

For any setting issues you may contact user support.

Uploading large files

GitLab is not made to store large binary files. To manage files, such as audio, video, graphics files or virtual machines images, GitLab supports “git lfs”.