Published: Nov 28, 2024 by Isaac Johnson
Today we will wrap the series on OneDev by looking at a few more advanced features including Email Templates, Invites, and Labels. We’ll look at GIT Branch protections and Forks and how to contribute back including digging into PRs. We’ll cover child projects and impersonations as well as automated backups.
Lastly, I’ll show some features that still are proving challenging for me, namely time management (a feature of EE) and limitations on the hosted OneDev container registry.
Let’s dig in!
Email Templates
Just about every missive the system can send is configurable.
Perhaps you want to let your users know they are special and loved whenever they have to reset a password.
We could add that to the Password Reset template
Then if they reset their password
We can see they get a lovely added note to the message in their inbox
Service Desk settings
Since my mail service is outgoing only, this really isn’t a feature I can test. However, as you see, you can set up OneDev to check the inbox and create issues based on incoming messages
Invites and Gravatar
We can use Gravatar for icons
Now this is not enabled by default.
For instance, if I send an invite to my gmail address
Once I set my details, I can verify it pulled from my (very old) Gravatar
Labels
In JIRA we can create labels ad-hoc, which makes it nice for dynamic lists - but I’ve also seen the downfall of that with every spelling variation of team names used.
In OneDev, we also have labels, but one needs to create them upfront.
For instance, perhaps I want to organize things around the related project
I can now use Labels on builds, PRs and Project settings. For instance, I can set the primary “Public Project” to “Blog”
I can now see that shown when listing Projects
GIT Branch Protection
That reminds me, what if we want to ensure all code gets reviewed in our project?
We can use Branch Protection to add a Rule
For instance, I could set branch protections on main
I noticed it didn’t block me from pushing files right to main, whether I was an admin user or not.
But if I add some required reviewers which can be a logical query language statement of user and groups
We can see PRs are enforced
Contributing from a fork
Let’s say that we’ve made some changes in our fork and we want to push it back to the parent.
We can create a Pull Request
At the bottom we can see differences
We now have a named PR (PUB-1) for review
Now, as a normal user, I can comment on a PR, but not on individual lines
Child Projects
Try as I might, I cannot find a “fork” option anywhere. I’m hoping “Child Projects” might provide that.
I can go to “Child Projects” under a main project and click the “+”
I’ll give it a name, optional description and project key
We can now see the project
On our Projects page we can now see the child project listed
It was in exploring projects I found the fork option by the three-dot menu on the left-hand project navigation
I saw the documentation showing we should be able to fork this way but in testing , we see the icon I would call “sharing” actually does the fork
If I go to commits, I can see the history along with any related builds
If I click on a commit, I can see a decent git diff
As expected, I can do split or inline diffs s well as ignoring whitespace
If one wants, they can kick this particular SHA into any existing manual build (here you can see this SHA is running on FirstPipeline)
It failed and we can now see the feedback in the commits page
Docker images
While I had some difficulty getting pipelines to push to the internal registry, I did try doing it locally
First, we login
$ docker login 1dev.tpk.pw
Username: builder
Password:
Login Succeeded
I tried to push a small 35Mb image
$ docker tag ghcr.io/go-shiori/shiori:latest 1dev.tpk.pw/publicproject/shiori:latest
$ docker push 1dev.tpk.pw/publicproject/shiori:latest
The push refers to repository [1dev.tpk.pw/publicproject/shiori]
9c540c97ed3b: Pushed
c08bb409637f: Pushed
7f6380c20185: Pushing [==================================================>] 33.72MB/33.72MB
108b90d7eca8: Pushed
e497232d4ff4: Pushed
unknown: <html>
<head><title>413 Request Entity Too Large</title></head>
<body>
<center><h1>413 Request Entity Too Large</h1></center>
<hr><center>nginx/1.25.4</center>
</body>
</html>
Under “Performance Settings” I noted that there was a 20Mb file limit I thought could affect uploads
So I upped that to 2gb and saved
But then a test of pushing a small 42Mb container still failed
builder@DESKTOP-QADGF36:~$ docker tag k8s.gcr.io/coredns/coredns:v1.8.6 1dev.tpk.pw/publicproject/coredns:v1.8.6
builder@DESKTOP-QADGF36:~$ docker push 1dev.tpk.pw/publicproject/coredns:v1.8.6
The push refers to repository [1dev.tpk.pw/publicproject/coredns]
80e4a2390030: Pushing [==================================================>] 46.62MB/46.62MB
256bc5c338a6: Pushed
unknown: <html>
<head><title>413 Request Entity Too Large</title></head>
<body>
<center><h1>413 Request Entity Too Large</h1></center>
<hr><center>nginx/1.25.4</center>
</body>
</html>
Notifications
Let’s say we want to add some Discord notifications.
First, we go to a channel and Integrations to add a webhook
I’ll give it a name and default channel
Now in “Settings/Notifications/Discord Notifications”, we can add our Webhook URL and which events for which we want to send notifications.
I made comment on a PR and then a new issue and indeed saw updates on Discord
Issue Description Templates
Under Administration Issue Settings, we can go to Description Templates to click “+” to create a new one
I’ll put together a new issue template
I can now see it listed, albeit without much for details
I can now see them there when I create a new issue
Since it is markdown, we can use the preview to help build some content like a table
Issue custom fields
We can add custom fields using “Issue Settings/Custom Fields” such as secrets
I can then give it a name
I was curious how a password field my work. So I added it to a new issue
I can change the field, but I cannot seem to view it in any way
Interestingly enough, I can change the type from Secret to Text
But it does not affect the existing instantiations when viewing
But interestingly enough, it does when i edit.
Impersonation
One feature that makes it a bit easier to on-board users (and check permissions) is the “Impersonation” feature.
Under “Administration/User Management/Users” we can see the Impersonate feature
And I can now see what Tristan sees
We can exit impersonation to go back to our Admin account using “Exit Impersonation”
Automated Backups
While I could not seem to get external Databases to work, I can set the internal Database to automatically backup on a schedule in “Administration/System Maintenance/Database Backup”
Perhaps I want to backup at 36 past the hour each day
I can now see the backup(s) in the db-backup folder
builder@DESKTOP-QADGF36:~$ kubectl exec -it onedev-0 -n onedev -- /bin/bash
root@onedev-0:/# ls -ltrah /opt/onedev/site/db-backup
total 36K
drwxr-xr-x 7 root root 4.0K Nov 24 12:35 ..
drwxr-xr-x 2 root root 4.0K Nov 24 12:36 .
-rw-r--r-- 1 root root 28K Nov 24 12:36 2024-11-24_12-36-01.zip
We could then manually backup to local a file if desired
builder@DESKTOP-QADGF36:~$ kubectl cp -n onedev onedev-0:/opt/onedev/site/db-backup/2024-11-24_12-36-01.zip ./2024-11-24_12-36-01.zip
tar: Removing leading `/' from member names
builder@DESKTOP-QADGF36:~$ ls -ltra | tail -n2
-rw-r--r-- 1 builder builder 27814 Nov 24 06:47 2024-11-24_12-36-01.zip
drwxr-xr-x 73 builder builder 12288 Nov 24 06:47 .
We can also see evidence of the backup in the logs
Subscription
The default behaviour is to run as a Community Edition and we can see that under “Administration/Subscription Management”
It is here we can switch or get a Trial key for an enterprise account
If I “request that trial”, I can get a 30-day key instantly
Which I can then install the key
I now see I have the Enterprise Edition but only valid until Christmas (in my case)
Time Management
Now that we have EE (at least temporarily), let’s create a project with Time Management enabled
We can now create an Issue in the project and this time we can add an “estimated time” to complete
I now may wish to see all outstanding work with the estimated times. We can go to Timesheets to create a new sheet
My First thought was a report on non-closed work
But that didn’t really show me anything
Let’s add it to an iteration (sprint). Since I have none, I’ll need to go to Iterations to create an iteration
I set a name, start and end dates
Now I’ll add that issue to the sprint
I’ll now close the issue. I had hoped to see something to indicate time. WHen our states are just Open and Closed, there isn’t much I can do to show time
I can see the state transitions in the log
But even the “All” sheet that should show my all issues shows no time
We can see, at the least, some stats on Issues opened and closed by week in the Statistics area
And I can get a burndown chart showing effectively 10m of work completed
But I’m not really sure what it takes to get the Timesheet part to show results.
Upgrades
There has been a point release since my installed version (11.5.2). I can check anytime by using the “?” icon on the lower left
Here we see that there is an 11.5.3
If I now go to Kubernetes and list our charts in the namespace, again, we see it’s at 11.5.2
$ helm list -n onedev
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
onedev onedev 1 2024-11-16 17:05:44.696522523 -0600 CST deployed onedev-11.5.2 11.5.2
To upgrade, I’ll ensure I have the Helm repo and it’s updated
builder@DESKTOP-QADGF36:~$ helm repo add onedev https://dl.cloudsmith.io/public/onedev/onedev/helm/charts
elm repo update onedev"onedev" already exists with the same configuration, skipping
builder@DESKTOP-QADGF36:~$ helm repo update onedev
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "onedev" chart repository
Update Complete. ⎈Happy Helming!⎈
IF I had some override values, here is where I could set them asside before a helm upgrade
builder@DESKTOP-QADGF36:~$ helm get values onedev -n onedev -o yaml
null
builder@DESKTOP-QADGF36:~$ helm get values onedev -n onedev
USER-SUPPLIED VALUES:
null
As I don’t, I’ll just upgrade directly
$ helm upgrade onedev -n onedev onedev/onedev --reuse-values
Release "onedev" has been upgraded. Happy Helming!
NAME: onedev
LAST DEPLOYED: Sun Nov 24 07:23:38 2024
NAMESPACE: onedev
STATUS: deployed
REVISION: 2
TEST SUITE: None
NOTES:
CHART NAME: onedev
CHART VERSION: 11.5.3
APP VERSION: 11.5.3
###################################################################
#
# CAUTION: If you are upgrading from version <= 9.0.0, please make
# sure to follow https://docs.onedev.io/upgrade-guide/deploy-to-k8s
# to migrate your data
#
###################################################################
** Please be patient while the chart is being deployed **
Get the OneDev URL by running:
kubectl port-forward --namespace onedev svc/onedev 6610:80 &
URL: http://127.0.0.1:6610
I immediately saw the statefulset pod disappear
builder@DESKTOP-QADGF36:~$ kubectl get pods -n onedev
No resources found in onedev namespace.
Then come back as creating
builder@DESKTOP-QADGF36:~$ kubectl get pods -n onedev
NAME READY STATUS RESTARTS AGE
onedev-0 0/1 ContainerCreating 0 3s
builder@DESKTOP-QADGF36:~$ kubectl get pods -n onedev
NAME READY STATUS RESTARTS AGE
onedev-0 0/1 ContainerCreating 0 7s
In just a few moments it was live again
builder@DESKTOP-QADGF36:~$ kubectl get pods -n onedev
NAME READY STATUS RESTARTS AGE
onedev-0 1/1 Running 0 25s
I was able to log back in and immediately see my projects were still there and that the version was now 11.5.3
Summary
Today, we covered some advanced configuration around Issues such as field configurations (e.g. secrets) and Issue configuration templates. We also showed configuring our Email Templates and tested with password resets. I showed Discord integration with Notifications as well as User Impersonation. We covered a bit of maintenance operations showing cron-based db backups and helm upgrades.
I looked at upgrading the license and tried to get Time Management to work, but did not succeed. I also could not get large files to upload. I really did try a lot of things to try and make that work in the containerized instance but it’s got some rather fixed size limitations I keep bumping up against - such as when trying to push a container image. We also showed contributing whether it be using a project fork or the Pull Request flow with diffs.
Overall, OneDev is a pretty good tool and has a very feature rich Community tier. I might be tempted to build out a OneDev instance for a smaller project or if I was in a situation where a SaaS offering like Github or Azure DevOps wasn’t allowed. There is quite a lot to like - from project management to issue configuration and branch protections.
I could get deeper on Issue template flows and pipelines, but I think for a broad overview and feature tour we have covered enough. I generally do not devote three posts to a product unless I’m all in.
Also, I’m not hung up on the lack of artifact management, to be honest. In a real-world situation I would be using a mix of Harbor and Cloud container registries like GAR and ACR to host charts, binaries and files. I don’t think there is enough here to get me to switch from my current tooling, but it’s far more robust that I thought it might be.
