In principle, every member of the TU (TU employees and students) can log in to TUgitLab simply with the TUaccount password. By default, however, nobody can participate in non-public projects. This requires a so-called TUgitLab institute administrator to add this user to a group or a project owner to give this user the necessary rights to a project. TU employees are allowed to create a maximum of 10 projects in their private namespace, but this is not recommended and usually not necessary due to the possibility of groups. External users and students are always created as External in GitLab and thus have access only to projects where they have been explicitly added. Public projects can also be accessed directly without login.
In principle, most features of the Enterprise Ultimate version are available. For implementation reasons, GitLab Pages and for resource reasons Container Registry or Shared Runners cannot be offered at this time. For more information on the GitLab features themselves, please refer to the GitLab online documentation, opens an external URL in a new window.
No, this would only be necessary if you want to apply for the function as TUgitLab institute administrator.
When logging in for the first time, the e-mail address, display name and user name (derived from the e-mail address) are automatically entered in the profile. The user name cannot be changed and display name and mail address are always synchronized when you log in. For external users, a username is generated with which this person is assigned to the TUgitLab institute administrator in the online account management, opens an external URL in a new window. Please do not enter any additional sensitive information in your profile, as this information may be viewed by anonymous users in public projects.
Before you apply for an account as TUgitLab institute administrator in the online account management, opens an external URL in a new window, you should successfully log in to TUgitLab, opens an external URL in a new window at least once (otherwise the appropriate rights cannot be set for your GitLab user). The application must be released by your account release person and approved by TU.it.
The TUgitLab institute administrator has the ability to create groups and assign specific permissions to other GitLab users within these groups. These authorization levels are inherited downwards in the hierarchy and thus enable a flexible rights structure and assignment for projects. Since some GitLab limits are lifted within the groups, the TUgitLab institute administrator has a relatively high level of responsibility for the moderate use of available resources by his or her project staff. In addition, he can also create external users, for which he is of course also responsible. It is recommended that this role is only applied for by people who are likely to be employed at the institute for a longer period of time, since a transfer of rights can be costly.
In the Enterprise version of GitLab, you can create group hierarchies and assign inheritable project permissions to specific users within those groups. Only the TUgitLab institute administrator has the permission to create groups. Since group names in GitLab should be unique, please do not use overly general names and follow certain conventions. Groups have the advantage over the private namespace that the relative path does not change in case of a system change and a certain hierarchical overview is maintained.
The repository size is limited to 1 GB, the maximum push size is limited to 500 MB, and the maximum attachment size is limited to 50 MB. For the current default limits, see the help page, opens an external URL in a new window in GitLab. Git repositories are not designed to store large binary formats (images, multimedia files). If you have such data in your project, please enable LFS right from the start.
Access to projects, except via the web GUI, is exclusively via SSH keys or access tokens. Merge requests via email are also possible to a limited extent. External runner instances can be defined on projects. As mentioned above, a maximum of 10 projects can be created in the private namespace. This restriction does not exist for groups. Therefore, only small private projects should really be created in the private namespace.
The TUgitLab institute administrator has the possibility to enter a certain number (max. 50) of external project partners in the online account management, opens an external URL in a new window. Please note that e-mail addresses must be unique among all GitLab users and must not end in @tuwien.ac.at for external partners. Once the external users are created in GitLab, they can request a new password through the password reset link on the TUgitLab login page. The login itself is not done via Single-Sign-On, but via the local login screen with the email address as username. In principle, it is also possible that the same external user is entered by different TUgitLab institute administrators, but only created once in GitLab, since the unique key is the email address. If such an external user is to be removed from GitLab completely, it must be removed from all TUgitLab institute administrators.
If a member of the TU loses his TUaccount because he leaves the staff or finishes his studies, he will be locked in GitLab after some time. If this person also holds the function of a TUgitLab institute administrator, all external users they have entered will also be locked. In such a case, project authorizations are often affected, so it is recommended to transfer the authorizations to GitLab in time or to move the external users to another responsible person in the online account management, opens an external URL in a new window, otherwise TU.it will have to intervene manually.
See the GitLab help pages, opens an external URL in a new window for detailed online documentation on GitLab. There are also a number of information pages on the Internet about Git and version control (e.g. Git - Book, opens an external URL in a new window or What is version control, opens an external URL in a new window).
Basically, Single-Sign-On with TUaccount password offers the possibility of a two-factor authentication. For external users, local GitLab authentication also offers the option of enabling two-factor authentication in the user settings. It is recommended to make use of this option.
© TU Wien
Ticketsystem Online Portal, opens an external URL in a new window
Hotline 01 588 01 42002
1040 Wien, Operngasse 11, EG
The Service Center can be reached digitally from 8 a.m. to 4 p.m.
Personal customer contact only by prior appointment, opens an external URL in a new window.
Compliance with the currently applicable COVID-19 security regulations is assumed.