In principle, every member of the TU (TU employees and students) can log in to TUgitLab simply with the TUaccount password. By default, however, nobody can participate in non-public projects. This requires a so-called TUgitLab institute administrator to add this user to a group or a project owner to give this user the necessary rights to a project. TU employees are allowed to create a maximum of 10 projects in their private namespace, but this is not recommended and usually not necessary due to the possibility of groups. External users and students are always created as External in GitLab and thus have access only to projects where they have been explicitly added. Public projects can also be accessed directly without login.
In principle, most features of the Enterprise Ultimate version are available. For implementation reasons, GitLab Pages, LFS and CI/CD features such as Container Registry or Shared Runners cannot be offered at this time. For more information on the GitLab features themselves, please see the GitLab online documentation, opens an external URL in a new window.
No, this would only be necessary if you want to apply for the function as TUgitLab institute administrator.
When logging in for the first time, the e-mail address, display name and user name (derived from the e-mail address) are automatically entered in the profile. The user name cannot be changed and display name and mail address are always synchronized when you log in. For external users, a username is generated with which this person is assigned to the TUgitLab institute administrator in the online account management, opens an external URL in a new window. Please do not enter any additional sensitive information in your profile, as this information may be viewed by anonymous users in public projects.
Before you apply for an account as TUgitLab institute administrator in the online account management, opens an external URL in a new window, you should successfully log in to TUgitLab, opens an external URL in a new window at least once (otherwise the appropriate rights cannot be set for your GitLab user). The application must be released by your account release person and approved by TU.it.
The TUgitLab institute administrator has the ability to create groups and assign specific permissions to other GitLab users within these groups. These authorization levels are inherited downwards in the hierarchy and thus enable a flexible rights structure and assignment for projects. Since some GitLab limits are lifted within the groups, the TUgitLab institute administrator has a relatively high level of responsibility for the moderate use of available resources by his or her project staff. In addition, he can also create external users, for which he is of course also responsible. It is recommended that this role is only applied for by people who are likely to be employed at the institute for a longer period of time, since a transfer of rights can be costly.
In the Enterprise version of GitLab, you can create group hierarchies and assign inheritable project permissions to specific users within those groups. Only the TUgitLab institute administrator has the permission to create groups. Since group names in GitLab should be unique, please do not use overly general names and follow certain conventions. Groups have the advantage over the private namespace that the relative path does not change in case of a system change and a certain hierarchical overview is maintained.
The repository size was initially limited to 250 MByte, the maximum push size to 100 MByte and the maximum attachment size to 50MB. Please refer to the GitLab help page for the current default limits. Git repositories are not designed to store large binary formats (images, multimedia files). Projects can only be made public by the TU.it root administrator. Access to projects, other than via the web GUI, is exclusively via SSH keys or access tokens. Merge requests via e-mail are also possible with restrictions. External Runner instances can be defined for projects. As already mentioned above, a maximum of 10 projects can be created in the private namespace. This restriction does not exist for groups. Therefore only small private projects should be created in the private namespace.
The TUgitLab institute administrator has the possibility to enter a certain number (max. 50) of external project partners in the online account management, opens an external URL in a new window. Please note that e-mail addresses must be unique among all GitLab users and must not end in @tuwien.ac.at for external partners. Once the external users are created in GitLab, they can request a new password through the password reset link on the TUgitLab login page. The login itself is not done via Single-Sign-On, but via the local login screen with the email address as username. In principle, it is also possible that the same external user is entered by different TUgitLab institute administrators, but only created once in GitLab, since the unique key is the email address. If such an external user is to be removed from GitLab completely, it must be removed from all TUgitLab institute administrators.
If a member of the TU loses his TUaccount because he leaves the staff or finishes his studies, he will be locked in GitLab after some time. If this person also holds the function of a TUgitLab institute administrator, all external users they have entered will also be locked. In such a case, project authorizations are often affected, so it is recommended to transfer the authorizations to GitLab in time or to move the external users to another responsible person in the online account management, opens an external URL in a new window, otherwise TU.it will have to intervene manually.
See the GitLab help pages, opens an external URL in a new window for detailed online documentation on GitLab. There are also a number of information pages on the Internet about Git and version control (e.g. Git - Book, opens an external URL in a new window or What is version control, opens an external URL in a new window).
Basically, Single-Sign-On with TUaccount password offers the possibility of a two-factor authentication. For external users, local GitLab authentication also offers the option of enabling two-factor authentication in the user settings. It is recommended to make use of this option.
© TU Wien
Ticketsystem Online Portal, opens an external URL in a new window
Hotline 01 588 01 42002
1040 Wien, Operngasse 11, EG
The Service Center can be reached digitally from 8 a.m. to 4 p.m.