University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

ICTS GitLab 11.6.3

Document No: 1
Prepared by: Riaan Barkhuizen
Date: 27 March 2019
Version: 1.0

Effective Date: 15 March 2019 1

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

DOCUMENT INFORMATION

SOP TITLE ICTS GitLab

SOP NUMBER
SOP CATEGORY
SOP VERSION NUMBER 1.0
EFFECTIVE DATE
REVISION DATE

DOCUMENT APPROVAL

NAME ROLE DATE SIGNATURE

AUTHOR:

Riaan Barkhuizen Technical Specialist

REVIEWER(S):

APPROVER(S):

Senior Manager: Application Services

Pierre Neethling After consultation with ITMT and relevant line
managers

CLIENT SIGNATURE:

Effective Date: 15 March 2019 2

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

DOCUMENT CONTROL
REVISION HISTORY:
VERSION NO AUTHOR DATE Revision
1.1 Riaan Barkhuizen 12/03/2019 Draft

Effective Date: 15 March 2019 3

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

Table of Contents

1. GitLab on premise ________________________________________________________ 5

1.1. Introduction________________________________________________________ 5
1.2. Objective __________________________________________________________ 5
1.3. Scope _____________________________________________________________ 5
1. Definitions and abbreviations_______________________________________________ 6
2. Applicable to ____________________________________________________________ 8
3. Exclusions ______________________________________________________________ 8
4. Summary________________________________________________________________ 8
5. Details: _________________________________________________________________ 9
5.1. Presence/Usage ____________________________________________________ 9
5.2. Design and Structure ________________________________________________ 9
5.3. Code creation, maintenance, publishing, and archiving ___________________ 9
5.4. Classification governance ___________________________________________ 10
5.4.5. Access requests _______________________________________________________ 10
5.4.6. Maintenance and revoking of access _______________________________________ 10
6. Roles and responsibilities ________________________________________________ 11
7. Coding standards _______________________________________________________ 11
8. Related Links ___________________________________________________________ 11

Effective Date: 15 March 2019 4

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

1. GitLab on premise
1.1. Introduction
GitLab is the first single application for the entire DevOps lifecycle. From planning
to monitoring, GitLab covers every stage and additionally lets you manage and
secure across stages. Only GitLab enables Concurrent DevOps, unlocking
organizations from the constraints of the toolchain. GitLab provides unmatched
visibility, higher levels of efficiency, and comprehensive governance. This makes
the software lifecycle 200% faster, radically improving the speed of business.
The service is available to all UCT Staff and 3rd party contractors. This service is
not intended for research purposes. GitLab helps teams manage and optimize their
software delivery lifecycle with effective central management of code and user
access.
Users get access to the system by completing the application process.

1.2. Objective
The UCT GitLab application is on-premise for the following reasons:
1. The rights to the source code is owned by UCT and is private to internal use only.
GitHub, on the other hand, is a hosted solution and does not protect the rights to
any code as it is publicly available.

2. Integration into the UCT Active Directory cluster for authentication and access
control.

3. Improved security through authenticated access only, unlike GitHub with public
access on site with no public access for GitLab specific.

1.3. Scope
4. GitLab will be the software revision system and central repository for all code.
GitLab does not replace the change management process and all changes,
including deployment of new code to production systems, must follow the formal
change management process .

The solution includes the handling of incoming GitLab project software development
requests, version control and ticketing, security, programming methodology and
various development guidelines and standards for the specific project.

Effective Date: 15 March 2019 5

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

1. Definitions and abbreviations

TERM DESCRIPTION
AS Application Services (see also: EIS)
Central repository A central place where data is stored and maintained. A repository
can be a place where multiple databases or files are located for
distribution over the network, or a repository can be a location that
is directly accessible to the user without having to travel across a
network. In the UCT context a central repository implies that it is
the designated repository for a particular type of content.
Content services Defined by Gartner as “a set of services and micro-services
embodied either as an integrated product suite or as separate
applications that share common APIs and repositories, to exploit
diverse content types and to serve multiple constituencies and
numerous cases across the organisation.” (Gartner, OnBase by
Hyland Terminology)
DevOps Development operations
EIS Enterprise Infrastructure Services (for more information, see: EIS)
End user / Users A university staff member using computer equipment connected
to the university network. (see also: UCT member)
Enterprise Content This program was initiated in 2011 and aimed to create an
Management (ECM) integrated and consolidated set of principles, frameworks, scope
Program and governance for the implementation of ECM capabilities at
UCT. (For more information, see:
https://www.news.uct.ac.za/article/-2011-04-04-new-content-
management-programme-will-bring-order)
Enterprise content “Enterprise Content Management (ECM) is the strategies, methods
management and tools used to capture, manage, store, preserve, and deliver
content and documents related to organizational processes. “ (AIIM)

ECM tools and strategies allow the management of an organization's

unstructured information, wherever that information exists.” (AIIM)

“ECM” has been renamed to “content services” (see also: content

services)

External A person who is not a staff member or student at UCT and who
does not have a UCT employee / student staff number.
GitLab GitLab is a single application for the entire DevOps process. It
allows multiple users to work together in a seamless, more
effective way improving business productivity. It centralises the

Effective Date: 15 March 2019 6

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

management and control of developing code, simplifies the

business and removes the hassles of tracking code changes. (For
more information on the GitLab website, see: About GitLab and
GitLab Documentation)
Hostname In computer networking, a hostname (sometimes referred to as
‘nodename’) is a label that is assigned to a device connected to a
computer network
ICTS Information Communications Technology Services
IP-Address A unique string of numbers separated by full stops that identifies
each computer using the Internet Protocol to communicate over
a network.
LDAP Lightweight Directory Access Protocol

SOP Standard Operating Procedure

UCT University of Cape Town
UCT community The broader UCT community includes UCT members as well as
associated authorised UCT third parties (which may be involved
in an official project / course but in a shorter-term capacity).
UCT GitLab Role responsible for writing the code in a project. They can do
developer all that a reporter can do, as well as additional features required
for developing code. (for more on permissions in GitLab, see:
https://docs.gitlab.com/ee/user/permissions.html)
UCT GitLab guest Role responsible for giving input on code in a project. Can
create issues, leave comments, see related issues, jobs, job log,
download and browse job artefacts, view wiki pages, license
management reports, and security reports (for more on
permissions in GitLab, see:
https://docs.gitlab.com/ee/user/permissions.html)
UCT GitLab Role responsible for maintaining DevOps projects. Can perform
maintainer most functions in GitLab, except high-level project administration
functions. (for more on permissions in GitLab, see:
https://docs.gitlab.com/ee/user/permissions.html ).
UCT GitLab project Role responsible for managing DevOps projects. Can do all the
owner maintainer can do, as well as functions specific to an
administrator for the DevOps project, i.e. full access to the
project they ‘own’ (for more on permissions in GitLab, see:
https://docs.gitlab.com/ee/user/permissions.html).
UCT GitLab reporter Role responsible for giving input on code in a project. Can do all
that a GitLab guest can do, as well as any features to facilitate
reporting on code and coding except code commit features (for

Effective Date: 15 March 2019 7

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

more on permissions in GitLab, see:

https://docs.gitlab.com/ee/user/permissions.html).
UCT GitLab The UCT GitLab repository has been created, by an ICTS
repository developer, in direct response to an approved ICTS development
request which was accepted as an authorised project.
UCT members Staff and Researchers currently actively associated and involved
with UCT
UCT third parties “A third party is neither a UCT staff member (T1, T2 and T3
contract staff and permanent staff) nor a registered student, but
someone who requires access to one or more UCT facilities for a
limited period (not exceeding six months).” (UCT role model: third
parties)
URL A Uniform Resource Locator (URL), colloquially termed a web
address, is a reference to a web resource that specifies its location
on a computer network and a mechanism for retrieving it

2. Applicable to
All UCT staff and external contractors that make use of UCT’s code repository, UCT
GitLab and its available services. GitLab will be used to address the current issues
where no central code is being managed, no central backups performed, and no version
tracking of changes being done.

3. Exclusions
This does not apply to the storing of code of purchased commercial products.

4. Summary
• Presence/Usage: The GitLab has a defined URL, specified availability and usage
criteria, and must only be on-premise.
• Design and structure: The UCT GitLab repository will have UCT branding and will
not be customised.
• Code creation, maintenance, publishing, and archiving: Code must be created,
maintained, published, and archived according to the principles outlined below, with
ICTS being the code custodian for UCT.
• Classification governance: Project names and descriptions must comply with the
principles outlined below.

• Security: Access requests and maintenance and revoking of access must comply
with the principles outlined below.

Effective Date: 15 March 2019 8

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

• System maintenance: The ICTS EIS: Application Services team is responsible for
system maintenance according to the principles outlined below.
• Roles and responsibilities: The various role players in the UCT GitLab DevOps
process (Applications Services; Guests; Project owners; Developers; Maintainers),
must fulfil their responsibilities outlined below.
• Policy violations: Any non-compliance of the policy must be reported to ICTS who
will deal with it according to this policy.

5. Details:
5.1. Presence/Usage
5.1.1. UCT GitLab can be accessed using https://gitlab.uct.ac.za
5.1.2. UCT GitLab will only be available internally or by using the UCT VPN connection
off-campus.
5.1.3. UCT GitLab will at all times only be an on-premise application. (see: 1.2.
Rationale)
5.1.4. UCT GitLab must not be used for research development.
5.1.5. End users must not engage in any activity, intentionally or otherwise, that may
cause this SOP to be violated

5.2. Design and Structure

5.2.1. The on-premise UCT GitLab application will be branded with the UCT brand.
5.2.2. This application will not be customized and will remain as installed and
configured.

5.3. Code creation, maintenance, publishing, and archiving

5.3.1. All code for UCT operational systems must be booked into UCT GitLab,
managed and controlled through the GitLab application.
5.3.2. ICTS will remain the custodian of the code and no code will be deleted; only
archived.
5.3.3. GitLab is the “git” repository that also provides a ticketing system for bug
fixing/testing.
5.3.4. No development projects will at any time be deleted from UCT GitLab. They will
only be archived.
5.3.5. Only code for shelf-bought products may be used and customized without using
the GitLab system. All self-developed code, through internal or contracted
resources, must make use of the GitLab repository.

Effective Date: 15 March 2019 9

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

5.4. Classification governance

5.4.1. Project names must be descriptive.
5.4.2. Project descriptions must include the ServiceNow request number and a brief
description of its purpose.
5.4.3. Wherever possible, apply applicable tags to facilitate preservation and retrieval.
5.4.4. Security
5.4.5. Access requests
1. Access requests to GitLab must at all times be requested through the UCT
call logging system ServiceNow: https://uct.service-now.com/sp
2. Access to newly created projects will be granted by UCT GitLab
administrators in Application Services.
3. Access requests to projects and code changes will only be granted by
GitLab project owners or GitLab project maintainers. (see Roles section in
UCT GitLab User Guide)
4. Removal of any access to GitLab must at all times be requested through the
UCT call logging system ServiceNow: https://uct.service-now.com/sp
5. Project owners must be UCT staff members.
5.4.6. Maintenance and revoking of access
1. Maintenance of access to UCT GitLab projects must be done by project
owners and maintainers.
2. Revoking of access must be done if the following conditions apply:
IF… THEN…
The user leaves • Their active directory account must be disabled by
UCT ICTS.

• This will eliminate their access to the GitLab system.

The user is no • This user must ensure that the project owner is
longer working on a informed of this.
UCT GitLab project
• The project owner must remove the project members
access from within the GitLab portal.

The project owner • The current project owner must request a change of
changes ownership in ServiceNow, completing the request form
with all required details.

• In cases when the project owner is not available to

process the request, the department manager must
submit the request.

Effective Date: 15 March 2019 10

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

IF… THEN…
User accounts are • As a standard procedure, inactive user accounts will be
inactive disabled by ICTS.

6. Roles and responsibilities

UCT roles/areas Responsible for
ICTS EIS: Applications • Monthly maintenance of UCT GitLab in the ICTS
Services Maintenance Slots

• Applying product updates and patches.

• Any troubleshooting or fault finding necessary

Project owners • Creation of project maintainers

• Creation of project groups

• Monitors project status and security

Maintainers • Maintains project coding standards

• Rights allocation of users to the current project

Developers • Addition and changing of code

• Apply proper coding standards and commenting of

code

Reporters • Can add comments to code and project status

Guest • Comment on project code and status

7. Coding standards
UCT coding standards are to be followed at all times. See SOP – Software Development
Services.docx for reference.

8. Related Links
• ServiceNow: https://uct.service-now.com/sp

• New content management programme will bring order (4 April 2011):

https://www.news.uct.ac.za/article/-2011-04-04-new-content-management-programme-will-bring-order

Effective Date: 15 March 2019 11

 University of Cape Town, Information and Communication Technology Services

SOP No. Standard Operating Procedure SOP Version

ICTS GitLab 1.1

• ICTS Development requests: www.icts.uct.ac.za/development-requests

• UCT GitLab Portal: https://gitlab.uct.ac.za

• UCT VPN: http://www.icts.uct.ac.za/VPN

• UCT GitLab end user guide: Link to Article

• Scheduled ICTS maintenance slots: http://www.icts.uct.ac.za/icts-maintenance-slots

• GitLab User documentation: https://docs.gitlab.com/ee/user/

• GitLab User documentation: Permissions: https://docs.gitlab.com/ee/user/permissions.html

Effective Date: 15 March 2019 12