|
Size: 7913
Comment: converted to 1.6 markup
|
Size: 8008
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 49: | Line 49: |
<<Include(TracWithApache)>> |
|
| Line 174: | Line 176: |
修改 -- -- [[flyinflash]] [<<Date(2010-01-13T06:11:42Z)>>] |
Trac 使用速写 ::-- ZoomQuiet [2006-11-21 04:53:37]
Contents
1. Trac
Trac 是个项目管理系统,是pure Python的,是基于 Subvertion -- 史上最优秀的版本管理系统 --的! 安装说明非常的明白: http://trac.edgewall.org/wiki/TracInstall
- 大家之所以喜爱Trac 是因为Trac 将 版本管理系统/代码浏览系统/问题追踪系统/维基 All in One 的集成在一起,并可以快捷的配置和管理;
- 在啄木鸟会课中也有讨论:
http://wiki.woodpecker.org.cn/moin/BPUG/2006-08-27
- 在线阅读幻灯:
http://www.woodpecker.org.cn:9081/classes/Classes2006/060827-exoweb/usage-trac/
1.1. 快速安装trac
这里根据个人体验给个最 zip 的安装配置过程:
- 安装好必要的软件,如果是 BSD/GNU/Linux 系统的话会非常简单比如说:
#pkg_add -r trac
就会自动安装好一切,M$ 中,你按照要求安装好相应软件即可:
- 初始化 SVN:
$svnadmin create --fs-type fsfs /path/to/u/repo
- 启动 SVN:
$svnserve -d -r /path/to/u/repo
OK 你获得了一个版本管理仓库,然后这是在其上架设 trac 项目管理环境
- 创建trac 实例:
$trac-admin /path/to/u/trac/site initenv
回答一些问题,比较重要的这是回答你的SVN 仓库在哪儿,使用上面的 /path/to/u/repo 就好
启动 trac:
$tracd --port 80 /path/to/u/trac/site
就会由 trac 自个儿在 80 端口启动一 trac 站,你可以进行各种项目管理活动了;如果看着没有问题就使用 守护进程模式,启动:
$tracd -rd --port 80 /usr/local/www/data/trac
DONE!现在我们已经有Trac 环境可以运行使用了!
1.2. Trac 由Lighttpd 发布
$HTTP["host"] == "svn.YProject.org" { #主机名
auth.backend = "htpasswd" #说明认证文件的格式
auth.backend.htpasswd.userfile = "/path/to/tracusr.htpasswd" #认证文件位置 使用htpasswd 工具生成
auth.require = ("/trac/login" => #加入认证目录
("method" => "basic", #认证方式
"realm" => "YProject.org Project", #认证抬头,可以与Trac配置相同
"require" => "valid-user" #合法乎?
))
fastcgi.server = ("/trac" =>
("trac" =>
("socket" => "/tmp/trac-fastcgi.sock", #Fastcgi的socket
"bin-path" => "/usr/local/share/trac/cgi-bin/trac.fcgi", #trac的fcgi包
"check-local" => "disable",
"bin-environment" =>
# ("TRAC_ENV_PARENT_DIR" => "/usr/local/www/data") #多个trac时,指定trac的父目录,要求lighttpd的运行帐号(www)有读写权限
("TRAC_ENV" => "/usr/local/www/data/trac") #单个trac时的目录指定,要求读写。
)
)
)
accesslog.filename = "/jail/logs/matrix/svn.YProject.org-access.log"
server.errorlog = "/jail/logs/matrix/svn.YProject.org-error.log"
}
1.3. Trac 由 Apache 发布
1.3.1. 以Debian为例
修改/etc/apache2/sites-available/default-ssl后,启用并让apache重新加载配置文件。
a2ensite default-ssl /etc/init.d/apache reload
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin [email protected] # SA的email,出现错误时会向浏览用户显示该email
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/ssl_access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCACertificatePath /etc/ssl/certs/
#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded)
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath /etc/apache2/ssl.crl/
#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn't wait for
# the close notify alert from client. When you need a different shutdown
# approach you can use one of the following variables:
# o ssl-unclean-shutdown:
# This forces an unclean shutdown when the connection is closed, i.e. no
# SSL close notify alert is send or allowed to received. This violates
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
# this when you receive I/O errors because of the standard approach where
# mod_ssl sends the close notify alert.
# o ssl-accurate-shutdown:
# This forces an accurate shutdown when the connection is closed, i.e. a
# SSL close notify alert is send and mod_ssl waits for the close notify
# alert of the client. This is 100% SSL/TLS standard compliant, but in
# practice often causes hanging connections with brain-dead browsers. Use
# this only for browsers where you know that their SSL implementation
# works correctly.
# Notice: Most problems of broken clients are also related to the HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
<Location /trac> # http://您的域名/trac
SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonInterpreter main
PythonOption TracEnv /path/to/trac-proj # trac项目位置
PythonOption TracUriRoot /trac
SetEnv PYTHON_EGG_CACHE /tmp
</Location>
<Location /trac/login>
AuthType Basic # 认证方式
AuthName "trac" # 认证抬头
AuthUserFile /path/to/trac-proj/db/htpasswd # 认证文件位置,包含了用户和密码,使用htpasswd工具生成
Require valid-user
</Location>
<Location /svn>
DAV svn
SVNParentPath /var/svn/repos
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /path/to/trac-proj/db/htpasswd
AuthzSVNAccessFile /etc/apache2/dav_svn.authz # 以目录为颗粒度的SVN权限定义文件
SVNIndexXSLT "/svnindex.xsl"
Require valid-user
SSLRequireSSL
</Location>
</VirtualHost>
</IfModule>
1.4. 深入配置
接着就是根据自个儿的情况进行各种配置了:
- 界面配置
- 权限配置
- Tickets 配置
- 插件配置
- ....
一切都有明确的文档,只要你敢于尝试,trac 的管理和使用是非常清晰明了的
1.5. 项目管理
2. Trac传票系统
Trac环境针对项目提供了简单但是实用的提案和问题追踪服务.
作为Trac 的核心项目管理元素,传票--Ticket 可用以追踪:项目任务, 特性需求, 缺陷问题 和 软件讨论.
与TracWiki 的结合,达成了令用户的再次开发和贡献非常轻松的整体目标. 通过传票 可以非常轻易的汇报缺陷,提出问题,提交建议.
一个提案需分配给具体的人,他必须解决或是再次分配给另外的人. 所有传票可以在任何时候被编辑,注释,分配,优先排序,讨论...
注意传票提交时必要信息的填写要精确,足够,特别是 4W1H:
When -- 什么时候发现/解决的?
Where -- 哪个文件/URL的问题?
Who -- 谁发现的?
What -- 发生了什么?
How -- 谁?何时?在哪?如何?怎么?处理什么文件?才解决的?
2.1. 传票字段
每一传票都能包含有以下信息(传票字段详解):
Reporter - 汇报人
Status - 当前传票状态: new新增的, assigned已分配, closed已关闭, reopened重开.
Summary - 简述
Description - 说明,传票的主体,好的说明应该是明确的和切中要点的
Type - 类型属性 (比如说默认的: 缺陷 或是 增进建议)
Component - 组件,项目模块或是子系统
Version - 版本, 传票从属的项目版本
Priority - 优先级,提案的重要程度,从 trivial轻微的 到 blocker死锁 默认分5级 .
Milestone - 里程碑, 提案必须解决的时间点区间
Keywords - 关键字,一般用以搜索和报表
Assigned to/Owner - 责任人,被分配的主要负责人
Cc - 应该知会的相关成员列表 注意,这并并非重要的策略.
Resolution - 传票被关闭的理由: fixed解决的, invalid无效的, wontfix不可修复, duplicate重复的
注意: 以上 类型 , 组件, 版本, 优先级 和 严重度都可以由 trac-admin 管理工具统一配置.
2.2. 修改和批注传票
一旦传票被提交到Trac 中,你就可以在任何时候进行批注. 这意味着修改和批注是传票本身的一部分被进行追踪.
当阅读传票时,所有历史和批注都将列显在主体内容之下.
在Trac 项目中,我们使用传票来追踪任务和提案,以便在着手设计/执行前深入理解需求,确认正确的策略.
注意: 在传票说明和注释中可以使用重要的 Trac链接(TracLinks) 和 维基语法(WikiFormatting) 特性, 以便轻快的关联其它提案/变更集(changesets)/文件等等,以便你的传票容易理解.
注意: 参考Trac提醒(TracNotification),以配置Trac通过邮件对传票的变化进行提醒.
2.2.1. 状态图解
2.3. 传票的配置
2.3.1. 下拉菜单中的默认选项
新建传票时的下拉菜单的默认值,是可以在配置文件中声明的;具体trac.ini中的 [ticket] 一节:
default_component |
默认组件值 |
default_milestone |
默认里程碑名 |
default_priority |
默认优先级 |
default_severity |
默认严重度 |
default_type |
默认传票类型 |
default_version |
默认版本名 |
如果配置文件中省略了相应的设置,则默认值使用列表中的首个或是空值,依字段值是否必须.
2.3.2. 隐藏字段或是追加自定的
可以通过 trac-admin 隐藏多个默认传票字段,只要简单的清空所有值即可. 这种配置只针对下拉菜单有效,比如说:type类型, priority优先, severity严重度, component组件, version版本 and milestone里程碑.
Trac也支持使用自定的传票字段,具体参考TracTicketsCustomFields 获取更多信息.
2.3.3. "分配给"字段使用下拉菜单
如果可能的Trac传票用户是有限的,你就可以定制传票的 assign-to分配给 字段使用下拉菜单. 通过在配置文件trac.ini的[ticket] 一节,设置restrict_owner 选项为“true”.
这样Trac 将使用所有登录过并设置过邮箱信息的成员名组成下拉菜单.
让下拉菜单生效,用户首先注册为项目成员, i.e. 即: 数据库中有用户的session 存在. session 将在用户首次登录时自动生成,可以在用户Settings设置页面中看到具体数值. 同时,此用户必须要有 TICKET_MODIFY传票编辑权限 ,参考:[TracPermissions Trac 权限说明].
2.4. 创建传票的参数
通过组合一个链接,你可以直接创建传票, 只要调用 /newticket? 链接后是由& 连缀起来的variable=value参数=值组合字串.
可能的参数有 :
type - 类型
reporter - 提交人帐号或是邮箱
summary - 简述
description - 详细说明
component - 组件
version - 版本
severity - 严重度
keywords - 关键字
priority - 优先级
milestone - 里程碑
owner - 负责人
cc - 需要提醒的人员邮箱列表
例如: /trac/newticket?summary=Compile%20Error&version=1.0&component=gui
See also: TracGuide, TracWiki, TracTicketsCustomFields, TracNotification
2.5. 反馈
修改 -- -- flyinflash [2010-01-13]