gitlab runner 使用摘要
参考文档
GitLab Runner runs the CI/CD jobs that are defined in GitLab
GitLab Runner is open-source and written in Go. It can run as a single binary and has no language-specific requirements.
After you install GitLab Runner, you must create and register runners with your GitLab instance. This instance can be self-managed, or you can use GitLab.com. You can also follow the tutorial, Create, register, and run your own project runner.
General GitLab Runner Docker image usage
GitLab Runner Docker images (based on Ubuntu or Alpine Linux) are designed as wrappers around the standard gitlab-runner
command, like if GitLab Runner was installed directly on the host.
GitLab Runner command that normally would be executed as
gitlab-runner <runner command and options...>
can be executed with
docker run <chosen docker options...> gitlab/gitlab-runner <runner command and options...>
For example
docker run --rm -t -i gitlab/gitlab-runner --help
NAME:
gitlab-runner - a GitLab Runner
USAGE:
gitlab-runner [global options] command [command options] [arguments...]
VERSION:
16.5.0 (853330f9)
(...)
Use local system volume mounts to start the Runner container
#!/bin/bash
export GITLAB_RUNNER_HOM=/srv/gitlab-runner
docker run \
-d \
-v $GITLAB_RUNNER_HOME/etc/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
--privileged \
--network bridge \
--add-host gitlab.example.com:172.17.0.2 \
--name gitlab-runner \
--link gitlab:gitlab \
gitlab/gitlab-runner:latest run --user root --working-directory /root
Update configuration
If you change the configuration in config.toml
, you might need to restart the runner to apply the change. The config.toml
is the configuration file that you use to configure runners, and is created when you register a runner.
You should restart the whole container instead of using gitlab-runner restart
docker restart gitlab-runner
SELinux
Some distributions (CentOS, Red Hat, Fedora) use SELinux by default to enhance the security of the underlying system
Special care must be taken when dealing with such a configuration.
- If you want to use the Docker executor to run builds in containers, you need access to /var/run/docker.sock. However, if SELinux is in enforcing mode, you see a Permission denied error when you’re accessing
/var/run/docker.sock
. Install selinux-dockersock to resolve this issue. - Make sure that a persistent directory is created on host:
mkdir -p /srv/gitlab-runner/config
. - Run Docker with
:Z
on volumes:
docker run -d --name gitlab-runner --restart always \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /srv/gitlab-runner/config:/etc/gitlab-runner:Z \
gitlab/gitlab-runner:latest
Registering runners
参考文档
Introduced in GitLab Runner 15.0, a change to the registration request format prevents the GitLab Runner from communicating with GitLab 14.7 and earlier. You must use a GitLab Runner version that is appropriate for the GitLab version, or upgrade the GitLab application
Runner registration is the process that links the runner with one or more GitLab instances. You must register the runner so that it can pick up jobs from the GitLab instance.
-
Run the register command
sudo gitlab-runner register
- Enter your GitLab URL
- Enter the runner authentication token
- Enter the runner authentication token
- Enter the type of executor
-
You can also use the
non-interactive mode
to use additional arguments to register the runnersudo gitlab-runner register \ --non-interactive \ --url "https://gitlab.com/" \ --token "$RUNNER_TOKEN" \ --executor "docker" \ --docker-image alpine:latest \ --description "docker-runner"
生成runner后, 生成的 runner 配置参考
配置文件demo
concurrent = 1
check_interval = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "blog-runner"
url = "http://gitlab.example.com:8980"
token = "t1ixUk811QUySmuzCeMq"
clone_url="http://172.17.0.2:8980/"
executor = "docker"
[runners.custom_build_dir]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
[runners.cache.azure]
[runners.docker]
tls_verify = false
image = "alpine:latest"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
pull_policy = "if-not-present"
shm_size = 0
-
pull_policy
- always: Pull an image even if a local image exists. Default
- if-not-present: Pull an image only when a local version does not exist
- if-not-present: Pull an image only when a local version does not exist
-
clone_url
- Overwrite the URL for the GitLab instance. Used only if the runner can’t connect to the GitLab UR
-
How
clone_url
worksWhen the GitLab instance is available at a URL that the runner can’t use, you can configure a
clone_url
.For example, a firewall might prevent the runner from reaching the URL. If the runner can reach the node on
192.168.1.23
, set theclone_url
tohttp://192.168.1.23
.If the
clone_url
is set, the runner constructs a clone URL in the form ofhttp://gitlab-ci-token:s3cr3tt0k3n@192.168.1.23/namespace/project.git