Public Repository

Last pushed: 3 months ago
Short Description
Gitlab Runner's image for Openshift CI\CD.
Full Description

This image contain Gitlab Runner's adapted for work inside Openshift with Kubernetes executor and OC console client.
For use this image, you must run first (in example using project named "gitlab-runners-farm"):

  1. Create project (example "gitlab-runners-farm").
  2. Run this commands with clister-admin privileges:
    oc create serviceaccount gitlab-runner-user -n gitlab-runners-farm
    oc adm policy add-scc-to-user anyuid -z gitlab-runner-user -n gitlab-runners-farm
    oc adm policy add-scc-to-user privileged -z gitlab-runner-user -n gitlab-runners-farm
  3. Deploy and process this template:
    apiVersion: v1
    kind: Template
    metadata:
    name: gitlab-runner.yaml
    namespace: gitlab-runners-farm
    annotations:
     description: 'GitLab Runner, requires being run as a privileged user.'
     openshift.io/imported-from: brightforest/gitlab-runner
     openshift.io/scc: privileged
     tags: 'gitlab,CI'
    
    objects:
    • apiVersion: v1
      data:
      config.toml: |
        concurrent = 10
        check_interval = 10
      
      entrypoint: |
        #!/bin/bash
        set -xe
        cp /scripts/config.toml /etc/gitlab-runner/
        # Register the runner
        /entrypoint register --non-interactive \
        --url $GITLAB_URL \
        --executor kubernetes \
        --tag-list openshift
        # Start the runner
        /entrypoint run --user=gitlab-runner \
        --working-directory=/home/gitlab-runner
      
      kind: ConfigMap
      metadata:
      name: '${APPLICATION_NAME}-scripts'
    • apiVersion: v1
      kind: ServiceAccount
      metadata:
      name: '${APPLICATION_NAME}-user'
    • apiVersion: v1
      kind: RoleBinding
      metadata:
      name: '${APPLICATION_NAME}_edit'
      roleRef:
      name: edit
      subjects:
      • kind: ServiceAccount
        name: '${APPLICATION_NAME}-user'
    • apiVersion: v1
      kind: DeploymentConfig
      metadata:
      labels:
        app: '${APPLICATION_NAME}'
      
      name: '${APPLICATION_NAME}'
      spec:
      replicas: 1
      selector:
        app: '${APPLICATION_NAME}'
        deploymentconfig: '${APPLICATION_NAME}'
      
      strategy:
        type: Recreate
      
      template:
        metadata:
        labels:
            app: '${APPLICATION_NAME}'
            deploymentconfig: '${APPLICATION_NAME}'
        spec:
        containers:
            - command:
                - /bin/bash
                - /scripts/entrypoint
            env:
                - name: GITLAB_URL
                value: '${GITLAB_URL}'
                - name: REGISTRATION_TOKEN
                value: '${REGISTRATION_TOKEN}'
                - name: KUBERNETES_PRIVILEGED
                value: 'true'
                - name: KUBERNETES_IMAGE
                value: 'ubuntu:16.04'
                - name: KUBERNETES_NAMESPACE
                valueFrom: {fieldRef: {fieldPath: metadata.namespace}}
            image: gitlab-runner
            imagePullPolicy: IfNotPresent
            livenessProbe:
                exec:
                command: [/usr/bin/pgrep, gitlab-ci-multi]
                failureThreshold: 3
                initialDelaySeconds: 60
                periodSeconds: 10
                successThreshold: 1
                timeoutSeconds: 1
            name: gitlab-runner
            ports:
                - containerPort: 22
                protocol: TCP
                - containerPort: 80
                protocol: TCP
            readinessProbe:
                exec:
                command: [/usr/bin/pgrep, gitlab-ci-multi]
                failureThreshold: 3
                initialDelaySeconds: 10
                periodSeconds: 10
                successThreshold: 1
                timeoutSeconds: 1
            resources:
                limits:
                cpu: 600m
                memory: 600Mi
                requests:
                cpu: 100m
                memory: 300Mi
            securityContext:
                privileged: true
                runAsUser: 0
            terminationMessagePath: /dev/termination-log
            volumeMounts:
                - mountPath: /scripts
                name: scripts
                - mountPath: /var/run/docker.sock
                name: socket
        dnsPolicy: ClusterFirst
        restartPolicy: Always
        serviceAccount: gitlab-runner-user
        serviceAccountName: gitlab-runner-user
        terminationGracePeriodSeconds: 30
        volumes:
            - configMap:
                name: '${APPLICATION_NAME}-scripts'
            name: scripts
            - hostPath:
                path: /var/run/docker.sock
            name: socket
      
      test: false
      triggers:
        - type: ConfigChange
        - imageChangeParams:
            automatic: true
            containerNames:
            - gitlab-runner
            from:
            kind: ImageStreamTag
            name: 'gitlab-runner:latest'
        type: ImageChange
      
      parameters:
    • name: APPLICATION_NAME
      displayName: Application name.
      description: >-
      The name for the application. The service will be named like the
      application.
      value: gitlab-runner
      required: true
    • name: GITLAB_URL
      displayName: GitLab URL
      description: URL that GitLab can be reached at
      required: true
    • name: REGISTRATION_TOKEN
      displayName: Registration Token.
      description: Runner Registration Token from the GitLab app
      required: true
Docker Pull Command
Owner
brightforest

Comments (0)