Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Auto-register GitLab runner

Tags:

docker-compose

gitlab

gitlab-ci-runner

I have a docker-compose.yml file that sets up Gitlab, Container Registry and a Gitlab Runner.

version: '2'

services:
  redis:
    restart: always
    image: sameersbn/redis:latest
    command:
    - --loglevel warning
    volumes:
    - redis:/var/lib/redis:Z

  postgresql:
    restart: always
    image: sameersbn/postgresql:9.5-3
    volumes:
    - postgresql:/var/lib/postgresql:Z
    environment:
    - DB_USER=gitlab
    - DB_PASS=password
    - DB_NAME=gitlabhq_production
    - DB_EXTENSION=pg_trgm

  gitlab:
    restart: always
    image: sameersbn/gitlab:10.1.1
    volumes:
    - gitlab-data:/home/git/data:Z
    - gitlab-logs:/var/log/gitlab
    - ./certs:/certs
    depends_on:
    - redis
    - postgresql
    ports:
    - "80:80"
    - "2222:22"
    external_links:
    - "registry:registry"
    environment:
    - DEBUG=false

    - DB_ADAPTER=postgresql
    - DB_HOST=postgresql
    - DB_PORT=5432
    - DB_USER=gitlab
    - DB_PASS=password
    - DB_NAME=gitlabhq_production

    - REDIS_HOST=redis
    - REDIS_PORT=6379

    - GITLAB_HTTPS=false # <---
    - SSL_SELF_SIGNED=true # <---

    - GITLAB_HOST=192.168.99.100 # <---
    - GITLAB_PORT=80
    - GITLAB_SSH_PORT=2222
    - GITLAB_SHELL_SSH_PORT=2222
    - GITLAB_RELATIVE_URL_ROOT=
    - GITLAB_SECRETS_DB_KEY_BASE=secret
    - GITLAB_SECRETS_SECRET_KEY_BASE=secret
    - GITLAB_SECRETS_OTP_KEY_BASE=secret

    - GITLAB_REGISTRY_ENABLED=true
    - GITLAB_REGISTRY_HOST=localhost # <---
    - GITLAB_REGISTRY_PORT=4567
    - GITLAB_REGISTRY_API_URL=https://localhost:4567/ # Internal address to the registry, will be used by GitLab to directly communicate with API.
    - GITLAB_REGISTRY_CERT_PATH=/certs/localhost-auth.crt # <---
    - GITLAB_REGISTRY_KEY_PATH=/certs/localhost-auth.key # <---

# Read here --> https://hub.docker.com/r/sameersbn/gitlab-ci-multi-runner/
  runner:
    restart: always
    image: gitlab/gitlab-runner:latest
    external_links:
    - "gitlab:gitlab" # <---
    environment:
    - CI_SERVER_URL=http://192.168.99.100:80/ci/
    - RUNNER_TOKEN=1XoJuQeyyN3EZxAt7pkn # < ------------------- different every time
    - RUNNER_DESCRIPTION=default_runner
    - RUNNER_EXECUTOR=shell

  registry:
    restart: always
    image: registry:2.4.1
    ports:
    - "4567:5000" # <---
    volumes:
    - registry-data:/var/lib/registry
    - ./certs:/certs
    external_links:
    - "gitlab:gitlab" # <---
    environment:
    - REGISTRY_LOG_LEVEL=info
    - REGISTRY_STORAGE_DELETE_ENABLED=true
    - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry

    - REGISTRY_AUTH_TOKEN_REALM=http://localhost/jwt/auth # <---
    - REGISTRY_AUTH_TOKEN_SERVICE=container_registry
    - REGISTRY_AUTH_TOKEN_ISSUER=localhost
    - REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/certs/localhost-auth.crt # <---

    - SSL_REGISTRY_KEY_PATH=/certs/localhost-auth.key # <---
    - SSL_REGISTRY_CERT_PATH=/certs/localhost-auth.crt # <---

    - REGISTRY_HTTP_TLS_CERTIFICATE=/certs/localhost-auth.crt # <---
    - REGISTRY_HTTP_TLS_KEY=/certs/localhost-auth.key # <---
    - REGISTRY_HTTP_SECRET=secret

  portainer:
    image: portainer/portainer
    ports:
      - "9000:9000"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "/opt/portainer:/data"

volumes:
    gitlab-data:
    gitlab-logs:
    postgresql:
    redis:
    registry-data:

The problem is that the runner is not registered and I have to do it every time manually (not succeeded yet though). I would like to be registered automatically to the Gitlab server with the auto-generated token so I [or the arbitrary dev that would use the docker-compose.yml file] do not care about that.

I am trying to find a way to grab the token and feed it to the runner. Is it possible in any way?

like image 296
Kostas Demiris Avatar asked May 31 '26 10:05

Kostas Demiris

1 Answers

You can either (1) mount your /etc/gitlab-runner directory and keep it persistent or (2) create an entrypoint script that registers the runner every time the container starts.

For example, you may have an entrypoint script like this:

#!/usr/bin/env bash
# entrypoint.sh
gitlab-runner register \
  --non-interactive \
  --url "${CI_SERVER_URL}/" \
  --registration-token "${RUNNER_TOKEN}" \
  --executor "${RUNNER_EXECUTOR}" \
  --descritpion="${RUNNER_DESCRIPTION}" \
  --config="/etc/gitlab-runner/config.toml"

# call original gitlab-runner entrypoint with CMD args
exec /usr/bin/dumb-init /entrypoint "$@"

And a dockerfile for the runner like this:

FROM gitlab/gitlab-runner:v14.8.2

COPY entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT ["./docker-entrypoint.sh"]

# Need to redefine original CMD provided by the parent image after setting ENTRYPOINT
CMD ["run", "--user=gitlab-runner", "--working-directory=/home/gitlab-runner"]

This is just one way of expressing the solution. In principle, you don't need to custom-build the image -- you could make an equivalent entrypoint: key in your compose file and skip the custom dockerfile.

like image 127
sytech Avatar answered Jun 04 '26 09:06

sytech
Sign in to Comment

Related questions

Trouble Formatting docker-compose.yaml in VS Code with Docker Extension
Prevent skip in docker-compose
ZuulException (SendErrorFilter) at first call

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!