JHipsterのプロジェクトをGitLabでCI/CDする
の編集
Top
/
JHipsterのプロジェクトをGitLabでCI
/ CDする
[
トップ
] [
編集
|
差分
|
バックアップ
|
添付
|
リロード
] [
新規
|
一覧
|
単語検索
|
最終更新
|
ヘルプ
]
-- 雛形とするページ --
10の質問
ABC予想
AI
AI API
AI プロンプト
AIでつかわれているtransformerのまとめ
AIの話題
ANTLR
ANTLR v3 FAQ よくある質問
ANTLR 独学
ANTLR4 独学
ANTLRでOracleのDDLを解析してみる
ANTLRチュートリアル
AOP
API
ARMマイコン基盤
ATOM SHELL理論
Access VBAメモ
Access-Control-Allow-Origin
AndroidとTensorflow
Android開発
Android開発 入門
AngularJS
Anko
Apache Bench
ArchUnitを学ぶ
Axiosとは
Axis2
BI Publisherで始めるデータ駆動型レポート作成
BPMNの勉強
BackTrack4
Blog from iPhone
Bootstrapとは
BracketName
C3 AI Applications
C3 AI エクスマキナ
CSS備忘録
CentOS
ChatGPTの話題
Chevrotainのパーサメソッド
Chevrotain一覧
Chromeエクステンション
Cocoa Touch Static Library
CoffeeScript
Confluent Control Centerやってみる
C言語でオブジェクト志向な記述方法
DDD ドメイン駆動設計
DDL生成ツール
DJUnit
DMM.comのAPIとか
DOSコマンドメモ
Dashcode
DeepFloyd IF
Dockerが動かない場合の対処
ES2015
Eclipse Monkey
Eclipse Plugin
Eclipseの色設定
Eclipse使いがXCode使い初めて知りたいこと
ElasticMQメモ
Elixir
Emmet
Erlangメモ
ExcelファイルをAIに読ませる
Exceptionを見やすく
Expression Tree
FLEX
FLEX リフレクション
Fisheye
FlashやJavascriptを使った演出
FormattingRules
FrontPage
GAE
GAE Data Store API
GENERAL SQL PARSER JAVA を試してみる
GLOBAL
GPT4ALL
GQL
GUIからMacPortsを管理するアプリケーション - Porticus
Generative Adversarial Networks
Gin JavaScriptで構文解析
Git Blame
GitHubアクションを使ったトロイの木馬のまとめ
GitLab
GitLabRunnerを増やす
GitLabでPlantUML使ってみる
GitLabでプロジェクト管理する
GitLabの機能をそのまま使って認証システム作ったらどこまでできる?
GitLabサーバインストールとメンテ注意事項
GitとAntとSpringとJUnit
Google Cloud Platform
Googleの裏技
Google認定プロジェクトマネージャの勉強メモ
Grails
GraphQL
HTM 階層型時間メモリ
HTML スクレイピング
HTML パース
HTML5
HTML5 Canvas
Hadoop
Help
If Then Maybe プログラミング
Inkscape script
InterWiki
InterWikiName
InterWikiSandBox
JAVAの記事一覧
JBoss
JDBC テーブル一覧を得る
JDBC カラム一覧を得る
JDT eclipse
JGRIB
JHIPSTER JDL
JHIPSTER OpenAPI
JHIPSTER エンティティをフィルタリングする
JHIPSTER6.1.2
JHIPSTERでスマホサイト
JHIPSTERのBLUEPRINTを作る
JHIPSTER一覧
JHipster
JHipster API FirstDepelop
JHipster エンティティを更新する
JHipster7をつかってみる
JHipsterでBuleprintを使いこなす
JHipsterのコード生成を改造
JHipsterのプロジェクトをGitLabでCI/CDする
JHipsterのプロジェクトをデプロイする
JMeter
JOOQとは
JSFとStruts
JSqlParser
Java Closure
Java Compiler API
Java Function
Java SQL Parserを調査する
Java Spring AOP
Java Spriteを設計してみる
Java オブジェクトのダンプ
Java ドラックできる曲線
Java 備忘録
Java 文字化け
Java11以降のJRE
Java7サンプルコード
JavaFx
JavaScriptでパーサを作る Chevrotain
Javaasist 動的にクラスを編集
Javascript グラフィックライブラリ
Javascript コーディングパターン
Javascript界隈
Javassist
JavaでSVG
Javaで関数型で引数をとる
JavaのジェネリクスTip
Javaのラムダ式
Javaの有名なライブラリ紹介
Javaは、IDEのテンプレートを使いこなせばいいよ
Javaプログラマ向けモナド
Javaメモリリーク
Jenkins
Jenkins(Hudson)メモ
Jestとは
Jhipsterマイグレーション
Json Yaml Xml Hash Scala
Kafka REST Proxy さわってみる
Kotolin
LDAPサーバをdockerで立ち上げる
Linux メモ
LiquiBaseとは
Lombok
MDBをコンパクトにするVBA
MQL5 小作品
MT4
MT5 EA
MYSQL
MacTool
Macにしゃべらせる
Mac用のメモ
Mattermostを使ってオンプレミスでチャット環境を作る
Maven
Mementoパターン
MenuBar
MoonsharpとLuaとUnityについて学ぶ
NILScript
NetBeanでプロファイル
Network Service Desk Engineer
Node-RED
Node-Red
NumPy
OQL オブジェクト問い合わせ言語
OSコマンドインジェクション
ObjctiveC サウンド
ObjectMapperの備忘録
ObjectiveC NSString
ObjectiveC サーバ
ObjectiveC ターミナル用コマンドを作る
ObjectiveC バックグラウンド
ObjectiveC ワーニング
Oculusアプリの開発
OpenFeint
OpenOffice
OpenResty
Outlook VBA
PHP
POSTGRESQL
Pandas Python Data Analysis Library
PdfBox Java用PDFライブラリ
Plagger
PukiWiki
PukiWiki/1.4
PukiWiki/1.4/Manual
PukiWiki/1.4/Manual/Plugin
PukiWiki/1.4/Manual/Plugin/A-D
PukiWiki/1.4/Manual/Plugin/E-G
PukiWiki/1.4/Manual/Plugin/H-K
PukiWiki/1.4/Manual/Plugin/L-N
PukiWiki/1.4/Manual/Plugin/O-R
PukiWiki/1.4/Manual/Plugin/S-U
PukiWiki/1.4/Manual/Plugin/V-Z
PyHipster
QuartzCore
RAD
REST
RWKV
Rails3
Railsと差分開発についての考察
React.js
React.js モーダル画面
RecentDeleted
RedmineLE
Redshift
Relumeでサイトの骨格を作る
Require.js
Rubycocoa
RubyでScalaをコンパイルするツールをつくる
Rubyアソシエーション認定証
Ruby入門
SCALA REPL
SCALA support tool
SCALAの記事一覧
SELinux
SEO
SEO Yahoo対策
SEO対策一覧
SPAM対策
SQLite
SSH
SVNをJavaで操作
SakuraZencoding
SandBox
Scala / Hadoop
Scala Process exec
Scala 遅延評価
Scala/LiftでSlim3
ScalaSigParser
ScalaWithExcel
Scala チュートリアル
Scalaで3D
ScalaでLisp
ScalaとGroovyのPOJO比較
ScalaのIDEについて
Scala言語を学ぶやさしいツール「Kojo」
Slack API やってみる
SocketAppender
Spring
Spring bootでのテストのTIPS
SpringBootのSTSの新規プロジェクトでるエラーの対応
SpringSecurity SAML
Sqlite
Squirrel
StringTemplate
Stringクラス拡張
TALEND
ThreadLocal
Todo一覧
Trac Lightning
Twitter
UltraEdit
Unityでシューティングゲーム作る際のメモ
VBAでREST通信
VBAのコード
VBAをOpenOffice.org Basicにする
VBAをOpenOffice.org+Basicにする
VPN構築の勉強メモ
VPSやIaaSメモ
VSCodeでRuby開発
VSCodeメモ
VSCode用ChatGptのPlugin
VSCode設定
VirtualBox On Mac
Visual Studio Code プラグイン開発
Vuexとは
WBS管理の弊害
WIN32API
WSDL
Watson
WebDesign探訪
WebLogic フィルタ
WikiEngines
WikiName
WikiWikiWeb
Windows10のPowerShell でキーボードの言語切り替え
WindowsTool
Worker Thread パターン
XBee
XDOCLET
XForms
XPath
XSL
YahooPIPES
Yahooインフォセンター
Yet Another Pragger
YouTuber
YukiWiki
anacondaをcygwinで使う
ansible
antlr snippet
antlr 再入門
antlrと日本語
autoit
automator
bluemix
bootstrap2
bower
ccze Colorize log files on CentOS and Ubuntu using ccze tool
centos7
cglibを使って動的コード生成
cocos2d
cygwin
diff
dockerのローカルイメージをDocker-in-Dockerで参照する
eclipse設定
emacs 備忘録
emacs 文字列置換
emacsをviライクにする
excel tips
excelのdiff
expectで自動化
figmaにプラグインをインストールする
ftp自動化
gemini
generator-jhipster-gql
git diffを使った構成管理の省力化
goをやってみる
grizzly
gulp
homebrew
iPhone Bluetoothプログラミング
iPhone iAd
iPhone 実機テスト手続き
iPhoneでグラフィックのHellowWorld
iPhoneとGmailメール
iPhoneに実機転送
iPhoneプログラミング
iPhoneプログラミング/ビューを理解すればiPhoneアプリの基礎を押さえられる
iPhoneプログラミング一覧
iPhoneプログラミング入門
iPhone開発/Interface Builder Plug-in
iPhone開発/キャプチャの取り方
intra-mart
jQuery.Flickableのメモ
java spring boot 認証 memo
jersey
jhipster-codeにアノテーション追加してみる
jhipsterのテンプレート改造準備
jparsecドキュメント日本語訳
jparsec入門
kafkaの勉強
log4j2の脆弱性
mac diff
mailcowのインストール
memcached
minecraft マイクラ あるきながら、高速ダンジョン作成
mqttの勉強
nginx_lua
nginxのメモ
node_moduleをnpm linkを使って自分用にする
npm
openapi generator
openapi-generatorをコンパイル
openstack
oraclerac
play framework 1.2.5 sample
play! framework
play!framework selenium
playframework テンプレート
postmanとopenapi
prezi プレゼン
pukiwikiで行動管理
pukiwikiに類似したツール
pukiwiki勉強
pukiwiki記事一覧
python
python3のwindowsでの日本語文字化け対応
pythonでseleniumを使う
pythonのテストに使うライブラリ
rails5
rate.jsを使ってみる
reactでポップアップ表示
redmine
ruby on rails 6.0.0
scala
scala 99problem 32~
scala prototype.zip
scala repl
scala sbaz
scala spring
scala/インストール
scalaでまだ不勉強なところ
scalaのインストール
selenium
slack api
spark
spring boot
spring initializerをつかってプロジェクトのひな型をゲットする
spring-test
springboot
springboot env
storybook
sublimetext2
swagger
tracについて
ubuntu
vaadin
vue を typescriptで開発
vue 共通部品作成
vue.js memo
vue.jsとは
vue.jsのデバッグ
vue一覧
webの編集画面のよくあるパターン
windows環境構築
wordpress
xamppについて
•Axis2の本家のスタートガイドによるWebサービスの作り方
【Javascript】【CLIライブラリ】commanderの勉強
【MQL5】KuniRangeBreakoutEA
いまさらながらC++
びっくりする短いコード
アクター
アニメーション
アノテーション
アプリコット
アプリコット PukiWiki
アプリコード
アプリコード林邦行
イラストのエフェクト
インテンショナルプログラミング
カスタマイズjhipster7.9.3イメージ
カブロボ
ガイガーカウンター
クラスとハッシュマップの関係
クラック対策
クロス集計
コマンドラインという概念への考察
コミニュケーション
コード生成
サロゲートキーを使ったテーブル設計
シェルのサンプル
シェルサンプル
スクレイピング
スレッドプログラミングメモ
ソースtoソース変形
ターミナルをAppleScriptで制御
テキストエディタ作成javascriptフレームワーク
テスト用まっさらDBをdockerでたてる
テスト駆動
テレワーク環境の比較
ドット絵
バイオビルダー合成生物学メモ
バグの少ない設計のためのValueObject
パフォーマンスチューニング
フロントエンドのテストの結合テストを減らすには?
プッシュ技術
プログラマーじゃない人に覚えてほしいプログラムのコメントの書き方
プロジェクト管理スプレッドシート
マイクラ 有名ディメンション モッド
マクスウェル方程式
メタ
ラムダ計算について考える
リベリカJava13いいみたい
リモートワークでのプロジェクト注意点
レイアウトツール
ログ解析
世界の構文解析グラマーたち
予定表
予定表/2009-12-14
予定表/2009-12-18
予定表/2009-12-19
予定表/2009-12-22
予定表/2009-12-23
予定表/2009-12-24
事業の心構え
事業計画方針
人工知能とCUDA
人工知能コンペKaggle
仕様書のフォーマットについての考察
他言語サイトサンプル作成
仮説Oracleの罠
作曲と効果音作り
共和分
口コミ
古いRails5を入れる
哲学
大文字小文字変換
学習をHackする
扶養とシステム
投薬のみのガンの治療薬
擬似コーディングのすすめ
放射能対策
数式を扱う
文章を書く
新エネルギー
新年の抱負2010
新技術 プログラム編
日本のゼネコン式IT開発が失敗する理由
最近更新したページ
未来技術/新技術
枯れた技術の水平思考
株価データ
業界の動向
構文解析の記事一覧
正規表現
気象データ
流れるようなインタフェース
管理画面の生成におけるopenapiとJDLなどの考察
細胞の若返り
経済のことをまとめてみる
脆弱性
自分でPlaggerみたいなのを作るためのメモ
論語/学而第一
負荷テスト
販売/デスクトップPC
販売/ノートパソコン
販売/外部ストレージ
起業
酸化グラフェン
開発哲学
電子出版
電子出版の記事一覧
非可換幾何学
顧客分析のデシル分析とRFM分析
DIコンテナについて考える
MP3から携帯着うたを作る方法
* 目次 [#i097eb1f] #contents ** JHipsterのCI/CDのページ [#x83b0348] https://www.jhipster.tech/setting-up-ci/ ** GitLabのCI/CDのページ [#ofc55fbb] dockerで動かす際の説明 https://docs.gitlab.com/runner/install/docker.html https://about.gitlab.com/features/continuous-integration/ ** .gitlab-ci.yml ファイルとは [#e450d961] .gitlab-ci.yml ファイルはパイプラインの構造と順序を定義し、以下のことを決めます。 - GitLab Runnerを使って実行する内容。 - 特定の状況において、どのような判断をするか。例えば、処理が成功した場合と失敗した場合。 ** .gitlab-ci.ymlのリファレンス [#h1cf516a] https://gitlab-docs.creationline.com/ee/ci/yaml/ *** GitLabのクイックスタート [#xee0cfc6] https://gitlab-docs.creationline.com/ee/ci/quick_start/README.html ** GitLabの設定サンプル [#dd8c86af] https://gitlab-docs.creationline.com/ee/ci/examples/README.html *** mavenを使った例 [#z4fd2745] https://gitlab-docs.creationline.com/ee/ci/examples/artifactory_and_gitlab/index.html *** spring-bootを使った例 [#pa163e7d] https://gitlab-docs.creationline.com/ee/ci/examples/deploy_spring_boot_to_cloud_foundry/index.html ** jhipster ci-cdをためす [#bcee8a31] jhipster ci-cd を実行してみる 選択枝でGitLabを選ぶ In GitLab CI, perform the build in a docker container となる。 y を選ぶ .gitlab-ci.yml が変更になる ** .gitlab-ci.yml に追加されたコード [#z53e08e5] 追加のタスクは何もなしで進むと以下のコードが追加された image: jhipster/jhipster:v7.9.3 cache: key: '$CI_COMMIT_REF_NAME' paths: - .maven/ stages: - check - build - test - analyze - package - release - deploy before_script: - export MAVEN_USER_HOME=`pwd`/.maven nohttp: stage: check script: - ./mvnw -ntp checkstyle:check -Dmaven.repo.local=$MAVEN_USER_HOME maven-compile: stage: build script: - ./mvnw -ntp compile -P-webapp -Dmaven.repo.local=$MAVEN_USER_HOME artifacts: paths: - target/classes/ - target/generated-sources/ expire_in: 1 day maven-test: services: - docker:dind variables: # Instruct Testcontainers to use the daemon of DinD. DOCKER_HOST: 'tcp://docker:2375' # Improve performance with overlayfs. DOCKER_DRIVER: overlay2 stage: test script: - ./mvnw -ntp verify -P-webapp -Dmaven.repo.local=$MAVEN_USER_HOME artifacts: reports: junit: - target/surefire-reports/TEST-*.xml - target/failsafe-reports/TEST-*.xml paths: - target/surefire-reports - target/failsafe-reports - target/site expire_in: 1 day frontend-test: stage: test script: - npm install - npm test artifacts: reports: junit: target/test-results/TESTS-results-jest.xml paths: - target/test-results - target/jacoco expire_in: 1 day maven-package: stage: package script: - ./mvnw -ntp verify -Pprod -DskipTests -Dmaven.repo.local=$MAVEN_USER_HOME artifacts: paths: - target/*.jar - target/classes expire_in: 1 day # Uncomment the following line to use gitlabs container registry. You need to adapt the REGISTRY_URL in case you are not using gitlab.com #docker-push: # stage: release # variables: # REGISTRY_URL: registry.gitlab.com # IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG-$CI_COMMIT_SHA # dependencies: # - maven-package # script: # - ./mvnw -ntp jib:build -Pprod -Djib.to.image=$IMAGE_TAG -Djib.to.auth.username=gitlab-ci-token -Djib.to.auth.password=$CI_BUILD_TOKEN -Dmaven.repo.local=$MAVEN_USER_HOME * GitLab Runnerは別サーバー? [#qef7020e] もしかしてGitLabRunnerは別サーバにたてるのだろうか? 以下に構築方法を解説しているサイトがあった。 https://www.alpha.co.jp/blog/202208_01#%E3%82%AD%E3%83%A3%E3%83%83%E3%82%B7%E3%83%A5%E3%82%A2%E3%83%BC%E3%83%86%E3%82%A3%E3%83%95%E3%82%A1%E3%82%AF%E3%83%88%E3%83%AC%E3%82%B8%E3%82%B9%E3%83%88%E3%83%AA%E3%81%AE%E6%A0%BC%E7%B4%8D%E5%A0%B4%E6%89%80 * Dockerコンテナでgitlabとgitlab-runnerを構築してCI/CD [#j72672bb] https://syachiku.net/docker-gitlab-gitlab-runner/ * docker-composeに追加するコード [#cab9639f] gitlab-runner: image: gitlab/gitlab-runner:latest container_name: gitlab-runner restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock - /root/gitlab/gitlab-runner-config:/etc/gitlab-runner ports: - "8093:8093" ** 必要なディレクトリやファイルを作成 [#v7daa150] mkdir -p /root/gitlab/gitlab-runner-config ** GitLab Runnerを使用する前に、GitLabの管理者アカウントでGitLab Runnerを登録する必要があります。 [#de7649ef] *** GitLabの公式ドキュメント [#kfa9f19c] https://docs.gitlab.com/runner/ 正直、オンプレミスではどうしたらよいのか親切には書いてない。 * 日本語の解説サイト [#z19e0b20] ** GitLab Runner構築のススメ [#v2853f1d] https://www.gitlab.jp/blog/2022/09/26/runner-summary/ 画面のキャプチャとかあって、本家よりわかりやすいかもしれない。インストール部分は、自分はdocker-composeを使ったので、参考にしてないが、GitRunnerの登録の仕方が本家の説明で要領を得なかったので、ここを参考にした。 *** 手順 [#yf300046] - GitLab全体の基本設定のほうではなく、プロジェクトのサイドメニューから設定->CI/CD->Runnerを開いてください。 - Specific runnersに表示されているURL (GitLabのURLです)とregistration tokenの二つをメモする メモしたい項目の具体的な項目名: - Register the runner with this URL: - And this registration token: *** gitlab-runnerのコンテナ名の調査 [#x6580623] docker-compose ps 起動させてあるのが、前提条件ですが、上記のコマンドで、実行済みのgitlab-runnerのコンテナ名を調べます。 *** docker-imageへのログイン [#c23330d0] docker exec -it 上記手順で調べたドッカーコンテナ名 bash *** 登録コマンドの実行 [#rfc64fc7] コマンドを実行する前に、どのようなコマンドがあるのか確認してみましょう。 gitlab-runner --help *** gitlab-runner-2というコンテナ名で、helpオプションを実行する例 [#u876ef65] # docker exec -it gitlab-runner-2 gitlab-runner --help NAME: gitlab-runner - a GitLab Runner USAGE: gitlab-runner [global options] command [command options] [arguments...] VERSION: 15.10.1 (dcfb4b66) AUTHOR: GitLab Inc. <support@gitlab.com> COMMANDS: exec execute a build locally list List all configured runners run run multi runner service register register a new runner reset-token reset a runner's token install install service uninstall uninstall service start start service stop stop service restart restart service status get status of a service run-single start single runner unregister unregister specific runner verify verify all registered runners artifacts-downloader download and extract build artifacts (internal) artifacts-uploader create and upload build artifacts (internal) cache-archiver create and upload cache artifacts (internal) cache-extractor download and extract cache artifacts (internal) cache-init changed permissions for cache paths (internal) health-check check health for a specific address read-logs reads job logs from a file, used by kubernetes executor (internal) help, h Shows a list of commands or help for one command GLOBAL OPTIONS: --cpuprofile value write cpu profile to file [$CPU_PROFILE] --debug debug mode [$RUNNER_DEBUG] --log-format value Choose log format (options: runner, text, json) [$LOG_FORMAT] --log-level value, -l value Log level (options: debug, info, warn, error, fatal, panic) [$LOG_LEVEL] --help, -h show help --version, -v print the version 登録に実行するコマンドは、以下のコマンドですが、、 gitlab-runner register ** gitlab-runner registerのオプションの量がやばい量ある件について [#ic06872a] [root@localhost gitlab]# docker exec -it gitlab-runner-2 gitlab-runner help register Runtime platform arch=amd64 os=linux pid=171 revision=dcfb4b66 version=15.10.1 NAME: gitlab-runner register - register a new runner USAGE: gitlab-runner register [command options] [arguments...] OPTIONS: -c value, --config value Config file [$CONFIG_FILE] --template-config value Path to the configuration template file [$TEMPLATE_CONFIG_FILE] --tag-list value Tag list [$RUNNER_TAG_LIST] -n, --non-interactive Run registration unattended [$REGISTER_NON_INTERACTIVE] --leave-runner Don't remove runner if registration fails [$REGISTER_LEAVE_RUNNER] -r value, --registration-token value Runner's registration token [$REGISTRATION_TOKEN] --run-untagged Register to run untagged builds; defaults to 'true' when 'tag-list' is empty [$REGISTER_RUN_UNTAGGED] --locked Lock Runner for current project, defaults to 'true' [$REGISTER_LOCKED] --access-level value Set access_level of the runner to not_protected or ref_protected; defaults to not_protected [$REGISTER_ACCESS_LEVEL] --maximum-timeout value What is the maximum timeout (in seconds) that will be set for job when using this Runner (default: "0") [$REGISTER_MAXIMUM_TIMEOUT] --paused Set Runner to be paused, defaults to 'false' [$REGISTER_PAUSED] --maintenance-note value Runner's maintenance note [$REGISTER_MAINTENANCE_NOTE] --name value, --description value Runner name (default: "8979973c36c6") [$RUNNER_NAME] --limit value Maximum number of builds processed by this runner (default: "0") [$RUNNER_LIMIT] --output-limit value Maximum build trace size in kilobytes (default: "0") [$RUNNER_OUTPUT_LIMIT] --request-concurrency value Maximum concurrency for job requests (default: "0") [$RUNNER_REQUEST_CONCURRENCY] --unhealthy-requests-limit value The number of 'unhealthy' responses to new job requests after which a runner worker will be disabled (default: "0") [$RUNNER_UNHEALTHY_REQUESTS_LIMIT] --unhealthy-interval value Duration for which a runner worker is disabled after exceeding the unhealthy requests limit. Supports syntax like '3600s', '1h30min' etc -u value, --url value GitLab instance URL [$CI_SERVER_URL] -t value, --token value Runner token [$CI_SERVER_TOKEN] --tls-ca-file value File containing the certificates to verify the peer when using HTTPS [$CI_SERVER_TLS_CA_FILE] --tls-cert-file value File containing certificate for TLS client auth when using HTTPS [$CI_SERVER_TLS_CERT_FILE] --tls-key-file value File containing private key for TLS client auth when using HTTPS [$CI_SERVER_TLS_KEY_FILE] --executor value Select executor, eg. shell, docker, etc. [$RUNNER_EXECUTOR] --builds-dir value Directory where builds are stored [$RUNNER_BUILDS_DIR] --cache-dir value Directory where build cache is stored [$RUNNER_CACHE_DIR] --clone-url value Overwrite the default URL used to clone or fetch the git ref [$CLONE_URL] --env value Custom environment variables injected to build environment [$RUNNER_ENV] --pre-clone-script value [DEPRECATED] Use pre_get_sources_script instead [$RUNNER_PRE_CLONE_SCRIPT] --post-clone-script value [DEPRECATED] Use post_get_sources_script instead [$RUNNER_POST_CLONE_SCRIPT] --pre-get-sources-script value Runner-specific commands to be executed on the runner before updating the Git repository an updating submodules. [$RUNNER_PRE_GET_SOURCES_SCRIPT] --post-get-sources-script value Runner-specific commands to be executed on the runner after updating the Git repository and updating submodules. [$RUNNER_POST_GET_SOURCES_SCRIPT] --pre-build-script value Runner-specific command script executed just before build executes [$RUNNER_PRE_BUILD_SCRIPT] --post-build-script value Runner-specific command script executed just after build executes [$RUNNER_POST_BUILD_SCRIPT] --debug-trace-disabled When set to true Runner will disable the possibility of using the CI_DEBUG_TRACE feature [$RUNNER_DEBUG_TRACE_DISABLED] --shell value Select bash, sh, cmd, pwsh or powershell [$RUNNER_SHELL] --custom_build_dir-enabled Enable job specific build directories [$CUSTOM_BUILD_DIR_ENABLED] --cache-type value Select caching method [$CACHE_TYPE] --cache-path value Name of the path to prepend to the cache URL [$CACHE_PATH] --cache-shared Enable cache sharing between runners. [$CACHE_SHARED] --cache-max_uploaded_archive_size value Limit the size of the cache archive being uploaded to cloud storage, in bytes. (default: "0") [$CACHE_MAXIMUM_UPLOADED_ARCHIVE_SIZE] --cache-s3-server-address value A host:port to the used S3-compatible server [$CACHE_S3_SERVER_ADDRESS] --cache-s3-access-key value S3 Access Key [$CACHE_S3_ACCESS_KEY] --cache-s3-secret-key value S3 Secret Key [$CACHE_S3_SECRET_KEY] --cache-s3-bucket-name value Name of the bucket where cache will be stored [$CACHE_S3_BUCKET_NAME] --cache-s3-bucket-location value Name of S3 region [$CACHE_S3_BUCKET_LOCATION] --cache-s3-insecure Use insecure mode (without https) [$CACHE_S3_INSECURE] --cache-s3-authentication_type value IAM or credentials [$CACHE_S3_AUTHENTICATION_TYPE] --cache-s3-server-side-encryption value Server side encryption type (S3, or KMS) [$CACHE_S3_SERVER_SIDE_ENCRYPTION] --cache-s3-server-side-encryption-key-id value Server side encryption key ID (alias or Key ID) [$CACHE_S3_SERVER_SIDE_ENCRYPTION_KEY_ID] --cache-gcs-access-id value ID of GCP Service Account used to access the storage [$CACHE_GCS_ACCESS_ID] --cache-gcs-private-key value Private key used to sign GCS requests [$CACHE_GCS_PRIVATE_KEY] --cache-gcs-credentials-file value File with GCP credentials, containing AccessID and PrivateKey [$GOOGLE_APPLICATION_CREDENTIALS] --cache-gcs-bucket-name value Name of the bucket where cache will be stored [$CACHE_GCS_BUCKET_NAME] --cache-azure-account-name value Account name for Azure Blob Storage [$CACHE_AZURE_ACCOUNT_NAME] --cache-azure-account-key value Access key for Azure Blob Storage [$CACHE_AZURE_ACCOUNT_KEY] --cache-azure-container-name value Name of the Azure container where cache will be stored [$CACHE_AZURE_CONTAINER_NAME] --cache-azure-storage-domain value Domain name of the Azure storage (e.g. blob.core.windows.net) [$CACHE_AZURE_STORAGE_DOMAIN] --feature-flags value Enable/Disable feature flags https://docs.gitlab.com/runner/configuration/feature-flags.html (default: "{}") [$FEATURE_FLAGS] --ssh-user value User name [$SSH_USER] --ssh-password value User password [$SSH_PASSWORD] --ssh-host value Remote host [$SSH_HOST] --ssh-port value Remote host port [$SSH_PORT] --ssh-identity-file value Identity file to be used [$SSH_IDENTITY_FILE] --ssh-disable-strict-host-key-checking value Disable SSH strict host key checking [$DISABLE_STRICT_HOST_KEY_CHECKING] --ssh-known-hosts-file value Location of known_hosts file. Defaults to ~/.ssh/known_hosts [$KNOWN_HOSTS_FILE] --docker-host value Docker daemon address [$DOCKER_HOST] --docker-cert-path value Certificate path [$DOCKER_CERT_PATH] --docker-tlsverify Use TLS and verify the remote [$DOCKER_TLS_VERIFY] --docker-hostname value Custom container hostname [$DOCKER_HOSTNAME] --docker-image value Docker image to be used [$DOCKER_IMAGE] --docker-runtime value Docker runtime to be used [$DOCKER_RUNTIME] --docker-memory value Memory limit (format: <number>[<unit>]). Unit can be one of b, k, m, or g. Minimum is 4M. [$DOCKER_MEMORY] --docker-memory-swap value Total memory limit (memory + swap, format: <number>[<unit>]). Unit can be one of b, k, m, or g. [$DOCKER_MEMORY_SWAP] --docker-memory-reservation value Memory soft limit (format: <number>[<unit>]). Unit can be one of b, k, m, or g. [$DOCKER_MEMORY_RESERVATION] --docker-cpuset-cpus value String value containing the cgroups CpusetCpus to use [$DOCKER_CPUSET_CPUS] --docker-cpus value Number of CPUs [$DOCKER_CPUS] --docker-cpu-shares value Number of CPU shares (default: "0") [$DOCKER_CPU_SHARES] --docker-dns value A list of DNS servers for the container to use [$DOCKER_DNS] --docker-dns-search value A list of DNS search domains [$DOCKER_DNS_SEARCH] --docker-privileged Give extended privileges to container [$DOCKER_PRIVILEGED] --docker-services_privileged value When set this will give or remove extended privileges to container services [$DOCKER_SERVICES_PRIVILEGED] --docker-disable-entrypoint-overwrite Disable the possibility for a container to overwrite the default image entrypoint [$DOCKER_DISABLE_ENTRYPOINT_OVERWRITE] --docker-user value Run all commands in the container as the specified user. [$DOCKER_USER] --docker-userns value User namespace to use [$DOCKER_USERNS_MODE] --docker-cap-add value Add Linux capabilities [$DOCKER_CAP_ADD] --docker-cap-drop value Drop Linux capabilities [$DOCKER_CAP_DROP] --docker-oom-kill-disable Do not kill processes in a container if an out-of-memory (OOM) error occurs [$DOCKER_OOM_KILL_DISABLE] --docker-oom-score-adjust value Adjust OOM score (default: "0") [$DOCKER_OOM_SCORE_ADJUST] --docker-security-opt value Security Options [$DOCKER_SECURITY_OPT] --docker-services-security-opt value Security Options for container services [$DOCKER_SERVICES_SECURITY_OPT] --docker-devices value, --omitempty value Add a host device to the container [$DOCKER_DEVICES] --docker-device-cgroup-rules value Add a device cgroup rule to the container [$DOCKER_DEVICE_CGROUP_RULES] --docker-gpus value Request GPUs to be used by Docker [$DOCKER_GPUS] --docker-disable-cache Disable all container caching [$DOCKER_DISABLE_CACHE] --docker-volumes value Bind-mount a volume and create it if it doesn't exist prior to mounting. Can be specified multiple times once per mountpoint, e.g. --docker-volumes 'test0:/test0' --docker-volumes 'test1:/test1' [$DOCKER_VOLUMES] --docker-volume-driver value Volume driver to be used [$DOCKER_VOLUME_DRIVER] --docker-volume-driver-ops value A toml table/json object with the format key=values. Volume driver ops to be specified (default: "{}") [$DOCKER_VOLUME_DRIVER_OPS] --docker-cache-dir value Directory where to store caches [$DOCKER_CACHE_DIR] --docker-extra-hosts value Add a custom host-to-IP mapping [$DOCKER_EXTRA_HOSTS] --docker-volumes-from value A list of volumes to inherit from another container [$DOCKER_VOLUMES_FROM] --docker-network-mode value Add container to a custom network [$DOCKER_NETWORK_MODE] --docker-ipcmode value Select IPC mode for container [$DOCKER_IPC_MODE] --docker-mac-address value Container MAC address (e.g., 92:d0:c6:0a:29:33) [$DOCKER_MAC_ADDRESS] --docker-links value Add link to another container [$DOCKER_LINKS] --docker-wait-for-services-timeout value How long to wait for service startup (default: "0") [$DOCKER_WAIT_FOR_SERVICES_TIMEOUT] --docker-allowed-images value Image allowlist [$DOCKER_ALLOWED_IMAGES] --docker-allowed-pull-policies value Pull policy allowlist [$DOCKER_ALLOWED_PULL_POLICIES] --docker-allowed-services value Service allowlist [$DOCKER_ALLOWED_SERVICES] --docker-pull-policy value Image pull policy: never, if-not-present, always [$DOCKER_PULL_POLICY] --docker-isolation value Container isolation technology. Windows only [$DOCKER_ISOLATION] --docker-shm-size value Shared memory size for docker images (in bytes) (default: "0") [$DOCKER_SHM_SIZE] --docker-tmpfs value A toml table/json object with the format key=values. When set this will mount the specified path in the key as a tmpfs volume in the main container, using the options specified as key. For the supported options, see the documentation for the unix 'mount' command (default: "{}") [$DOCKER_TMPFS] --docker-services-tmpfs value A toml table/json object with the format key=values. When set this will mount the specified path in the key as a tmpfs volume in all the service containers, using the options specified as key. For the supported options, see the documentation for the unix 'mount' command (default: "{}") [$DOCKER_SERVICES_TMPFS] --docker-sysctls value Sysctl options, a toml table/json object of key=value. Value is expected to be a string. (default: "{}") [$DOCKER_SYSCTLS] --docker-helper-image value [ADVANCED] Override the default helper image used to clone repos and upload artifacts [$DOCKER_HELPER_IMAGE] --docker-helper-image-flavor value Set helper image flavor (alpine, ubuntu), defaults to alpine [$DOCKER_HELPER_IMAGE_FLAVOR] --docker-container-labels value A toml table/json object of key-value. Value is expected to be a string. When set, this will create containers with the given container labels. Environment variables will be substituted for values here. (default: "{}") --docker-enable-ipv6 Enable IPv6 for automatically created networks. This is only takes affect when the feature flag FF_NETWORK_PER_BUILD is enabled. --parallels-base-name value VM name to be used [$PARALLELS_BASE_NAME] --parallels-template-name value VM template to be created [$PARALLELS_TEMPLATE_NAME] --parallels-disable-snapshots Disable snapshoting to speedup VM creation [$PARALLELS_DISABLE_SNAPSHOTS] --parallels-time-server value Timeserver to sync the guests time from. Defaults to time.apple.com [$PARALLELS_TIME_SERVER] --parallels-allowed-images value Image (base_name) allowlist [$PARALLELS_ALLOWED_IMAGES] --virtualbox-base-name value VM name to be used [$VIRTUALBOX_BASE_NAME] --virtualbox-base-snapshot value Name or UUID of a specific VM snapshot to clone [$VIRTUALBOX_BASE_SNAPSHOT] --virtualbox-base-folder value Folder in which to save the new VM. If empty, uses VirtualBox default [$VIRTUALBOX_BASE_FOLDER] --virtualbox-disable-snapshots Disable snapshoting to speedup VM creation [$VIRTUALBOX_DISABLE_SNAPSHOTS] --virtualbox-allowed-images value Image allowlist [$VIRTUALBOX_ALLOWED_IMAGES] --virtualbox-start-type value Graphical front-end type [$VIRTUALBOX_START_TYPE] --machine-max-growth-rate value Maximum machines being provisioned concurrently, set to 0 for unlimited (default: "0") [$MACHINE_MAX_GROWTH_RATE] --machine-idle-nodes value Maximum idle machines (default: "0") [$MACHINE_IDLE_COUNT] --machine-idle-scale-factor value (Experimental) Defines what factor of in-use machines should be used as current idle value, but never more then defined IdleCount. 0.0 means use IdleCount as a static number (defaults to 0.0). Must be defined as float number. (default: "0") [$MACHINE_IDLE_SCALE_FACTOR] --machine-idle-count-min value Minimal number of idle machines when IdleScaleFactor is in use. Defaults to 1. (default: "0") [$MACHINE_IDLE_COUNT_MIN] --machine-idle-time value Minimum time after node can be destroyed (default: "0") [$MACHINE_IDLE_TIME] --machine-max-builds value Maximum number of builds processed by machine (default: "0") [$MACHINE_MAX_BUILDS] --machine-machine-driver value The driver to use when creating machine [$MACHINE_DRIVER] --machine-machine-name value The template for machine name (needs to include %s) [$MACHINE_NAME] --machine-machine-options value Additional machine creation options [$MACHINE_OPTIONS] --kubernetes-host value Optional Kubernetes master host URL (auto-discovery attempted if not specified) [$KUBERNETES_HOST] --kubernetes-cert-file value Optional Kubernetes master auth certificate [$KUBERNETES_CERT_FILE] --kubernetes-key-file value Optional Kubernetes master auth private key [$KUBERNETES_KEY_FILE] --kubernetes-ca-file value Optional Kubernetes master auth ca certificate [$KUBERNETES_CA_FILE] --kubernetes-bearer_token_overwrite_allowed Bool to authorize builds to specify their own bearer token for creation. [$KUBERNETES_BEARER_TOKEN_OVERWRITE_ALLOWED] --kubernetes-bearer_token value Optional Kubernetes service account token used to start build pods. [$KUBERNETES_BEARER_TOKEN] --kubernetes-image value Default docker image to use for builds when none is specified [$KUBERNETES_IMAGE] --kubernetes-namespace value Namespace to run Kubernetes jobs in [$KUBERNETES_NAMESPACE] --kubernetes-namespace_overwrite_allowed value Regex to validate 'KUBERNETES_NAMESPACE_OVERWRITE' value [$KUBERNETES_NAMESPACE_OVERWRITE_ALLOWED] --kubernetes-privileged value Run all containers with the privileged flag enabled [$KUBERNETES_PRIVILEGED] --kubernetes-runtime-class-name value A Runtime Class to use for all created pods, errors if the feature is unsupported by the cluster [$KUBERNETES_RUNTIME_CLASS_NAME] --kubernetes-allow-privilege-escalation value Run all containers with the security context allowPrivilegeEscalation flag enabled. When empty, it does not define the allowPrivilegeEscalation flag in the container SecurityContext and allows Kubernetes to use the default privilege escalation behavior. [$KUBERNETES_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-cpu-limit value The CPU allocation given to build containers [$KUBERNETES_CPU_LIMIT] --kubernetes-cpu-limit-overwrite-max-allowed value If set, the max amount the cpu limit can be set to. Used with the KUBERNETES_CPU_LIMIT variable in the build. [$KUBERNETES_CPU_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-cpu-request value The CPU allocation requested for build containers [$KUBERNETES_CPU_REQUEST] --kubernetes-cpu-request-overwrite-max-allowed value If set, the max amount the cpu request can be set to. Used with the KUBERNETES_CPU_REQUEST variable in the build. [$KUBERNETES_CPU_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-memory-limit value The amount of memory allocated to build containers [$KUBERNETES_MEMORY_LIMIT] --kubernetes-memory-limit-overwrite-max-allowed value If set, the max amount the memory limit can be set to. Used with the KUBERNETES_MEMORY_LIMIT variable in the build. [$KUBERNETES_MEMORY_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-memory-request value The amount of memory requested from build containers [$KUBERNETES_MEMORY_REQUEST] --kubernetes-memory-request-overwrite-max-allowed value If set, the max amount the memory request can be set to. Used with the KUBERNETES_MEMORY_REQUEST variable in the build. [$KUBERNETES_MEMORY_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-ephemeral-storage-limit value The amount of ephemeral storage allocated to build containers [$KUBERNETES_EPHEMERAL_STORAGE_LIMIT] --kubernetes-ephemeral-storage-limit-overwrite-max-allowed value If set, the max amount the ephemeral limit can be set to. Used with the KUBERNETES_EPHEMERAL_STORAGE_LIMIT variable in the build. [$KUBERNETES_EPHEMERAL_STORAGE_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-ephemeral-storage-request value The amount of ephemeral storage requested from build containers [$KUBERNETES_EPHEMERAL_STORAGE_REQUEST] --kubernetes-ephemeral-storage-request-overwrite-max-allowed value If set, the max amount the ephemeral storage request can be set to. Used with the KUBERNETES_EPHEMERAL_STORAGE_REQUEST variable in the build. [$KUBERNETES_EPHEMERAL_STORAGE_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-service-cpu-limit value The CPU allocation given to build service containers [$KUBERNETES_SERVICE_CPU_LIMIT] --kubernetes-service-cpu-limit-overwrite-max-allowed value If set, the max amount the service cpu limit can be set to. Used with the KUBERNETES_SERVICE_CPU_LIMIT variable in the build. [$KUBERNETES_SERVICE_CPU_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-service-cpu-request value The CPU allocation requested for build service containers [$KUBERNETES_SERVICE_CPU_REQUEST] --kubernetes-service-cpu-request-overwrite-max-allowed value If set, the max amount the service cpu request can be set to. Used with the KUBERNETES_SERVICE_CPU_REQUEST variable in the build. [$KUBERNETES_SERVICE_CPU_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-service-memory-limit value The amount of memory allocated to build service containers [$KUBERNETES_SERVICE_MEMORY_LIMIT] --kubernetes-service-memory-limit-overwrite-max-allowed value If set, the max amount the service memory limit can be set to. Used with the KUBERNETES_SERVICE_MEMORY_LIMIT variable in the build. [$KUBERNETES_SERVICE_MEMORY_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-service-memory-request value The amount of memory requested for build service containers [$KUBERNETES_SERVICE_MEMORY_REQUEST] --kubernetes-service-memory-request-overwrite-max-allowed value If set, the max amount the service memory request can be set to. Used with the KUBERNETES_SERVICE_MEMORY_REQUEST variable in the build. [$KUBERNETES_SERVICE_MEMORY_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-service-ephemeral_storage-limit value The amount of ephemeral storage allocated to build service containers [$KUBERNETES_SERVICE_EPHEMERAL_STORAGE_LIMIT] --kubernetes-service-ephemeral_storage-limit-overwrite-max-allowed value If set, the max amount the service ephemeral storage limit can be set to. Used with the KUBERNETES_SERVICE_EPHEMERAL_STORAGE_LIMIT variable in the build. [$KUBERNETES_SERVICE_EPHEMERAL_STORAGE_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-service-ephemeral_storage-request value The amount of ephemeral storage requested for build service containers [$KUBERNETES_SERVICE_EPHEMERAL_STORAGE_REQUEST] --kubernetes-service-ephemeral_storage-request-overwrite-max-allowed value If set, the max amount the service ephemeral storage request can be set to. Used with the KUBERNETES_SERVICE_EPHEMERAL_STORAGE_REQUEST variable in the build. [$KUBERNETES_SERVICE_EPHEMERAL_STORAGE_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-cpu-limit value The CPU allocation given to build helper containers [$KUBERNETES_HELPER_CPU_LIMIT] --kubernetes-helper-cpu-limit-overwrite-max-allowed value If set, the max amount the helper cpu limit can be set to. Used with the KUBERNETES_HELPER_CPU_LIMIT variable in the build. [$KUBERNETES_HELPER_CPU_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-cpu-request value The CPU allocation requested for build helper containers [$KUBERNETES_HELPER_CPU_REQUEST] --kubernetes-helper-cpu-request-overwrite-max-allowed value If set, the max amount the helper cpu request can be set to. Used with the KUBERNETES_HELPER_CPU_REQUEST variable in the build. [$KUBERNETES_HELPER_CPU_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-memory-limit value The amount of memory allocated to build helper containers [$KUBERNETES_HELPER_MEMORY_LIMIT] --kubernetes-helper-memory-limit-overwrite-max-allowed value If set, the max amount the helper memory limit can be set to. Used with the KUBERNETES_HELPER_MEMORY_LIMIT variable in the build. [$KUBERNETES_HELPER_MEMORY_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-memory-request value The amount of memory requested for build helper containers [$KUBERNETES_HELPER_MEMORY_REQUEST] --kubernetes-helper-memory-request-overwrite-max-allowed value If set, the max amount the helper memory request can be set to. Used with the KUBERNETES_HELPER_MEMORY_REQUEST variable in the build. [$KUBERNETES_HELPER_MEMORY_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-ephemeral_storage-limit value The amount of ephemeral storage allocated to build helper containers [$KUBERNETES_HELPER_EPHEMERAL_STORAGE_LIMIT] --kubernetes-helper-ephemeral_storage-limit-overwrite-max-allowed value If set, the max amount the helper ephemeral storage limit can be set to. Used with the KUBERNETES_HELPER_EPHEMERAL_STORAGE_LIMIT variable in the build. [$KUBERNETES_HELPER_EPHEMERAL_STORAGE_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-ephemeral_storage-request value The amount of ephemeral storage requested for build helper containers [$KUBERNETES_HELPER_EPHEMERAL_STORAGE_REQUEST] --kubernetes-helper-ephemeral_storage-request-overwrite-max-allowed value If set, the max amount the helper ephemeral storage request can be set to. Used with the KUBERNETES_HELPER_EPHEMERAL_STORAGE_REQUEST variable in the build. [$KUBERNETES_HELPER_EPHEMERAL_STORAGE_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-allowed-images value Image allowlist [$KUBERNETES_ALLOWED_IMAGES] --kubernetes-allowed-pull-policies value Pull policy allowlist [$KUBERNETES_ALLOWED_PULL_POLICIES] --kubernetes-allowed-services value Service allowlist [$KUBERNETES_ALLOWED_SERVICES] --kubernetes-pull-policy value Policy for if/when to pull a container image (never, if-not-present, always). The cluster default will be used if not set [$KUBERNETES_PULL_POLICY] --kubernetes-node-selector value A toml table/json object of key:value. Value is expected to be a string. When set this will create pods on k8s nodes that match all the key:value pairs. Only one selector is supported through environment variable configuration. (default: "{}") [$KUBERNETES_NODE_SELECTOR] --kubernetes-node_selector_overwrite_allowed value Regex to validate 'KUBERNETES_NODE_SELECTOR_*' values [$KUBERNETES_NODE_SELECTOR_OVERWRITE_ALLOWED] --kubernetes-node-tolerations value A toml table/json object of key=value:effect. Value and effect are expected to be strings. When set, pods will tolerate the given taints. Only one toleration is supported through environment variable configuration. (default: "{}") [$KUBERNETES_NODE_TOLERATIONS] --kubernetes-image-pull-secrets value A list of image pull secrets that are used for pulling docker image [$KUBERNETES_IMAGE_PULL_SECRETS] --kubernetes-helper-image value [ADVANCED] Override the default helper image used to clone repos and upload artifacts [$KUBERNETES_HELPER_IMAGE] --kubernetes-helper-image-flavor value Set helper image flavor (alpine, ubuntu), defaults to alpine [$KUBERNETES_HELPER_IMAGE_FLAVOR] --kubernetes-terminationGracePeriodSeconds value Duration after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal.DEPRECATED: use KUBERNETES_POD_TERMINATION_GRACE_PERIOD_SECONDS and KUBERNETES_CLEANUP_GRACE_PERIOD_SECONDS instead. [$KUBERNETES_TERMINATIONGRACEPERIODSECONDS] --kubernetes-pod_termination_grace_period_seconds value Pod-level setting which determines the duration in seconds which the pod has to terminate gracefully. After this, the processes are forcibly halted with a kill signal. Ignored if KUBERNETES_TERMINATIONGRACEPERIODSECONDS is specified. [$KUBERNETES_POD_TERMINATION_GRACE_PERIOD_SECONDS] --kubernetes-cleanup_grace_period_seconds value When cleaning up a pod on completion of a job, the duration in seconds which the pod has to terminate gracefully. After this, the processes are forcibly halted with a kill signal. Ignored if KUBERNETES_TERMINATIONGRACEPERIODSECONDS is specified. [$KUBERNETES_CLEANUP_GRACE_PERIOD_SECONDS] --kubernetes-poll-interval value How frequently, in seconds, the runner will poll the Kubernetes pod it has just created to check its status (default: "0") [$KUBERNETES_POLL_INTERVAL] --kubernetes-poll-timeout value The total amount of time, in seconds, that needs to pass before the runner will timeout attempting to connect to the pod it has just created (useful for queueing more builds that the cluster can handle at a time) (default: "0") [$KUBERNETES_POLL_TIMEOUT] --kubernetes-resource-availability-check-max-attempts value The maximum number of attempts to check if a resource (service account and/or pull secret) set is available before giving up. There is 5 seconds interval between each attempt (default: "0") [$KUBERNETES_RESOURCE_AVAILABILITY_CHECK_MAX_ATTEMPTS] --kubernetes-pod-labels value A toml table/json object of key-value. Value is expected to be a string. When set, this will create pods with the given pod labels. Environment variables will be substituted for values here. (default: "{}") --kubernetes-pod_labels_overwrite_allowed value Regex to validate 'KUBERNETES_POD_LABELS_*' values [$KUBERNETES_POD_LABELS_OVERWRITE_ALLOWED] --kubernetes-scheduler-name value Pods will be scheduled using this scheduler, if it exists [$KUBERNETES_SCHEDULER_NAME] --kubernetes-service-account value Executor pods will use this Service Account to talk to kubernetes API [$KUBERNETES_SERVICE_ACCOUNT] --kubernetes-service_account_overwrite_allowed value Regex to validate 'KUBERNETES_SERVICE_ACCOUNT' value [$KUBERNETES_SERVICE_ACCOUNT_OVERWRITE_ALLOWED] --kubernetes-pod-annotations value A toml table/json object of key-value. Value is expected to be a string. When set, this will create pods with the given annotations. Can be overwritten in build with KUBERNETES_POD_ANNOTATION_* variables (default: "{}") --kubernetes-pod_annotations_overwrite_allowed value Regex to validate 'KUBERNETES_POD_ANNOTATIONS_*' values [$KUBERNETES_POD_ANNOTATIONS_OVERWRITE_ALLOWED] --kubernetes-pod-security-context-fs-group value A special supplemental group that applies to all containers in a pod [$KUBERNETES_POD_SECURITY_CONTEXT_FS_GROUP] --kubernetes-pod-security-context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_POD_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-pod-security-context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_POD_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-pod-security-context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_POD_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-pod-security-context-supplemental-groups value A list of groups applied to the first process run in each container, in addition to the container's primary GID --kubernetes-pod-security-context-selinux-type value The SELinux type label that applies to all containers in a pod --kubernetes-init_permissions_container_security_context-capabilities-add value List of capabilities to add to the build container [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_ADD] --kubernetes-init_permissions_container_security_context-capabilities-drop value List of capabilities to drop from the build container [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_DROP] --kubernetes-init_permissions_container_security_context-privileged value Run container in privileged mode [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_PRIVILEGED] --kubernetes-init_permissions_container_security_context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-init_permissions_container_security_context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-init_permissions_container_security_context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-init_permissions_container_security_context-read-only-root-filesystem value Whether this container has a read-only root filesystem. [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_READ_ONLY_ROOT_FILESYSTEM] --kubernetes-init_permissions_container_security_context-allow-privilege-escalation value AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-init_permissions_container_security_context-selinux-type value The SELinux type label that is associated with the container process --kubernetes-init_permissions_container_security_context-proc-mount value Denotes the type of proc mount to use for the container. Valid values: default | unmasked. Set to unmasked if this container will be used to build OCI images. [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_PROC_MOUNT] --kubernetes-build_container_security_context-capabilities-add value List of capabilities to add to the build container [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_ADD] --kubernetes-build_container_security_context-capabilities-drop value List of capabilities to drop from the build container [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_DROP] --kubernetes-build_container_security_context-privileged value Run container in privileged mode [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_PRIVILEGED] --kubernetes-build_container_security_context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-build_container_security_context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-build_container_security_context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-build_container_security_context-read-only-root-filesystem value Whether this container has a read-only root filesystem. [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_READ_ONLY_ROOT_FILESYSTEM] --kubernetes-build_container_security_context-allow-privilege-escalation value AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-build_container_security_context-selinux-type value The SELinux type label that is associated with the container process --kubernetes-build_container_security_context-proc-mount value Denotes the type of proc mount to use for the container. Valid values: default | unmasked. Set to unmasked if this container will be used to build OCI images. [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_PROC_MOUNT] --kubernetes-helper_container_security_context-capabilities-add value List of capabilities to add to the build container [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_ADD] --kubernetes-helper_container_security_context-capabilities-drop value List of capabilities to drop from the build container [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_DROP] --kubernetes-helper_container_security_context-privileged value Run container in privileged mode [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_PRIVILEGED] --kubernetes-helper_container_security_context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-helper_container_security_context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-helper_container_security_context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-helper_container_security_context-read-only-root-filesystem value Whether this container has a read-only root filesystem. [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_READ_ONLY_ROOT_FILESYSTEM] --kubernetes-helper_container_security_context-allow-privilege-escalation value AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-helper_container_security_context-selinux-type value The SELinux type label that is associated with the container process --kubernetes-helper_container_security_context-proc-mount value Denotes the type of proc mount to use for the container. Valid values: default | unmasked. Set to unmasked if this container will be used to build OCI images. [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_PROC_MOUNT] --kubernetes-service_container_security_context-capabilities-add value List of capabilities to add to the build container [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_ADD] --kubernetes-service_container_security_context-capabilities-drop value List of capabilities to drop from the build container [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_DROP] --kubernetes-service_container_security_context-privileged value Run container in privileged mode [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_PRIVILEGED] --kubernetes-service_container_security_context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-service_container_security_context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-service_container_security_context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-service_container_security_context-read-only-root-filesystem value Whether this container has a read-only root filesystem. [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_READ_ONLY_ROOT_FILESYSTEM] --kubernetes-service_container_security_context-allow-privilege-escalation value AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-service_container_security_context-selinux-type value The SELinux type label that is associated with the container process --kubernetes-service_container_security_context-proc-mount value Denotes the type of proc mount to use for the container. Valid values: default | unmasked. Set to unmasked if this container will be used to build OCI images. [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_PROC_MOUNT] --kubernetes-host_aliases value Add a custom host-to-IP mapping --kubernetes-cap-add value Add Linux capabilities [$KUBERNETES_CAP_ADD] --kubernetes-cap-drop value Drop Linux capabilities [$KUBERNETES_CAP_DROP] --kubernetes-dns-policy value How Kubernetes should try to resolve DNS from the created pods. If unset, Kubernetes will use the default 'ClusterFirst'. Valid values are: none, default, cluster-first, cluster-first-with-host-net [$KUBERNETES_DNS_POLICY] --kubernetes-priority_class_name value If set, the Kubernetes Priority Class to be set to the Pods [$KUBERNETES_PRIORITY_CLASS_NAME] --custom-config-exec value Executable that allows to inject configuration values to the executor [$CUSTOM_CONFIG_EXEC] --custom-config-args value Arguments for the config executable --custom-config-exec-timeout value Timeout for the config executable (in seconds) [$CUSTOM_CONFIG_EXEC_TIMEOUT] --custom-prepare-exec value Executable that prepares executor [$CUSTOM_PREPARE_EXEC] --custom-prepare-args value Arguments for the prepare executable --custom-prepare-exec-timeout value Timeout for the prepare executable (in seconds) [$CUSTOM_PREPARE_EXEC_TIMEOUT] --custom-run-exec value Executable that runs the job script in executor [$CUSTOM_RUN_EXEC] --custom-run-args value Arguments for the run executable --custom-cleanup-exec value Executable that cleanups after executor run [$CUSTOM_CLEANUP_EXEC] --custom-cleanup-args value Arguments for the cleanup executable --custom-cleanup-exec-timeout value Timeout for the cleanup executable (in seconds) [$CUSTOM_CLEANUP_EXEC_TIMEOUT] --custom-graceful-kill-timeout value Graceful timeout for scripts execution after SIGTERM is sent to the process (in seconds). This limits the time given for scripts to perform the cleanup before exiting [$CUSTOM_GRACEFUL_KILL_TIMEOUT] --custom-force-kill-timeout value Force timeout for scripts execution (in seconds). Counted from the force kill call; if process will be not terminated, Runner will abandon process termination and log an error [$CUSTOM_FORCE_KILL_TIMEOUT] 上記コマンドだと、インタラクティブなのですが、コマンドラインだけでやる方法もあります。 gitlab-runner register --non-interactive --locked=false --url=<URL> --registration-token=<token> --name=container-runner --tag-list=tag-runner --executor=docker --docker-privileged=true --docker-image=docker:20.10.15-dind Shell で、参考にしたサイトは https://e-penguiner.com/build-gitlab-runner-with-docker/ です。 実行すると、上記の場合は質問されないです。いろいろなサイトで見つけるやり方だといくつか質問をしてくるので、上記手順でメモした内容で答えていきます。 実行タイプはdockerを選んだほうがdocker上のGitLabに認識してもらえるので、いいかと思います。 質問結果は以下に保存されます。 /etc/gitlab-runner/config.toml 編集のために、コンテナの名前を確認します。 docker-compose ps 仮に、 gitlab-web-1 というコンテナ名でgitlabが動作していたとします。 docker exec -it gitlab-web-1 bash cd /etc/gitlab-runner テキストエディタのviがインストールされていないので、インストールします。 apt-get update apt-get install vim *** gitlab-runnerのサービスのインストール [#x35928ae] gitlab-runner install --user=gitlab-runner --working-directory=/home/gitlab-runner 実行は、 gitlab-runner run & です。 停止は、 gitlab-runner stop です。 * GitLabでSpecific Runnerが表示されたあと何をするのか? [#w23b9f2e] GitLab.comではShared Runnerは限定されますが、オンプレミスGitLabではShared RunnerとSpecific Runnerの両方が利用可能であり、全体的に共有されたRunnerの設定が便利です。 ** Shared Runnerの設定 [#zf417668] *** gitlab-runner registerで利用するトークンの取得 [#cca448a6] GitLabのどこで、トークンを取得できるかというと、[Menu] > [Admin] を選択し,[Overview] > [Runner]を選択します #ref(specific_token.png) 右上の「Register an instance runner」ボタンをクリックすると、gitlab-runner registerで利用するトークンを取得することができます。 *** gitlab-runner registerでのrunner登録例 [#f8714591] dockerのgitlab-runnerコンテナ名がroot-runner-1だった場合のrunner登録例です docker exec -it root-runner-1 gitlab-runner register --non-interactive --locked=false --url=<URL> --registration-token=<token> --name=container-runner --tag-list=tag-runner --executor=docker --docker-privileged=true --docker-image=docker:20.10.15-dind *** 2つ目のrunnerの追加は以下のようにやってみました。 [#m9396a2d] [root@localhost gitlab]# docker exec -it gitlab-runner $gitlab_runner_container register --non-interactive --locked=false --url=$gtilab_url --registration-token=$gitlab_runner_token --name=$container_runner --tag-list=$tag_list --executor=docker --docker-privileged=true --docker-image=docker:20.10.15-dind Runtime platform arch=amd64 os=linux pid=61 revision=dcfb4b66 version=15.10.1 Running in system-mode. WARNING: Support for registration tokens and runner parameters in the 'register' command has been deprecated in GitLab Runner 15.6 and will be replaced with support for authentication tokens. For more information, see https://gitlab.com/gitlab-org/gitlab/-/issues/380872 Registering runner... succeeded runner=xxxx Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded! Configuration (with the authentication token) was saved in "/etc/gitlab-runner/config.toml" [root@localhost gitlab]# docker exec -it gitlab-runner gitlab-runner list Runtime platform arch=amd64 os=linux pid=71 revision=dcfb4b66 version=15.10.1 Listing configured runners ConfigFile=/etc/gitlab-runner/config.toml container-runner Executor=docker Token=xxxx URL=http://xxxx:xxxx/ container-runner-2 Executor=docker Token=xxxx URL=http://xxxx:xxx/ * CI/CDの実行 [#y5f0ee9c] ** GitLabで、runnerの実行ユーザを設定する [#v70adc24] GitLabのrunnerの実行ユーザは設定できます。 *** Advanced configuration [#saf9d403] https://gitlab-docs.creationline.com/runner/configuration/advanced-configuration.html 設定ファイルは、それぞれのrunnerのdockerコンテナごとにあるような感じです。 設定ファイルの場所は、もしrootで実行しているならば、 /etc/gitlab-runner/config.toml にあるし、rootでの実行ではないならば、それぞれのユーザの ~/.gitlab-runner/config.toml にあります。 gitlab-runnerをdockerのイメージで実行している場合は、viエディタがインストールされていませんので、以下のコマンドでインストールする必要があります。 apt-get update apt-get install vim [runners.docker] のuserを設定します gitlab-runnerのコンテナですでに以下のユーザが登録されています。 gitlab-runner ** HelloWorld的な簡単な設定ファイル [#fe298203] まずは、設定があっていれば必ず成功するレベルの簡単な自動実行をチュートリアルとしてやってみます。 以下の設定ファイルが簡単な設定ファイルと、紹介サイト(https://e-penguiner.com/build-gitlab-runner-with-docker/)には書いてありました。 *** シンプルな.gitlab-ci.yml [#se271657] image: docker:20.10.15 services: - docker:20.10.15-dind variables: DOCKER_DRIVER: overlay2 DOCKER_TLS_CERTDIR: "" before_script: - docker info test_ci: script: - docker pull alpine:latest - docker run alpine:latest cat /etc/alpine-release tags: - tag-runner *** .gitlab-ci.ymlの実行のさせ方 [#s4c06c19] ブランチを作って、上記ファイルを含むマージリクエストを作った時点で、動作するようになります。 このyamlファイルの仕様については、以下が元の記事らしいのですが、わかりにくいので、ほかの記事も参考にしていきましょう。 ** 参考記事 [#y4588152] *** 本家 [#obca6436] https://gitlab-docs.creationline.com/ee/ci/yaml/ *** はじめてのGitLab-CI [#y9cf4771] https://qiita.com/yurano/items/a7804d987ccff37b1a9d *** JHipsterでのCI/CDの記事 [#q677e359] https://www.jhipster.tech/setting-up-ci/#what-cicd-pipeline-do-you-want-to-generate- * jhipsterの7.9.3のdockerfile [#o8d6f6e9] https://hub.docker.com/layers/jhipster/jhipster/v7.9.3/images/sha256-0878e0666e88451f3487abc2bf4417368daa86d9d93e0dd659f93ce1e89161cc?context=explore
spamではない場合はチェックをいれてください。
タイムスタンプを変更しない
* 目次 [#i097eb1f] #contents ** JHipsterのCI/CDのページ [#x83b0348] https://www.jhipster.tech/setting-up-ci/ ** GitLabのCI/CDのページ [#ofc55fbb] dockerで動かす際の説明 https://docs.gitlab.com/runner/install/docker.html https://about.gitlab.com/features/continuous-integration/ ** .gitlab-ci.yml ファイルとは [#e450d961] .gitlab-ci.yml ファイルはパイプラインの構造と順序を定義し、以下のことを決めます。 - GitLab Runnerを使って実行する内容。 - 特定の状況において、どのような判断をするか。例えば、処理が成功した場合と失敗した場合。 ** .gitlab-ci.ymlのリファレンス [#h1cf516a] https://gitlab-docs.creationline.com/ee/ci/yaml/ *** GitLabのクイックスタート [#xee0cfc6] https://gitlab-docs.creationline.com/ee/ci/quick_start/README.html ** GitLabの設定サンプル [#dd8c86af] https://gitlab-docs.creationline.com/ee/ci/examples/README.html *** mavenを使った例 [#z4fd2745] https://gitlab-docs.creationline.com/ee/ci/examples/artifactory_and_gitlab/index.html *** spring-bootを使った例 [#pa163e7d] https://gitlab-docs.creationline.com/ee/ci/examples/deploy_spring_boot_to_cloud_foundry/index.html ** jhipster ci-cdをためす [#bcee8a31] jhipster ci-cd を実行してみる 選択枝でGitLabを選ぶ In GitLab CI, perform the build in a docker container となる。 y を選ぶ .gitlab-ci.yml が変更になる ** .gitlab-ci.yml に追加されたコード [#z53e08e5] 追加のタスクは何もなしで進むと以下のコードが追加された image: jhipster/jhipster:v7.9.3 cache: key: '$CI_COMMIT_REF_NAME' paths: - .maven/ stages: - check - build - test - analyze - package - release - deploy before_script: - export MAVEN_USER_HOME=`pwd`/.maven nohttp: stage: check script: - ./mvnw -ntp checkstyle:check -Dmaven.repo.local=$MAVEN_USER_HOME maven-compile: stage: build script: - ./mvnw -ntp compile -P-webapp -Dmaven.repo.local=$MAVEN_USER_HOME artifacts: paths: - target/classes/ - target/generated-sources/ expire_in: 1 day maven-test: services: - docker:dind variables: # Instruct Testcontainers to use the daemon of DinD. DOCKER_HOST: 'tcp://docker:2375' # Improve performance with overlayfs. DOCKER_DRIVER: overlay2 stage: test script: - ./mvnw -ntp verify -P-webapp -Dmaven.repo.local=$MAVEN_USER_HOME artifacts: reports: junit: - target/surefire-reports/TEST-*.xml - target/failsafe-reports/TEST-*.xml paths: - target/surefire-reports - target/failsafe-reports - target/site expire_in: 1 day frontend-test: stage: test script: - npm install - npm test artifacts: reports: junit: target/test-results/TESTS-results-jest.xml paths: - target/test-results - target/jacoco expire_in: 1 day maven-package: stage: package script: - ./mvnw -ntp verify -Pprod -DskipTests -Dmaven.repo.local=$MAVEN_USER_HOME artifacts: paths: - target/*.jar - target/classes expire_in: 1 day # Uncomment the following line to use gitlabs container registry. You need to adapt the REGISTRY_URL in case you are not using gitlab.com #docker-push: # stage: release # variables: # REGISTRY_URL: registry.gitlab.com # IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG-$CI_COMMIT_SHA # dependencies: # - maven-package # script: # - ./mvnw -ntp jib:build -Pprod -Djib.to.image=$IMAGE_TAG -Djib.to.auth.username=gitlab-ci-token -Djib.to.auth.password=$CI_BUILD_TOKEN -Dmaven.repo.local=$MAVEN_USER_HOME * GitLab Runnerは別サーバー? [#qef7020e] もしかしてGitLabRunnerは別サーバにたてるのだろうか? 以下に構築方法を解説しているサイトがあった。 https://www.alpha.co.jp/blog/202208_01#%E3%82%AD%E3%83%A3%E3%83%83%E3%82%B7%E3%83%A5%E3%82%A2%E3%83%BC%E3%83%86%E3%82%A3%E3%83%95%E3%82%A1%E3%82%AF%E3%83%88%E3%83%AC%E3%82%B8%E3%82%B9%E3%83%88%E3%83%AA%E3%81%AE%E6%A0%BC%E7%B4%8D%E5%A0%B4%E6%89%80 * Dockerコンテナでgitlabとgitlab-runnerを構築してCI/CD [#j72672bb] https://syachiku.net/docker-gitlab-gitlab-runner/ * docker-composeに追加するコード [#cab9639f] gitlab-runner: image: gitlab/gitlab-runner:latest container_name: gitlab-runner restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock - /root/gitlab/gitlab-runner-config:/etc/gitlab-runner ports: - "8093:8093" ** 必要なディレクトリやファイルを作成 [#v7daa150] mkdir -p /root/gitlab/gitlab-runner-config ** GitLab Runnerを使用する前に、GitLabの管理者アカウントでGitLab Runnerを登録する必要があります。 [#de7649ef] *** GitLabの公式ドキュメント [#kfa9f19c] https://docs.gitlab.com/runner/ 正直、オンプレミスではどうしたらよいのか親切には書いてない。 * 日本語の解説サイト [#z19e0b20] ** GitLab Runner構築のススメ [#v2853f1d] https://www.gitlab.jp/blog/2022/09/26/runner-summary/ 画面のキャプチャとかあって、本家よりわかりやすいかもしれない。インストール部分は、自分はdocker-composeを使ったので、参考にしてないが、GitRunnerの登録の仕方が本家の説明で要領を得なかったので、ここを参考にした。 *** 手順 [#yf300046] - GitLab全体の基本設定のほうではなく、プロジェクトのサイドメニューから設定->CI/CD->Runnerを開いてください。 - Specific runnersに表示されているURL (GitLabのURLです)とregistration tokenの二つをメモする メモしたい項目の具体的な項目名: - Register the runner with this URL: - And this registration token: *** gitlab-runnerのコンテナ名の調査 [#x6580623] docker-compose ps 起動させてあるのが、前提条件ですが、上記のコマンドで、実行済みのgitlab-runnerのコンテナ名を調べます。 *** docker-imageへのログイン [#c23330d0] docker exec -it 上記手順で調べたドッカーコンテナ名 bash *** 登録コマンドの実行 [#rfc64fc7] コマンドを実行する前に、どのようなコマンドがあるのか確認してみましょう。 gitlab-runner --help *** gitlab-runner-2というコンテナ名で、helpオプションを実行する例 [#u876ef65] # docker exec -it gitlab-runner-2 gitlab-runner --help NAME: gitlab-runner - a GitLab Runner USAGE: gitlab-runner [global options] command [command options] [arguments...] VERSION: 15.10.1 (dcfb4b66) AUTHOR: GitLab Inc. <support@gitlab.com> COMMANDS: exec execute a build locally list List all configured runners run run multi runner service register register a new runner reset-token reset a runner's token install install service uninstall uninstall service start start service stop stop service restart restart service status get status of a service run-single start single runner unregister unregister specific runner verify verify all registered runners artifacts-downloader download and extract build artifacts (internal) artifacts-uploader create and upload build artifacts (internal) cache-archiver create and upload cache artifacts (internal) cache-extractor download and extract cache artifacts (internal) cache-init changed permissions for cache paths (internal) health-check check health for a specific address read-logs reads job logs from a file, used by kubernetes executor (internal) help, h Shows a list of commands or help for one command GLOBAL OPTIONS: --cpuprofile value write cpu profile to file [$CPU_PROFILE] --debug debug mode [$RUNNER_DEBUG] --log-format value Choose log format (options: runner, text, json) [$LOG_FORMAT] --log-level value, -l value Log level (options: debug, info, warn, error, fatal, panic) [$LOG_LEVEL] --help, -h show help --version, -v print the version 登録に実行するコマンドは、以下のコマンドですが、、 gitlab-runner register ** gitlab-runner registerのオプションの量がやばい量ある件について [#ic06872a] [root@localhost gitlab]# docker exec -it gitlab-runner-2 gitlab-runner help register Runtime platform arch=amd64 os=linux pid=171 revision=dcfb4b66 version=15.10.1 NAME: gitlab-runner register - register a new runner USAGE: gitlab-runner register [command options] [arguments...] OPTIONS: -c value, --config value Config file [$CONFIG_FILE] --template-config value Path to the configuration template file [$TEMPLATE_CONFIG_FILE] --tag-list value Tag list [$RUNNER_TAG_LIST] -n, --non-interactive Run registration unattended [$REGISTER_NON_INTERACTIVE] --leave-runner Don't remove runner if registration fails [$REGISTER_LEAVE_RUNNER] -r value, --registration-token value Runner's registration token [$REGISTRATION_TOKEN] --run-untagged Register to run untagged builds; defaults to 'true' when 'tag-list' is empty [$REGISTER_RUN_UNTAGGED] --locked Lock Runner for current project, defaults to 'true' [$REGISTER_LOCKED] --access-level value Set access_level of the runner to not_protected or ref_protected; defaults to not_protected [$REGISTER_ACCESS_LEVEL] --maximum-timeout value What is the maximum timeout (in seconds) that will be set for job when using this Runner (default: "0") [$REGISTER_MAXIMUM_TIMEOUT] --paused Set Runner to be paused, defaults to 'false' [$REGISTER_PAUSED] --maintenance-note value Runner's maintenance note [$REGISTER_MAINTENANCE_NOTE] --name value, --description value Runner name (default: "8979973c36c6") [$RUNNER_NAME] --limit value Maximum number of builds processed by this runner (default: "0") [$RUNNER_LIMIT] --output-limit value Maximum build trace size in kilobytes (default: "0") [$RUNNER_OUTPUT_LIMIT] --request-concurrency value Maximum concurrency for job requests (default: "0") [$RUNNER_REQUEST_CONCURRENCY] --unhealthy-requests-limit value The number of 'unhealthy' responses to new job requests after which a runner worker will be disabled (default: "0") [$RUNNER_UNHEALTHY_REQUESTS_LIMIT] --unhealthy-interval value Duration for which a runner worker is disabled after exceeding the unhealthy requests limit. Supports syntax like '3600s', '1h30min' etc -u value, --url value GitLab instance URL [$CI_SERVER_URL] -t value, --token value Runner token [$CI_SERVER_TOKEN] --tls-ca-file value File containing the certificates to verify the peer when using HTTPS [$CI_SERVER_TLS_CA_FILE] --tls-cert-file value File containing certificate for TLS client auth when using HTTPS [$CI_SERVER_TLS_CERT_FILE] --tls-key-file value File containing private key for TLS client auth when using HTTPS [$CI_SERVER_TLS_KEY_FILE] --executor value Select executor, eg. shell, docker, etc. [$RUNNER_EXECUTOR] --builds-dir value Directory where builds are stored [$RUNNER_BUILDS_DIR] --cache-dir value Directory where build cache is stored [$RUNNER_CACHE_DIR] --clone-url value Overwrite the default URL used to clone or fetch the git ref [$CLONE_URL] --env value Custom environment variables injected to build environment [$RUNNER_ENV] --pre-clone-script value [DEPRECATED] Use pre_get_sources_script instead [$RUNNER_PRE_CLONE_SCRIPT] --post-clone-script value [DEPRECATED] Use post_get_sources_script instead [$RUNNER_POST_CLONE_SCRIPT] --pre-get-sources-script value Runner-specific commands to be executed on the runner before updating the Git repository an updating submodules. [$RUNNER_PRE_GET_SOURCES_SCRIPT] --post-get-sources-script value Runner-specific commands to be executed on the runner after updating the Git repository and updating submodules. [$RUNNER_POST_GET_SOURCES_SCRIPT] --pre-build-script value Runner-specific command script executed just before build executes [$RUNNER_PRE_BUILD_SCRIPT] --post-build-script value Runner-specific command script executed just after build executes [$RUNNER_POST_BUILD_SCRIPT] --debug-trace-disabled When set to true Runner will disable the possibility of using the CI_DEBUG_TRACE feature [$RUNNER_DEBUG_TRACE_DISABLED] --shell value Select bash, sh, cmd, pwsh or powershell [$RUNNER_SHELL] --custom_build_dir-enabled Enable job specific build directories [$CUSTOM_BUILD_DIR_ENABLED] --cache-type value Select caching method [$CACHE_TYPE] --cache-path value Name of the path to prepend to the cache URL [$CACHE_PATH] --cache-shared Enable cache sharing between runners. [$CACHE_SHARED] --cache-max_uploaded_archive_size value Limit the size of the cache archive being uploaded to cloud storage, in bytes. (default: "0") [$CACHE_MAXIMUM_UPLOADED_ARCHIVE_SIZE] --cache-s3-server-address value A host:port to the used S3-compatible server [$CACHE_S3_SERVER_ADDRESS] --cache-s3-access-key value S3 Access Key [$CACHE_S3_ACCESS_KEY] --cache-s3-secret-key value S3 Secret Key [$CACHE_S3_SECRET_KEY] --cache-s3-bucket-name value Name of the bucket where cache will be stored [$CACHE_S3_BUCKET_NAME] --cache-s3-bucket-location value Name of S3 region [$CACHE_S3_BUCKET_LOCATION] --cache-s3-insecure Use insecure mode (without https) [$CACHE_S3_INSECURE] --cache-s3-authentication_type value IAM or credentials [$CACHE_S3_AUTHENTICATION_TYPE] --cache-s3-server-side-encryption value Server side encryption type (S3, or KMS) [$CACHE_S3_SERVER_SIDE_ENCRYPTION] --cache-s3-server-side-encryption-key-id value Server side encryption key ID (alias or Key ID) [$CACHE_S3_SERVER_SIDE_ENCRYPTION_KEY_ID] --cache-gcs-access-id value ID of GCP Service Account used to access the storage [$CACHE_GCS_ACCESS_ID] --cache-gcs-private-key value Private key used to sign GCS requests [$CACHE_GCS_PRIVATE_KEY] --cache-gcs-credentials-file value File with GCP credentials, containing AccessID and PrivateKey [$GOOGLE_APPLICATION_CREDENTIALS] --cache-gcs-bucket-name value Name of the bucket where cache will be stored [$CACHE_GCS_BUCKET_NAME] --cache-azure-account-name value Account name for Azure Blob Storage [$CACHE_AZURE_ACCOUNT_NAME] --cache-azure-account-key value Access key for Azure Blob Storage [$CACHE_AZURE_ACCOUNT_KEY] --cache-azure-container-name value Name of the Azure container where cache will be stored [$CACHE_AZURE_CONTAINER_NAME] --cache-azure-storage-domain value Domain name of the Azure storage (e.g. blob.core.windows.net) [$CACHE_AZURE_STORAGE_DOMAIN] --feature-flags value Enable/Disable feature flags https://docs.gitlab.com/runner/configuration/feature-flags.html (default: "{}") [$FEATURE_FLAGS] --ssh-user value User name [$SSH_USER] --ssh-password value User password [$SSH_PASSWORD] --ssh-host value Remote host [$SSH_HOST] --ssh-port value Remote host port [$SSH_PORT] --ssh-identity-file value Identity file to be used [$SSH_IDENTITY_FILE] --ssh-disable-strict-host-key-checking value Disable SSH strict host key checking [$DISABLE_STRICT_HOST_KEY_CHECKING] --ssh-known-hosts-file value Location of known_hosts file. Defaults to ~/.ssh/known_hosts [$KNOWN_HOSTS_FILE] --docker-host value Docker daemon address [$DOCKER_HOST] --docker-cert-path value Certificate path [$DOCKER_CERT_PATH] --docker-tlsverify Use TLS and verify the remote [$DOCKER_TLS_VERIFY] --docker-hostname value Custom container hostname [$DOCKER_HOSTNAME] --docker-image value Docker image to be used [$DOCKER_IMAGE] --docker-runtime value Docker runtime to be used [$DOCKER_RUNTIME] --docker-memory value Memory limit (format: <number>[<unit>]). Unit can be one of b, k, m, or g. Minimum is 4M. [$DOCKER_MEMORY] --docker-memory-swap value Total memory limit (memory + swap, format: <number>[<unit>]). Unit can be one of b, k, m, or g. [$DOCKER_MEMORY_SWAP] --docker-memory-reservation value Memory soft limit (format: <number>[<unit>]). Unit can be one of b, k, m, or g. [$DOCKER_MEMORY_RESERVATION] --docker-cpuset-cpus value String value containing the cgroups CpusetCpus to use [$DOCKER_CPUSET_CPUS] --docker-cpus value Number of CPUs [$DOCKER_CPUS] --docker-cpu-shares value Number of CPU shares (default: "0") [$DOCKER_CPU_SHARES] --docker-dns value A list of DNS servers for the container to use [$DOCKER_DNS] --docker-dns-search value A list of DNS search domains [$DOCKER_DNS_SEARCH] --docker-privileged Give extended privileges to container [$DOCKER_PRIVILEGED] --docker-services_privileged value When set this will give or remove extended privileges to container services [$DOCKER_SERVICES_PRIVILEGED] --docker-disable-entrypoint-overwrite Disable the possibility for a container to overwrite the default image entrypoint [$DOCKER_DISABLE_ENTRYPOINT_OVERWRITE] --docker-user value Run all commands in the container as the specified user. [$DOCKER_USER] --docker-userns value User namespace to use [$DOCKER_USERNS_MODE] --docker-cap-add value Add Linux capabilities [$DOCKER_CAP_ADD] --docker-cap-drop value Drop Linux capabilities [$DOCKER_CAP_DROP] --docker-oom-kill-disable Do not kill processes in a container if an out-of-memory (OOM) error occurs [$DOCKER_OOM_KILL_DISABLE] --docker-oom-score-adjust value Adjust OOM score (default: "0") [$DOCKER_OOM_SCORE_ADJUST] --docker-security-opt value Security Options [$DOCKER_SECURITY_OPT] --docker-services-security-opt value Security Options for container services [$DOCKER_SERVICES_SECURITY_OPT] --docker-devices value, --omitempty value Add a host device to the container [$DOCKER_DEVICES] --docker-device-cgroup-rules value Add a device cgroup rule to the container [$DOCKER_DEVICE_CGROUP_RULES] --docker-gpus value Request GPUs to be used by Docker [$DOCKER_GPUS] --docker-disable-cache Disable all container caching [$DOCKER_DISABLE_CACHE] --docker-volumes value Bind-mount a volume and create it if it doesn't exist prior to mounting. Can be specified multiple times once per mountpoint, e.g. --docker-volumes 'test0:/test0' --docker-volumes 'test1:/test1' [$DOCKER_VOLUMES] --docker-volume-driver value Volume driver to be used [$DOCKER_VOLUME_DRIVER] --docker-volume-driver-ops value A toml table/json object with the format key=values. Volume driver ops to be specified (default: "{}") [$DOCKER_VOLUME_DRIVER_OPS] --docker-cache-dir value Directory where to store caches [$DOCKER_CACHE_DIR] --docker-extra-hosts value Add a custom host-to-IP mapping [$DOCKER_EXTRA_HOSTS] --docker-volumes-from value A list of volumes to inherit from another container [$DOCKER_VOLUMES_FROM] --docker-network-mode value Add container to a custom network [$DOCKER_NETWORK_MODE] --docker-ipcmode value Select IPC mode for container [$DOCKER_IPC_MODE] --docker-mac-address value Container MAC address (e.g., 92:d0:c6:0a:29:33) [$DOCKER_MAC_ADDRESS] --docker-links value Add link to another container [$DOCKER_LINKS] --docker-wait-for-services-timeout value How long to wait for service startup (default: "0") [$DOCKER_WAIT_FOR_SERVICES_TIMEOUT] --docker-allowed-images value Image allowlist [$DOCKER_ALLOWED_IMAGES] --docker-allowed-pull-policies value Pull policy allowlist [$DOCKER_ALLOWED_PULL_POLICIES] --docker-allowed-services value Service allowlist [$DOCKER_ALLOWED_SERVICES] --docker-pull-policy value Image pull policy: never, if-not-present, always [$DOCKER_PULL_POLICY] --docker-isolation value Container isolation technology. Windows only [$DOCKER_ISOLATION] --docker-shm-size value Shared memory size for docker images (in bytes) (default: "0") [$DOCKER_SHM_SIZE] --docker-tmpfs value A toml table/json object with the format key=values. When set this will mount the specified path in the key as a tmpfs volume in the main container, using the options specified as key. For the supported options, see the documentation for the unix 'mount' command (default: "{}") [$DOCKER_TMPFS] --docker-services-tmpfs value A toml table/json object with the format key=values. When set this will mount the specified path in the key as a tmpfs volume in all the service containers, using the options specified as key. For the supported options, see the documentation for the unix 'mount' command (default: "{}") [$DOCKER_SERVICES_TMPFS] --docker-sysctls value Sysctl options, a toml table/json object of key=value. Value is expected to be a string. (default: "{}") [$DOCKER_SYSCTLS] --docker-helper-image value [ADVANCED] Override the default helper image used to clone repos and upload artifacts [$DOCKER_HELPER_IMAGE] --docker-helper-image-flavor value Set helper image flavor (alpine, ubuntu), defaults to alpine [$DOCKER_HELPER_IMAGE_FLAVOR] --docker-container-labels value A toml table/json object of key-value. Value is expected to be a string. When set, this will create containers with the given container labels. Environment variables will be substituted for values here. (default: "{}") --docker-enable-ipv6 Enable IPv6 for automatically created networks. This is only takes affect when the feature flag FF_NETWORK_PER_BUILD is enabled. --parallels-base-name value VM name to be used [$PARALLELS_BASE_NAME] --parallels-template-name value VM template to be created [$PARALLELS_TEMPLATE_NAME] --parallels-disable-snapshots Disable snapshoting to speedup VM creation [$PARALLELS_DISABLE_SNAPSHOTS] --parallels-time-server value Timeserver to sync the guests time from. Defaults to time.apple.com [$PARALLELS_TIME_SERVER] --parallels-allowed-images value Image (base_name) allowlist [$PARALLELS_ALLOWED_IMAGES] --virtualbox-base-name value VM name to be used [$VIRTUALBOX_BASE_NAME] --virtualbox-base-snapshot value Name or UUID of a specific VM snapshot to clone [$VIRTUALBOX_BASE_SNAPSHOT] --virtualbox-base-folder value Folder in which to save the new VM. If empty, uses VirtualBox default [$VIRTUALBOX_BASE_FOLDER] --virtualbox-disable-snapshots Disable snapshoting to speedup VM creation [$VIRTUALBOX_DISABLE_SNAPSHOTS] --virtualbox-allowed-images value Image allowlist [$VIRTUALBOX_ALLOWED_IMAGES] --virtualbox-start-type value Graphical front-end type [$VIRTUALBOX_START_TYPE] --machine-max-growth-rate value Maximum machines being provisioned concurrently, set to 0 for unlimited (default: "0") [$MACHINE_MAX_GROWTH_RATE] --machine-idle-nodes value Maximum idle machines (default: "0") [$MACHINE_IDLE_COUNT] --machine-idle-scale-factor value (Experimental) Defines what factor of in-use machines should be used as current idle value, but never more then defined IdleCount. 0.0 means use IdleCount as a static number (defaults to 0.0). Must be defined as float number. (default: "0") [$MACHINE_IDLE_SCALE_FACTOR] --machine-idle-count-min value Minimal number of idle machines when IdleScaleFactor is in use. Defaults to 1. (default: "0") [$MACHINE_IDLE_COUNT_MIN] --machine-idle-time value Minimum time after node can be destroyed (default: "0") [$MACHINE_IDLE_TIME] --machine-max-builds value Maximum number of builds processed by machine (default: "0") [$MACHINE_MAX_BUILDS] --machine-machine-driver value The driver to use when creating machine [$MACHINE_DRIVER] --machine-machine-name value The template for machine name (needs to include %s) [$MACHINE_NAME] --machine-machine-options value Additional machine creation options [$MACHINE_OPTIONS] --kubernetes-host value Optional Kubernetes master host URL (auto-discovery attempted if not specified) [$KUBERNETES_HOST] --kubernetes-cert-file value Optional Kubernetes master auth certificate [$KUBERNETES_CERT_FILE] --kubernetes-key-file value Optional Kubernetes master auth private key [$KUBERNETES_KEY_FILE] --kubernetes-ca-file value Optional Kubernetes master auth ca certificate [$KUBERNETES_CA_FILE] --kubernetes-bearer_token_overwrite_allowed Bool to authorize builds to specify their own bearer token for creation. [$KUBERNETES_BEARER_TOKEN_OVERWRITE_ALLOWED] --kubernetes-bearer_token value Optional Kubernetes service account token used to start build pods. [$KUBERNETES_BEARER_TOKEN] --kubernetes-image value Default docker image to use for builds when none is specified [$KUBERNETES_IMAGE] --kubernetes-namespace value Namespace to run Kubernetes jobs in [$KUBERNETES_NAMESPACE] --kubernetes-namespace_overwrite_allowed value Regex to validate 'KUBERNETES_NAMESPACE_OVERWRITE' value [$KUBERNETES_NAMESPACE_OVERWRITE_ALLOWED] --kubernetes-privileged value Run all containers with the privileged flag enabled [$KUBERNETES_PRIVILEGED] --kubernetes-runtime-class-name value A Runtime Class to use for all created pods, errors if the feature is unsupported by the cluster [$KUBERNETES_RUNTIME_CLASS_NAME] --kubernetes-allow-privilege-escalation value Run all containers with the security context allowPrivilegeEscalation flag enabled. When empty, it does not define the allowPrivilegeEscalation flag in the container SecurityContext and allows Kubernetes to use the default privilege escalation behavior. [$KUBERNETES_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-cpu-limit value The CPU allocation given to build containers [$KUBERNETES_CPU_LIMIT] --kubernetes-cpu-limit-overwrite-max-allowed value If set, the max amount the cpu limit can be set to. Used with the KUBERNETES_CPU_LIMIT variable in the build. [$KUBERNETES_CPU_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-cpu-request value The CPU allocation requested for build containers [$KUBERNETES_CPU_REQUEST] --kubernetes-cpu-request-overwrite-max-allowed value If set, the max amount the cpu request can be set to. Used with the KUBERNETES_CPU_REQUEST variable in the build. [$KUBERNETES_CPU_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-memory-limit value The amount of memory allocated to build containers [$KUBERNETES_MEMORY_LIMIT] --kubernetes-memory-limit-overwrite-max-allowed value If set, the max amount the memory limit can be set to. Used with the KUBERNETES_MEMORY_LIMIT variable in the build. [$KUBERNETES_MEMORY_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-memory-request value The amount of memory requested from build containers [$KUBERNETES_MEMORY_REQUEST] --kubernetes-memory-request-overwrite-max-allowed value If set, the max amount the memory request can be set to. Used with the KUBERNETES_MEMORY_REQUEST variable in the build. [$KUBERNETES_MEMORY_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-ephemeral-storage-limit value The amount of ephemeral storage allocated to build containers [$KUBERNETES_EPHEMERAL_STORAGE_LIMIT] --kubernetes-ephemeral-storage-limit-overwrite-max-allowed value If set, the max amount the ephemeral limit can be set to. Used with the KUBERNETES_EPHEMERAL_STORAGE_LIMIT variable in the build. [$KUBERNETES_EPHEMERAL_STORAGE_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-ephemeral-storage-request value The amount of ephemeral storage requested from build containers [$KUBERNETES_EPHEMERAL_STORAGE_REQUEST] --kubernetes-ephemeral-storage-request-overwrite-max-allowed value If set, the max amount the ephemeral storage request can be set to. Used with the KUBERNETES_EPHEMERAL_STORAGE_REQUEST variable in the build. [$KUBERNETES_EPHEMERAL_STORAGE_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-service-cpu-limit value The CPU allocation given to build service containers [$KUBERNETES_SERVICE_CPU_LIMIT] --kubernetes-service-cpu-limit-overwrite-max-allowed value If set, the max amount the service cpu limit can be set to. Used with the KUBERNETES_SERVICE_CPU_LIMIT variable in the build. [$KUBERNETES_SERVICE_CPU_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-service-cpu-request value The CPU allocation requested for build service containers [$KUBERNETES_SERVICE_CPU_REQUEST] --kubernetes-service-cpu-request-overwrite-max-allowed value If set, the max amount the service cpu request can be set to. Used with the KUBERNETES_SERVICE_CPU_REQUEST variable in the build. [$KUBERNETES_SERVICE_CPU_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-service-memory-limit value The amount of memory allocated to build service containers [$KUBERNETES_SERVICE_MEMORY_LIMIT] --kubernetes-service-memory-limit-overwrite-max-allowed value If set, the max amount the service memory limit can be set to. Used with the KUBERNETES_SERVICE_MEMORY_LIMIT variable in the build. [$KUBERNETES_SERVICE_MEMORY_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-service-memory-request value The amount of memory requested for build service containers [$KUBERNETES_SERVICE_MEMORY_REQUEST] --kubernetes-service-memory-request-overwrite-max-allowed value If set, the max amount the service memory request can be set to. Used with the KUBERNETES_SERVICE_MEMORY_REQUEST variable in the build. [$KUBERNETES_SERVICE_MEMORY_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-service-ephemeral_storage-limit value The amount of ephemeral storage allocated to build service containers [$KUBERNETES_SERVICE_EPHEMERAL_STORAGE_LIMIT] --kubernetes-service-ephemeral_storage-limit-overwrite-max-allowed value If set, the max amount the service ephemeral storage limit can be set to. Used with the KUBERNETES_SERVICE_EPHEMERAL_STORAGE_LIMIT variable in the build. [$KUBERNETES_SERVICE_EPHEMERAL_STORAGE_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-service-ephemeral_storage-request value The amount of ephemeral storage requested for build service containers [$KUBERNETES_SERVICE_EPHEMERAL_STORAGE_REQUEST] --kubernetes-service-ephemeral_storage-request-overwrite-max-allowed value If set, the max amount the service ephemeral storage request can be set to. Used with the KUBERNETES_SERVICE_EPHEMERAL_STORAGE_REQUEST variable in the build. [$KUBERNETES_SERVICE_EPHEMERAL_STORAGE_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-cpu-limit value The CPU allocation given to build helper containers [$KUBERNETES_HELPER_CPU_LIMIT] --kubernetes-helper-cpu-limit-overwrite-max-allowed value If set, the max amount the helper cpu limit can be set to. Used with the KUBERNETES_HELPER_CPU_LIMIT variable in the build. [$KUBERNETES_HELPER_CPU_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-cpu-request value The CPU allocation requested for build helper containers [$KUBERNETES_HELPER_CPU_REQUEST] --kubernetes-helper-cpu-request-overwrite-max-allowed value If set, the max amount the helper cpu request can be set to. Used with the KUBERNETES_HELPER_CPU_REQUEST variable in the build. [$KUBERNETES_HELPER_CPU_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-memory-limit value The amount of memory allocated to build helper containers [$KUBERNETES_HELPER_MEMORY_LIMIT] --kubernetes-helper-memory-limit-overwrite-max-allowed value If set, the max amount the helper memory limit can be set to. Used with the KUBERNETES_HELPER_MEMORY_LIMIT variable in the build. [$KUBERNETES_HELPER_MEMORY_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-memory-request value The amount of memory requested for build helper containers [$KUBERNETES_HELPER_MEMORY_REQUEST] --kubernetes-helper-memory-request-overwrite-max-allowed value If set, the max amount the helper memory request can be set to. Used with the KUBERNETES_HELPER_MEMORY_REQUEST variable in the build. [$KUBERNETES_HELPER_MEMORY_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-ephemeral_storage-limit value The amount of ephemeral storage allocated to build helper containers [$KUBERNETES_HELPER_EPHEMERAL_STORAGE_LIMIT] --kubernetes-helper-ephemeral_storage-limit-overwrite-max-allowed value If set, the max amount the helper ephemeral storage limit can be set to. Used with the KUBERNETES_HELPER_EPHEMERAL_STORAGE_LIMIT variable in the build. [$KUBERNETES_HELPER_EPHEMERAL_STORAGE_LIMIT_OVERWRITE_MAX_ALLOWED] --kubernetes-helper-ephemeral_storage-request value The amount of ephemeral storage requested for build helper containers [$KUBERNETES_HELPER_EPHEMERAL_STORAGE_REQUEST] --kubernetes-helper-ephemeral_storage-request-overwrite-max-allowed value If set, the max amount the helper ephemeral storage request can be set to. Used with the KUBERNETES_HELPER_EPHEMERAL_STORAGE_REQUEST variable in the build. [$KUBERNETES_HELPER_EPHEMERAL_STORAGE_REQUEST_OVERWRITE_MAX_ALLOWED] --kubernetes-allowed-images value Image allowlist [$KUBERNETES_ALLOWED_IMAGES] --kubernetes-allowed-pull-policies value Pull policy allowlist [$KUBERNETES_ALLOWED_PULL_POLICIES] --kubernetes-allowed-services value Service allowlist [$KUBERNETES_ALLOWED_SERVICES] --kubernetes-pull-policy value Policy for if/when to pull a container image (never, if-not-present, always). The cluster default will be used if not set [$KUBERNETES_PULL_POLICY] --kubernetes-node-selector value A toml table/json object of key:value. Value is expected to be a string. When set this will create pods on k8s nodes that match all the key:value pairs. Only one selector is supported through environment variable configuration. (default: "{}") [$KUBERNETES_NODE_SELECTOR] --kubernetes-node_selector_overwrite_allowed value Regex to validate 'KUBERNETES_NODE_SELECTOR_*' values [$KUBERNETES_NODE_SELECTOR_OVERWRITE_ALLOWED] --kubernetes-node-tolerations value A toml table/json object of key=value:effect. Value and effect are expected to be strings. When set, pods will tolerate the given taints. Only one toleration is supported through environment variable configuration. (default: "{}") [$KUBERNETES_NODE_TOLERATIONS] --kubernetes-image-pull-secrets value A list of image pull secrets that are used for pulling docker image [$KUBERNETES_IMAGE_PULL_SECRETS] --kubernetes-helper-image value [ADVANCED] Override the default helper image used to clone repos and upload artifacts [$KUBERNETES_HELPER_IMAGE] --kubernetes-helper-image-flavor value Set helper image flavor (alpine, ubuntu), defaults to alpine [$KUBERNETES_HELPER_IMAGE_FLAVOR] --kubernetes-terminationGracePeriodSeconds value Duration after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal.DEPRECATED: use KUBERNETES_POD_TERMINATION_GRACE_PERIOD_SECONDS and KUBERNETES_CLEANUP_GRACE_PERIOD_SECONDS instead. [$KUBERNETES_TERMINATIONGRACEPERIODSECONDS] --kubernetes-pod_termination_grace_period_seconds value Pod-level setting which determines the duration in seconds which the pod has to terminate gracefully. After this, the processes are forcibly halted with a kill signal. Ignored if KUBERNETES_TERMINATIONGRACEPERIODSECONDS is specified. [$KUBERNETES_POD_TERMINATION_GRACE_PERIOD_SECONDS] --kubernetes-cleanup_grace_period_seconds value When cleaning up a pod on completion of a job, the duration in seconds which the pod has to terminate gracefully. After this, the processes are forcibly halted with a kill signal. Ignored if KUBERNETES_TERMINATIONGRACEPERIODSECONDS is specified. [$KUBERNETES_CLEANUP_GRACE_PERIOD_SECONDS] --kubernetes-poll-interval value How frequently, in seconds, the runner will poll the Kubernetes pod it has just created to check its status (default: "0") [$KUBERNETES_POLL_INTERVAL] --kubernetes-poll-timeout value The total amount of time, in seconds, that needs to pass before the runner will timeout attempting to connect to the pod it has just created (useful for queueing more builds that the cluster can handle at a time) (default: "0") [$KUBERNETES_POLL_TIMEOUT] --kubernetes-resource-availability-check-max-attempts value The maximum number of attempts to check if a resource (service account and/or pull secret) set is available before giving up. There is 5 seconds interval between each attempt (default: "0") [$KUBERNETES_RESOURCE_AVAILABILITY_CHECK_MAX_ATTEMPTS] --kubernetes-pod-labels value A toml table/json object of key-value. Value is expected to be a string. When set, this will create pods with the given pod labels. Environment variables will be substituted for values here. (default: "{}") --kubernetes-pod_labels_overwrite_allowed value Regex to validate 'KUBERNETES_POD_LABELS_*' values [$KUBERNETES_POD_LABELS_OVERWRITE_ALLOWED] --kubernetes-scheduler-name value Pods will be scheduled using this scheduler, if it exists [$KUBERNETES_SCHEDULER_NAME] --kubernetes-service-account value Executor pods will use this Service Account to talk to kubernetes API [$KUBERNETES_SERVICE_ACCOUNT] --kubernetes-service_account_overwrite_allowed value Regex to validate 'KUBERNETES_SERVICE_ACCOUNT' value [$KUBERNETES_SERVICE_ACCOUNT_OVERWRITE_ALLOWED] --kubernetes-pod-annotations value A toml table/json object of key-value. Value is expected to be a string. When set, this will create pods with the given annotations. Can be overwritten in build with KUBERNETES_POD_ANNOTATION_* variables (default: "{}") --kubernetes-pod_annotations_overwrite_allowed value Regex to validate 'KUBERNETES_POD_ANNOTATIONS_*' values [$KUBERNETES_POD_ANNOTATIONS_OVERWRITE_ALLOWED] --kubernetes-pod-security-context-fs-group value A special supplemental group that applies to all containers in a pod [$KUBERNETES_POD_SECURITY_CONTEXT_FS_GROUP] --kubernetes-pod-security-context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_POD_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-pod-security-context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_POD_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-pod-security-context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_POD_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-pod-security-context-supplemental-groups value A list of groups applied to the first process run in each container, in addition to the container's primary GID --kubernetes-pod-security-context-selinux-type value The SELinux type label that applies to all containers in a pod --kubernetes-init_permissions_container_security_context-capabilities-add value List of capabilities to add to the build container [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_ADD] --kubernetes-init_permissions_container_security_context-capabilities-drop value List of capabilities to drop from the build container [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_DROP] --kubernetes-init_permissions_container_security_context-privileged value Run container in privileged mode [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_PRIVILEGED] --kubernetes-init_permissions_container_security_context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-init_permissions_container_security_context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-init_permissions_container_security_context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-init_permissions_container_security_context-read-only-root-filesystem value Whether this container has a read-only root filesystem. [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_READ_ONLY_ROOT_FILESYSTEM] --kubernetes-init_permissions_container_security_context-allow-privilege-escalation value AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-init_permissions_container_security_context-selinux-type value The SELinux type label that is associated with the container process --kubernetes-init_permissions_container_security_context-proc-mount value Denotes the type of proc mount to use for the container. Valid values: default | unmasked. Set to unmasked if this container will be used to build OCI images. [$KUBERNETES_INIT_PERMISSIONS_CONTAINER_SECURITY_CONTEXT_PROC_MOUNT] --kubernetes-build_container_security_context-capabilities-add value List of capabilities to add to the build container [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_ADD] --kubernetes-build_container_security_context-capabilities-drop value List of capabilities to drop from the build container [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_DROP] --kubernetes-build_container_security_context-privileged value Run container in privileged mode [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_PRIVILEGED] --kubernetes-build_container_security_context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-build_container_security_context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-build_container_security_context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-build_container_security_context-read-only-root-filesystem value Whether this container has a read-only root filesystem. [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_READ_ONLY_ROOT_FILESYSTEM] --kubernetes-build_container_security_context-allow-privilege-escalation value AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-build_container_security_context-selinux-type value The SELinux type label that is associated with the container process --kubernetes-build_container_security_context-proc-mount value Denotes the type of proc mount to use for the container. Valid values: default | unmasked. Set to unmasked if this container will be used to build OCI images. [$KUBERNETES_BUILD_CONTAINER_SECURITY_CONTEXT_PROC_MOUNT] --kubernetes-helper_container_security_context-capabilities-add value List of capabilities to add to the build container [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_ADD] --kubernetes-helper_container_security_context-capabilities-drop value List of capabilities to drop from the build container [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_DROP] --kubernetes-helper_container_security_context-privileged value Run container in privileged mode [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_PRIVILEGED] --kubernetes-helper_container_security_context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-helper_container_security_context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-helper_container_security_context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-helper_container_security_context-read-only-root-filesystem value Whether this container has a read-only root filesystem. [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_READ_ONLY_ROOT_FILESYSTEM] --kubernetes-helper_container_security_context-allow-privilege-escalation value AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-helper_container_security_context-selinux-type value The SELinux type label that is associated with the container process --kubernetes-helper_container_security_context-proc-mount value Denotes the type of proc mount to use for the container. Valid values: default | unmasked. Set to unmasked if this container will be used to build OCI images. [$KUBERNETES_HELPER_CONTAINER_SECURITY_CONTEXT_PROC_MOUNT] --kubernetes-service_container_security_context-capabilities-add value List of capabilities to add to the build container [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_ADD] --kubernetes-service_container_security_context-capabilities-drop value List of capabilities to drop from the build container [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_CAPABILITIES_DROP] --kubernetes-service_container_security_context-privileged value Run container in privileged mode [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_PRIVILEGED] --kubernetes-service_container_security_context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_RUN_AS_USER] --kubernetes-service_container_security_context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_RUN_AS_GROUP] --kubernetes-service_container_security_context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_RUN_AS_NON_ROOT] --kubernetes-service_container_security_context-read-only-root-filesystem value Whether this container has a read-only root filesystem. [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_READ_ONLY_ROOT_FILESYSTEM] --kubernetes-service_container_security_context-allow-privilege-escalation value AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_ALLOW_PRIVILEGE_ESCALATION] --kubernetes-service_container_security_context-selinux-type value The SELinux type label that is associated with the container process --kubernetes-service_container_security_context-proc-mount value Denotes the type of proc mount to use for the container. Valid values: default | unmasked. Set to unmasked if this container will be used to build OCI images. [$KUBERNETES_SERVICE_CONTAINER_SECURITY_CONTEXT_PROC_MOUNT] --kubernetes-host_aliases value Add a custom host-to-IP mapping --kubernetes-cap-add value Add Linux capabilities [$KUBERNETES_CAP_ADD] --kubernetes-cap-drop value Drop Linux capabilities [$KUBERNETES_CAP_DROP] --kubernetes-dns-policy value How Kubernetes should try to resolve DNS from the created pods. If unset, Kubernetes will use the default 'ClusterFirst'. Valid values are: none, default, cluster-first, cluster-first-with-host-net [$KUBERNETES_DNS_POLICY] --kubernetes-priority_class_name value If set, the Kubernetes Priority Class to be set to the Pods [$KUBERNETES_PRIORITY_CLASS_NAME] --custom-config-exec value Executable that allows to inject configuration values to the executor [$CUSTOM_CONFIG_EXEC] --custom-config-args value Arguments for the config executable --custom-config-exec-timeout value Timeout for the config executable (in seconds) [$CUSTOM_CONFIG_EXEC_TIMEOUT] --custom-prepare-exec value Executable that prepares executor [$CUSTOM_PREPARE_EXEC] --custom-prepare-args value Arguments for the prepare executable --custom-prepare-exec-timeout value Timeout for the prepare executable (in seconds) [$CUSTOM_PREPARE_EXEC_TIMEOUT] --custom-run-exec value Executable that runs the job script in executor [$CUSTOM_RUN_EXEC] --custom-run-args value Arguments for the run executable --custom-cleanup-exec value Executable that cleanups after executor run [$CUSTOM_CLEANUP_EXEC] --custom-cleanup-args value Arguments for the cleanup executable --custom-cleanup-exec-timeout value Timeout for the cleanup executable (in seconds) [$CUSTOM_CLEANUP_EXEC_TIMEOUT] --custom-graceful-kill-timeout value Graceful timeout for scripts execution after SIGTERM is sent to the process (in seconds). This limits the time given for scripts to perform the cleanup before exiting [$CUSTOM_GRACEFUL_KILL_TIMEOUT] --custom-force-kill-timeout value Force timeout for scripts execution (in seconds). Counted from the force kill call; if process will be not terminated, Runner will abandon process termination and log an error [$CUSTOM_FORCE_KILL_TIMEOUT] 上記コマンドだと、インタラクティブなのですが、コマンドラインだけでやる方法もあります。 gitlab-runner register --non-interactive --locked=false --url=<URL> --registration-token=<token> --name=container-runner --tag-list=tag-runner --executor=docker --docker-privileged=true --docker-image=docker:20.10.15-dind Shell で、参考にしたサイトは https://e-penguiner.com/build-gitlab-runner-with-docker/ です。 実行すると、上記の場合は質問されないです。いろいろなサイトで見つけるやり方だといくつか質問をしてくるので、上記手順でメモした内容で答えていきます。 実行タイプはdockerを選んだほうがdocker上のGitLabに認識してもらえるので、いいかと思います。 質問結果は以下に保存されます。 /etc/gitlab-runner/config.toml 編集のために、コンテナの名前を確認します。 docker-compose ps 仮に、 gitlab-web-1 というコンテナ名でgitlabが動作していたとします。 docker exec -it gitlab-web-1 bash cd /etc/gitlab-runner テキストエディタのviがインストールされていないので、インストールします。 apt-get update apt-get install vim *** gitlab-runnerのサービスのインストール [#x35928ae] gitlab-runner install --user=gitlab-runner --working-directory=/home/gitlab-runner 実行は、 gitlab-runner run & です。 停止は、 gitlab-runner stop です。 * GitLabでSpecific Runnerが表示されたあと何をするのか? [#w23b9f2e] GitLab.comではShared Runnerは限定されますが、オンプレミスGitLabではShared RunnerとSpecific Runnerの両方が利用可能であり、全体的に共有されたRunnerの設定が便利です。 ** Shared Runnerの設定 [#zf417668] *** gitlab-runner registerで利用するトークンの取得 [#cca448a6] GitLabのどこで、トークンを取得できるかというと、[Menu] > [Admin] を選択し,[Overview] > [Runner]を選択します #ref(specific_token.png) 右上の「Register an instance runner」ボタンをクリックすると、gitlab-runner registerで利用するトークンを取得することができます。 *** gitlab-runner registerでのrunner登録例 [#f8714591] dockerのgitlab-runnerコンテナ名がroot-runner-1だった場合のrunner登録例です docker exec -it root-runner-1 gitlab-runner register --non-interactive --locked=false --url=<URL> --registration-token=<token> --name=container-runner --tag-list=tag-runner --executor=docker --docker-privileged=true --docker-image=docker:20.10.15-dind *** 2つ目のrunnerの追加は以下のようにやってみました。 [#m9396a2d] [root@localhost gitlab]# docker exec -it gitlab-runner $gitlab_runner_container register --non-interactive --locked=false --url=$gtilab_url --registration-token=$gitlab_runner_token --name=$container_runner --tag-list=$tag_list --executor=docker --docker-privileged=true --docker-image=docker:20.10.15-dind Runtime platform arch=amd64 os=linux pid=61 revision=dcfb4b66 version=15.10.1 Running in system-mode. WARNING: Support for registration tokens and runner parameters in the 'register' command has been deprecated in GitLab Runner 15.6 and will be replaced with support for authentication tokens. For more information, see https://gitlab.com/gitlab-org/gitlab/-/issues/380872 Registering runner... succeeded runner=xxxx Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded! Configuration (with the authentication token) was saved in "/etc/gitlab-runner/config.toml" [root@localhost gitlab]# docker exec -it gitlab-runner gitlab-runner list Runtime platform arch=amd64 os=linux pid=71 revision=dcfb4b66 version=15.10.1 Listing configured runners ConfigFile=/etc/gitlab-runner/config.toml container-runner Executor=docker Token=xxxx URL=http://xxxx:xxxx/ container-runner-2 Executor=docker Token=xxxx URL=http://xxxx:xxx/ * CI/CDの実行 [#y5f0ee9c] ** GitLabで、runnerの実行ユーザを設定する [#v70adc24] GitLabのrunnerの実行ユーザは設定できます。 *** Advanced configuration [#saf9d403] https://gitlab-docs.creationline.com/runner/configuration/advanced-configuration.html 設定ファイルは、それぞれのrunnerのdockerコンテナごとにあるような感じです。 設定ファイルの場所は、もしrootで実行しているならば、 /etc/gitlab-runner/config.toml にあるし、rootでの実行ではないならば、それぞれのユーザの ~/.gitlab-runner/config.toml にあります。 gitlab-runnerをdockerのイメージで実行している場合は、viエディタがインストールされていませんので、以下のコマンドでインストールする必要があります。 apt-get update apt-get install vim [runners.docker] のuserを設定します gitlab-runnerのコンテナですでに以下のユーザが登録されています。 gitlab-runner ** HelloWorld的な簡単な設定ファイル [#fe298203] まずは、設定があっていれば必ず成功するレベルの簡単な自動実行をチュートリアルとしてやってみます。 以下の設定ファイルが簡単な設定ファイルと、紹介サイト(https://e-penguiner.com/build-gitlab-runner-with-docker/)には書いてありました。 *** シンプルな.gitlab-ci.yml [#se271657] image: docker:20.10.15 services: - docker:20.10.15-dind variables: DOCKER_DRIVER: overlay2 DOCKER_TLS_CERTDIR: "" before_script: - docker info test_ci: script: - docker pull alpine:latest - docker run alpine:latest cat /etc/alpine-release tags: - tag-runner *** .gitlab-ci.ymlの実行のさせ方 [#s4c06c19] ブランチを作って、上記ファイルを含むマージリクエストを作った時点で、動作するようになります。 このyamlファイルの仕様については、以下が元の記事らしいのですが、わかりにくいので、ほかの記事も参考にしていきましょう。 ** 参考記事 [#y4588152] *** 本家 [#obca6436] https://gitlab-docs.creationline.com/ee/ci/yaml/ *** はじめてのGitLab-CI [#y9cf4771] https://qiita.com/yurano/items/a7804d987ccff37b1a9d *** JHipsterでのCI/CDの記事 [#q677e359] https://www.jhipster.tech/setting-up-ci/#what-cicd-pipeline-do-you-want-to-generate- * jhipsterの7.9.3のdockerfile [#o8d6f6e9] https://hub.docker.com/layers/jhipster/jhipster/v7.9.3/images/sha256-0878e0666e88451f3487abc2bf4417368daa86d9d93e0dd659f93ce1e89161cc?context=explore
テキスト整形のルールを表示する