Puppet Class: gitlab_ci_runner

Defined in:
manifests/init.pp

Summary

This module installs and configures Gitlab CI Runners.

Overview

Examples:

Simple runner registration

class { 'gitlab_ci_runner':
  runners => {
 	 example_runner => {
 		 'registration-token' => 'gitlab-token',
 		 'url'                => 'https://gitlab.com',
 		 'tag-list'           => 'docker,aws',
 	 },
  },
}

Parameters:

  • runners (Hash) (defaults to: {})

    Hashkeys are used as $title in runners.pp. The subkeys have to be named as the parameter names from ´gitlab-runner register´ command cause they’re later joined to one entire string using 2 hyphen to look like shell command parameters. See ´docs.gitlab.com/runner/register/#one-line-registration-command´ for details.

  • runner_defaults (Hash) (defaults to: {})

    A hash with defaults which will be later merged with $runners.

  • xz_package_name (String)

    The name of the ‘xz’ package. Needed for local docker installations.

  • concurrent (Optional[Integer]) (defaults to: undef)

    Limits how many jobs globally can be run concurrently. The most upper limit of jobs using all defined runners. 0 does not mean unlimited!

  • log_level (Optional[Gitlab_ci_runner::Log_level]) (defaults to: undef)

    Log level (options: debug, info, warn, error, fatal, panic). Note that this setting has lower priority than level set by command line argument –debug, -l or –log-level

  • log_format (Optional[Gitlab_ci_runner::Log_format]) (defaults to: undef)

    Log format (options: runner, text, json). Note that this setting has lower priority than format set by command line argument –log-format

  • check_interval (Optional[Integer]) (defaults to: undef)

    Defines the interval length, in seconds, between new jobs check. The default value is 3; if set to 0 or lower, the default value will be used.

  • shutdown_timeout (Optional[Integer]) (defaults to: undef)

    Number of seconds until the forceful shutdown operation times out and exits the process.

  • sentry_dsn (Optional[String]) (defaults to: undef)

    Enable tracking of all system level errors to sentry.

  • listen_address (Optional[Pattern[/.*:.+/]]) (defaults to: undef)

    Address (<host>:<port>) on which the Prometheus metrics HTTP server should be listening.

  • session_server (Optional[Gitlab_ci_runner::Session_server]) (defaults to: undef)

    Session server lets users interact with jobs, for example, in the interactive web terminal.

  • manage_docker (Boolean) (defaults to: false)

    If docker should be installs (uses the puppetlabs-docker).

  • install_method (Enum['repo', 'binary']) (defaults to: 'repo')

    If repo or binary should be installed

  • binary_source (Stdlib::HTTPUrl) (defaults to: 'https://s3.dualstack.us-east-1.amazonaws.com/gitlab-runner-downloads/latest/binaries/gitlab-runner-linux-amd64')

    URL to the binary file

  • binary_path (Stdlib::Absolutepath) (defaults to: '/usr/local/bin/gitlab-runner')

    Absolute path where to install gitlab_runner binary

  • manage_user (Boolean) (defaults to: false)

    If the user should be managed.

  • user (String[1]) (defaults to: 'gitlab-runner')

    The user to manage.

  • group (String[1]) (defaults to: $user)

    The group to manage.

  • manage_repo (Boolean) (defaults to: true)

    If the repository should be managed.

  • package_ensure (String) (defaults to: installed)

    The package ‘ensure’ state.

  • package_name (String) (defaults to: 'gitlab-runner')

    The name of the package.

  • repo_base_url (Stdlib::HTTPUrl) (defaults to: 'https://packages.gitlab.com')

    The base repository url.

  • repo_keyserver (Optional[Gitlab_ci_runner::Keyserver]) (defaults to: undef)

    The keyserver which should be used to get the repository key.

  • config_path (String) (defaults to: '/etc/gitlab-runner/config.toml')

    The path to the config file of Gitlab runner.

  • config_owner (String[1]) (defaults to: 'root')

    The user owning the config file. (and config directory if managed).

  • config_group (String[1]) (defaults to: 'root')

    The group ownership assigned to the config file (and config directory if managed).

  • config_mode (Stdlib::Filemode) (defaults to: '0444')

    The file permissions applied to the config file.

  • manage_config_dir (Boolean) (defaults to: false)

    Manage the parent directory of the config file.

  • config_dir_mode (Optional[Stdlib::Filemode]) (defaults to: undef)

    The file permissions applied to the config directory.

  • http_proxy (Optional[Stdlib::HTTPUrl]) (defaults to: undef)

    An HTTP proxy to use whilst registering runners. This setting is only used when registering or unregistering runners and will be used for all runners in the ‘runners` parameter. If you have some runners that need to use a proxy and others that don’t, leave ‘runners` and `http_proxy` unset and declare `gitlab_ci_runnner::runner` resources separately. If you do need to use an http proxy, you’ll probably also want to configure other aspects of your runners to use it, (eg. setting ‘http_proxy` environment variables, `pre-clone-script`, `pre-build-script` etc.) Exactly how you might need to configure your runners varies between runner executors and specific use-cases. This module makes no attempt to automatically alter your runner configurations based on the value of this parameter. More information on what you might need to configure can be found [here](docs.gitlab.com/runner/configuration/proxy.html)

  • ca_file (Optional[Stdlib::Unixpath]) (defaults to: undef)

    A file containing public keys of trusted certificate authorities in PEM format. This setting is only used when registering or unregistering runners and will be used for all runners in the ‘runners` parameter. It can be used when the certificate of the gitlab server is signed using a CA and when upon registering a runner the following error is shown: `certificate verify failed (self signed certificate in certificate chain)` Using the CA file solves github.com/voxpupuli/puppet-gitlab_ci_runner/issues/124. The ca_file must exist. If it doesn’t, Gitlab runner token generation will be skipped. Gitlab runner will not register until either the file exists or the ca_file parameter is not specified.

  • repo_keysource (Stdlib::HTTPSUrl) (defaults to: "${repo_base_url}/gpg.key")

    URL to the gpg file used to sign the apt packages

  • package_keysource (Optional[Stdlib::HTTPSUrl]) (defaults to: undef)
  • package_gpgcheck (Boolean) (defaults to: true)


92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
# File 'manifests/init.pp', line 92

class gitlab_ci_runner (
  String                                     $xz_package_name, # Defaults in module hieradata
  Hash                                       $runners           = {},
  Hash                                       $runner_defaults   = {},
  Optional[Integer]                          $concurrent        = undef,
  Optional[Gitlab_ci_runner::Log_level]      $log_level         = undef,
  Optional[Gitlab_ci_runner::Log_format]     $log_format        = undef,
  Optional[Integer]                          $check_interval    = undef,
  Optional[Integer]                          $shutdown_timeout  = undef,
  Optional[String]                           $sentry_dsn        = undef,
  Optional[Pattern[/.*:.+/]]                 $listen_address    = undef,
  Optional[Gitlab_ci_runner::Session_server] $session_server    = undef,
  Enum['repo', 'binary']                     $install_method    = 'repo',
  Stdlib::HTTPUrl                            $binary_source     = 'https://s3.dualstack.us-east-1.amazonaws.com/gitlab-runner-downloads/latest/binaries/gitlab-runner-linux-amd64',
  Stdlib::Absolutepath                       $binary_path       = '/usr/local/bin/gitlab-runner',
  Boolean                                    $manage_user       = false,
  String[1]                                  $user              = 'gitlab-runner',
  String[1]                                  $group             = $user,
  Boolean                                    $manage_docker     = false,
  Boolean                                    $manage_repo       = true,
  String                                     $package_ensure    = installed,
  String                                     $package_name      = 'gitlab-runner',
  Stdlib::HTTPUrl                            $repo_base_url     = 'https://packages.gitlab.com',
  Optional[Gitlab_ci_runner::Keyserver]      $repo_keyserver    = undef,
  String                                     $config_path       = '/etc/gitlab-runner/config.toml',
  String[1]                                  $config_owner      = 'root',
  String[1]                                  $config_group      = 'root',
  Stdlib::Filemode                           $config_mode       = '0444',
  Boolean                                    $manage_config_dir = false,
  Optional[Stdlib::Filemode]                 $config_dir_mode   = undef,
  Optional[Stdlib::HTTPUrl]                  $http_proxy        = undef,
  Optional[Stdlib::Unixpath]                 $ca_file           = undef,
  Stdlib::HTTPSUrl                           $repo_keysource    = "${repo_base_url}/gpg.key",
  Optional[Stdlib::HTTPSUrl]                 $package_keysource = undef,
  Boolean                                    $package_gpgcheck  = true,
) {
  if $manage_docker {
    # workaround for cirunner issue #1617
    # https://gitlab.com/gitlab-org/gitlab-ci-multi-runner/issues/1617
    stdlib::ensure_packages($xz_package_name)

    $docker_images = {
      ubuntu_focal => {
        image     => 'ubuntu',
        image_tag => 'focal',
      },
    }

    include docker
    class { 'docker::images':
      images => $docker_images,
    }
  }

  if $manage_repo {
    contain gitlab_ci_runner::repo
  }

  contain gitlab_ci_runner::install
  contain gitlab_ci_runner::config
  contain gitlab_ci_runner::service

  Class['gitlab_ci_runner::install']
  -> Class['gitlab_ci_runner::config']
  ~> Class['gitlab_ci_runner::service']

  $runners.each |$runner_name,$config| {
    $_config = $runner_defaults + $config
    $title   = $_config['name'] ? {
      undef   => $runner_name,
      default => $_config['name'],
    }
    $_ca_file = $_config['ca_file'] ? {
      undef   => $ca_file,
      default => $_config['ca_file'],
    }

    gitlab_ci_runner::runner { $title:
      ensure     => $_config['ensure'],
      config     => $_config - ['ensure', 'name', 'ca_file'],
      http_proxy => $http_proxy,
      ca_file    => $_ca_file,
      require    => Class['gitlab_ci_runner::config'],
      notify     => Class['gitlab_ci_runner::service'],
    }
  }
}