chart: fix unregisterRunner
What does this MR do?
Fixes the unregisterRunner
option
Why was this MR needed?
The original fix was incomplete
What's the best way to test this MR?
Checked with latest version of helm chart and gitlab-runner itself:
$ helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
gitlab-runner gitlab 3 2022-06-02 15:47:56.567082145 +0200 CEST deployed gitlab-runner-0.41.0 15.0.0
Enabled unregisterRunner
and Disabled unregisterRunners
:
# https://gitlab.com/gitlab-org/charts/gitlab-runner/blob/main/values.yaml
values = [yamlencode({
gitlabUrl = "https://gitlab.<some domain>/"
replicas = 1
logFormat = "json"
image = "gitlab/gitlab-runner:alpine-v${local.gl_version}"
unregisterRunner = true # set to true before updating/removing the runners
unregisterRunners = false # set to true before updating/removing the runners
imagePullSecrets = [{ name = local.docker_secret }]
But after redeploy/pod deletion the runner still registered on server.
Checked the pod itself and it seems we're missing some bits about CI_SERVER_TOKEN
:
<<K9s-Shell>> Pod: gitlab/gitlab-runner-58bcbd59-n4z46 | Container: gitlab-runner
bash-5.1$ pwd
/
bash-5.1$ ls -lapt /home/gitlab-runner/.gitlab-runner/config.toml
-rw-r--r-- 1 gitlab-r nogroup 1591 Jun 2 14:01 /home/gitlab-runner/.gitlab-runner/config.toml
bash-5.1$ cat /home/gitlab-runner/.gitlab-runner/config.toml
concurrent = 10
check_interval = 30
log_level = "info"
log_format = "json"
[session_server]
session_timeout = 1800
runners
name = "Runners EKS"
url = "https://gitlab.<some domain>/"
token = "<some token>"
...
bash-5.1$ /entrypoint unregister --config /home/gitlab-runner/.gitlab-runner/config.toml
Runtime platform arch=amd64 os=linux pid=284 revision=febb2a09 version=15.0.0
WARNING: Running in user-mode.
WARNING: Use sudo for system-mode:
WARNING: $ sudo gitlab-runner...
ERROR: Unregistering runner from GitLab failed status=DELETE https://gitlab.<some domain>/api/v4/runners: 400 Bad Request ()
FATAL: Failed to unregister runner
bash-5.1$ env|fgrep CI_SERVER_TOKEN
bash-5.1$ ls /secrets/
..2022_06_02_14_01_19.217569107/ ..data/ runner-registration-token runner-token
bash-5.1$ ls /secrets/runner-token
/secrets/runner-token
bash-5.1$ cat /secrets/runner-token
<empty output>
So CI_SERVER_TOKEN
var is empty and gitlab-runner doesn't use token from supplied config
If I populate CI_SERVER_TOKEN
env with value taken from config it works:
bash-5.1$ token=$(grep 'token = ' ~/.gitlab-runner/config.toml|sed 's,",,g'); export CI_SERVER_TOKEN=${token##*= }
bash-5.1$ env|fgrep CI_SERVER_TOKEN
CI_SERVER_TOKEN=<some token>
bash-5.1$ /entrypoint unregister --config /home/gitlab-runner/.gitlab-runner/config.toml
Runtime platform arch=amd64 os=linux pid=512 revision=febb2a09 version=15.0.0
WARNING: Running in user-mode.
WARNING: Use sudo for system-mode:
WARNING: $ sudo gitlab-runner...
Unregistering runner from GitLab succeeded runner=6tyyVBuG
Updated /home/gitlab-runner/.gitlab-runner/config.toml
What are the relevant issue numbers?
Edited by Kerri Miller