Skip to content

chart: fix unregisterRunner

LAKostis requested to merge LAKostis/gitlab-runner:charts/fix-unregister-one-runner into main

What does this MR do?

Fixes the unregisterRunner option

Why was this MR needed?

The original fix was incomplete

What's the best way to test this MR?

Checked with latest version of helm chart and gitlab-runner itself:

$ helm list
NAME         	NAMESPACE	REVISION	UPDATED                                 	STATUS  	CHART               	APP VERSION
gitlab-runner	gitlab   	3       	2022-06-02 15:47:56.567082145 +0200 CEST	deployed	gitlab-runner-0.41.0	15.0.0

Enabled unregisterRunner and Disabled unregisterRunners:

  # https://gitlab.com/gitlab-org/charts/gitlab-runner/blob/main/values.yaml
  values = [yamlencode({
	gitlabUrl         = "https://gitlab.<some domain>/"
	replicas          = 1
	logFormat         = "json"
	image             = "gitlab/gitlab-runner:alpine-v${local.gl_version}"
	unregisterRunner  = true  # set to true before updating/removing the runners
	unregisterRunners = false # set to true before updating/removing the runners
	imagePullSecrets  = [{ name = local.docker_secret }]

But after redeploy/pod deletion the runner still registered on server.

Checked the pod itself and it seems we're missing some bits about CI_SERVER_TOKEN:

<<K9s-Shell>> Pod: gitlab/gitlab-runner-58bcbd59-n4z46 | Container: gitlab-runner 
bash-5.1$ pwd
/
bash-5.1$ ls -lapt /home/gitlab-runner/.gitlab-runner/config.toml 
-rw-r--r--    1 gitlab-r nogroup       1591 Jun  2 14:01 /home/gitlab-runner/.gitlab-runner/config.toml
bash-5.1$ cat /home/gitlab-runner/.gitlab-runner/config.toml 
concurrent = 10
check_interval = 30
log_level = "info"
log_format = "json"

[session_server]
  session_timeout = 1800

runners
  name = "Runners EKS"
  url = "https://gitlab.<some domain>/"
  token = "<some token>"

...

bash-5.1$ /entrypoint unregister --config /home/gitlab-runner/.gitlab-runner/config.toml 
Runtime platform                                    arch=amd64 os=linux pid=284 revision=febb2a09 version=15.0.0
WARNING: Running in user-mode.                     
WARNING: Use sudo for system-mode:                 
WARNING: $ sudo gitlab-runner...                   
                                                   
ERROR: Unregistering runner from GitLab failed      status=DELETE https://gitlab.<some domain>/api/v4/runners: 400 Bad Request ()
FATAL: Failed to unregister runner
bash-5.1$ env|fgrep CI_SERVER_TOKEN
bash-5.1$ ls /secrets/
..2022_06_02_14_01_19.217569107/ ..data/                          runner-registration-token        runner-token                     
bash-5.1$ ls /secrets/runner-token 
/secrets/runner-token
bash-5.1$ cat /secrets/runner-token
<empty output>

So CI_SERVER_TOKEN var is empty and gitlab-runner doesn't use token from supplied config

If I populate CI_SERVER_TOKEN env with value taken from config it works:

bash-5.1$ token=$(grep 'token = ' ~/.gitlab-runner/config.toml|sed 's,",,g'); export CI_SERVER_TOKEN=${token##*= }
bash-5.1$ env|fgrep CI_SERVER_TOKEN
CI_SERVER_TOKEN=<some token>
bash-5.1$ /entrypoint unregister --config /home/gitlab-runner/.gitlab-runner/config.toml 
Runtime platform                                    arch=amd64 os=linux pid=512 revision=febb2a09 version=15.0.0
WARNING: Running in user-mode.                     
WARNING: Use sudo for system-mode:                 
WARNING: $ sudo gitlab-runner...                   
                                                   
Unregistering runner from GitLab succeeded          runner=6tyyVBuG
Updated /home/gitlab-runner/.gitlab-runner/config.toml

What are the relevant issue numbers?

!329 (merged)

Edited by Kerri Miller

Merge request reports