Adapt the Helm Chart to support the next Token Architecture
What does this MR do?
When an Authentication token is provided (prefixed with glrt-
), arguments listed below should not the set during the registration:
--locked
RUNNER_TAG_LIST as envvar
--run-untaged
--access-level
Why was this MR needed?
To allow support of Authentication Token
What's the best way to test this MR?
Legacy Registration Token
- Update the values.yaml with the diff below
diff --git a/values.yaml b/values.yaml
index 649295488..c4dff2d44 100644
--- a/values.yaml
+++ b/values.yaml
@@ -58,7 +58,7 @@ imagePullPolicy: IfNotPresent
## ref: https://docs.gitlab.com/ce/ci/runners/index.html
## ref: https://docs.gitlab.com/runner/register/
##
-# runnerRegistrationToken: ""
+runnerRegistrationToken: "xxxxxx"
## The Runner Token for adding new Runners to the GitLab Server. This must
## be retrieved from your GitLab Instance. It is token of already registered runner.
@@ -335,7 +335,7 @@ runners:
## Specify the name for the runner.
##
- # name: ""
+ name: "my-name"
## Specify the maximum timeout (in seconds) that will be set for job when using this Runner
##
- From the project folder run
helm template gitlab-runner . -f values.yaml
- The generated template will have the following info
...
---
# Source: gitlab-runner/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
...
register-the-runner: |
#!/bin/bash
MAX_REGISTER_ATTEMPTS=30
echo false
for i in $(seq 1 "${MAX_REGISTER_ATTEMPTS}"); do
echo "Registration attempt ${i} of ${MAX_REGISTER_ATTEMPTS}"
/entrypoint register \
--name="my-name"\
--template-config /configmaps/config.template.toml \
--non-interactive
...
---
# Source: gitlab-runner/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
...
env:
- name: CI_SERVER_URL
value:
- name: RUNNER_EXECUTOR
value: "kubernetes"
- name: REGISTER_LOCKED
value: "true"
- name: RUNNER_TAG_LIST
value: ""
Authentication token
- Update the values.yaml with the diff below
diff --git a/values.yaml b/values.yaml
index 649295488..c4dff2d44 100644
--- a/values.yaml
+++ b/values.yaml
@@ -58,7 +58,7 @@ imagePullPolicy: IfNotPresent
## ref: https://docs.gitlab.com/ce/ci/runners/index.html
## ref: https://docs.gitlab.com/runner/register/
##
-# runnerRegistrationToken: ""
+runnerRegistrationToken: "glrt-"
## The Runner Token for adding new Runners to the GitLab Server. This must
## be retrieved from your GitLab Instance. It is token of already registered runner.
@@ -335,7 +335,7 @@ runners:
## Specify the name for the runner.
##
- # name: ""
+ name: "my-name"
## Specify the maximum timeout (in seconds) that will be set for job when using this Runner
##
- From the project folder run
helm template gitlab-runner . -f values.yaml
- The generated template won't have any references to the arguments we are avoiding
What are the relevant issue numbers?
close #436 (closed)
Merge request reports
Activity
changed milestone to %16.0
assigned to @ratchade
@ratchade thanks for adding the breaking change label!
This merge request introduces breaking changes. Learn more about breaking changes.
It's important to identify how the breaking change was introduced. To estimate the impact, try to assess the following:
- Are there existing users depending on this feature?
- Are self-managed customers affected?
- To verify and quantify usage, use Grafana or Kibana.
- If you're not sure about how to query the data, contact the infrastructure team on their Slack channel, #infrastructure-lounge
- Was sufficient time given to communicate the change?
- Changes in the permissions, the API schema, and the API response might affect existing 3rd party integrations.
- Reach out to the Support team or Technical Account Managers and ask about the possible impact of this change.
This message was generated automatically. You're welcome to improve it.
- Are there existing users depending on this feature?
added 1 commit
- fb33a674 - Adapt the Helm Chart to support the next Token Architecture
added 1 commit
- b49c3976 - Adapt the Helm Chart to support the next Token Architecture
- Resolved by Romuald Atchadé
- Resolved by Arran Walker
@ajwalker would you mind reviewing this MR
🙇🏿
added workflowin review label
requested review from @ajwalker
added 1 commit
- 1385144a - Adapt the Helm Chart to support the next Token Architecture
added 1 commit
- 8c3fc6d4 - Adapt the Helm Chart to support the next Token Architecture
removed breaking change label
mentioned in issue gitlab-org/gitlab#380872 (closed)
- Resolved by Romuald Atchadé
This looks good, I'm just wondering if we should be adding the resolution of #455 (comment 1384860830) into this MR too? It's part of making this next-token ready I believe.
mentioned in commit 4741dcaf
- Resolved by Romuald Atchadé
I am a bit concerned this MR doesn't take into consideration when the
runnerRegistrationToken
is being provided through a k8s secret in a GitOps model so popular now a days.See: https://gitlab.com/gitlab-org/charts/gitlab-runner/-/blob/main/values.yaml#L359
mentioned in merge request !403 (merged)
mentioned in merge request !405 (merged)
mentioned in issue #472 (closed)