Add cap_add and devices parameters to supporting services configuration
Description
I would like gitlab-runner to be able to run Docker containers as supporting services with additional parameters such as cap_add
and devices
.
In time .gitlab-ci.yml could support all options available in [runners.docker]
Proposal - worked example
Example .gitlab-ci.yml file below.
The main job runner is busybox which sleeps for 60 seconds and then exits
A supporting service container selenium/standalone-chrome waits for commands for the duration of the job
job:
image: busybox
services:
- name: selenium/standalone-chrome
script:
- echo "About to sleep"
- sleep 60
- echo "End of test"
gitlab-runner currently supports flags --cap_add
and --devices
gitlab-runner exec docker --docker-cap-add "NET_ADMIN" --docker-devices "/dev/net/tun" "job"
Both busybox and selenium containers are running
adam@adam-dev:/mnt/development/btos$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7b746fbb8cf2 19485c79a9bb "sh -c 'if [ -x /usr…" 9 seconds ago Up 7 seconds runner--project-0-concurrent-0-build-4
283665bea3a2 40a30a1980c6 "/opt/bin/entry_poin…" 22 seconds ago Up 20 seconds 4444/tcp runner--project-0-concurrent-0-selenium__standalone-chrome-0
However when inspecting the containers, the extra host arguments are only passed to the busybox container, not the selenium container running as a supporting service.
Excerpt of docker inspect
from the busybox container. The CapAdd and Devices parameters have been succesfully populated.
"HostConfig": {
...
"CapAdd": [
"NET_ADMIN"
],
...
"Devices": [
{
"PathOnHost": "/dev/net/tun",
"PathInContainer": "/dev/net/tun",
"CgroupPermissions": "rwm"
}
],
...
}
Excerpt of docker inspect
from the selenium service container. The CapAdd and Devices parameters have not been populated.
"HostConfig": {
...
"CapAdd": null,
...
"Devices": null,
...
}