Add kubernetes option to images

Romuald Atchadérequested to merge
image-kubernetes-option into master

What does this MR do and why?

Add support for kubernetes options for the executor options.

In %17.11, the support for this option was added in GitLab Runner. However, after verification, it looks like, the new options needs to be explicitly added to the GitLab Rails for the new feature to be usable.

This MR aims to fix this issue.

References

Screenshots or screen recordings

Before After

How to set up and validate locally

The test was done using Gitpod.

  1. Go to https://www.gitpod.io/workspaces, login and create a workspace using https://gitlab.com/gitlab-org/gitlab repository with vscode
  2. Once the initalization do, switch to the MR branch by running the command below
git checkout image-kubernetes-option
  1. Reconfigure GDK with
gdk reconfigure
  1. Once everything is up and running, open the GitLab instance. The URL is available in the Ports tab of vscode bottom panel and starts with https://3000-gitlaborg-gitlab-HASH.ws-REGION.gitpod.io/
  2. The link must be made public to be accessible by the GitLab Runner Manager

Screenshot_2025-05-01_at_5.03.16_PM

  1. Login on GitLab UI, password initialization will be needed in addition to a new project
  2. Create a GitLab Runner associated to the new project
  3. Create a gitlab-ci.yaml file. The gitlab-ci.yaml will be saved without any validation error
test:
  image: 
    name: alpine
    kubernetes:
      user: "1001"
  script: |
    echo uid and gid is set to: $(id -u):$(id -g)

Screenshot_2025-05-01_at_2.48.37_PM

  1. Run a GitLab Runner Manager using the generated authentication token. The following config.toml can be used
listen_address = ":9252"
concurrent = 3
check_interval = 1
# log_level = "debug"
log_format = "runner"
connection_max_age = "15m0s"
shutdown_timeout = 0

[session_server]
  session_timeout = 1800

[[runners]]
  pre_get_sources_script = "git config --system --add safe.directory $CI_PROJECT_DIR"
  post_get_sources_script = "git config --local --add safe.directory $CI_PROJECT_DIR"

  name = "investigation"
  limit = 50
  url = "https://3000-gitlaborg-gitlab-HASH.ws-REGION.gitpod.io/"
  id = 0
  token = "glrt-REDACTED"
  token_obtained_at = 2024-09-30T14:38:04.623237Z
  executor = "kubernetes"
  shell = "bash"
  [runners.feature_flags]
    FF_USE_ADVANCED_POD_SPEC_CONFIGURATION = true
    FF_USE_POD_ACTIVE_DEADLINE_SECONDS = true
    FF_PRINT_POD_EVENTS = true
    FF_USE_FASTZIP = true
  [runners.kubernetes]
    host = ""
    bearer_token_overwrite_allowed = false
    image = "alpine"
    namespace = ""
    namespace_overwrite_allowed = ""
    namespace_per_job = false
    privileged = true
    node_selector_overwrite_allowed = ".*"
    node_tolerations_overwrite_allowed = ""
    pod_labels_overwrite_allowed = ""
    service_account_overwrite_allowed = ""
    pull_policy = "always"
    allowed_pull_policies = ["always", "if-not-present", "never"]
    [runners.kubernetes.pod_labels]
    [runners.kubernetes.dns_config]
  1. The job should pass
job log 
Running with gitlab-runner development version (HEAD)
  on investigation REDACTED, system ID: s_b188029b2abb
  feature flags: FF_USE_FASTZIP:true, FF_USE_ADVANCED_POD_SPEC_CONFIGURATION:true, FF_PRINT_POD_EVENTS:true
Preparing the "kubernetes" executor
00:01
WARNING: Namespace is empty, therefore assuming 'default'.
Using Kubernetes namespace: default
Using Kubernetes executor with image alpine ...
Using attach strategy to execute scripts...
Using effective pull policy of [Always] for container helper
Using effective pull policy of [Always] for container init-permissions
Using effective pull policy of [Always] for container build
Preparing environment
00:08
Using FF_USE_POD_ACTIVE_DEADLINE_SECONDS, the Pod activeDeadlineSeconds will be set to the job timeout: 1h0m0s...
WARNING: Advanced Pod Spec configuration enabled, merging the provided PodSpec to the generated one. This is a beta feature and is subject to change. Feedback is collected in this issue: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29659 ...
Subscribing to Kubernetes Pod events...
Type     Reason      Message
Normal   Scheduled   Successfully assigned default/runner-REDACTED-project-19-concurrent-0-kg92p3m0 to gke-ra-cluster-linux-pool-7ae7231b-o9hl
Normal   Pulling   Pulling image "registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:x86_64-latest"
Normal   Pulled   Successfully pulled image "registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:x86_64-latest" in 2.034s (2.034s including waiting). Image size: 32935691 bytes.
Normal   Created   Created container: init-permissions
Normal   Started   Started container init-permissions
Normal   Pulling   Pulling image "alpine"
Normal   Pulled   Successfully pulled image "alpine" in 226ms (226ms including waiting). Image size: 3653068 bytes.
Normal   Created   Created container: build
Normal   Started   Started container build
Normal   Pulling   Pulling image "registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:x86_64-latest"
Normal   Pulled   Successfully pulled image "registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:x86_64-latest" in 370ms (370ms including waiting). Image size: 32935691 bytes.
Normal   Created   Created container: helper
Normal   Started   Started container helper
Running on runner-REDACTED-project-19-concurrent-0-kg92p3m0 via ratchade--20240612-H2W0T...
Getting source from Git repository
00:02
$ git config --system --add safe.directory $CI_PROJECT_DIR
Fetching changes with git depth set to 20...
hint: Using 'master' as the name for the initial branch. This default branch name
hint: is subject to change. To configure the initial branch name to use in all
hint: of your new repositories, which will suppress this warning, call:
hint: 
hint: 	git config --global init.defaultBranch <name>
hint: 
hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
hint: 'development'. The just-created branch can be renamed via this command:
hint: 
hint: 	git branch -m <name>
Initialized empty Git repository in /builds/root/go-project/.git/
Created fresh repository.
Checking out 5cb56f77 as detached HEAD (ref is master)...
Skipping Git submodules setup
$ git config --local --add safe.directory $CI_PROJECT_DIR
Executing "step_script" stage of the job script
00:01
$ echo uid and gid is set to: $(id -u):$(id -g)
uid and gid is set to: 1001:0
Cleaning up project directory and file based variables
00:01
Job succeeded

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Romuald Atchadé

Merge request reports