[K8S Gitlab Runner] helm chart does not support breaking change in DIND 19.03 -- TLS as a default
workarounds for non-helm deployments are noted in gitlab-runner#4501 (closed) and https://gitlab.com/gitlab-org/gitlab-ce/issues/64968 essentially, the workarounds either
- disable TLS for job containers by setting
DOCKER_TLS_CERTDIR=''
, or - enabling a mount of the "/certs" folder into the runner via the
config.toml
file
The current helm chart for the runner has a config.toml
config.toml as part of its Configmap that does not mount a shared certificates folder into the runner, job or service containers.
--- Current State ---
At the moment, the version of the runners installed by project->Operations->Kubernetes->Gitlab Runner
requires TLS connection to docker daemon to be disabled with workaround 1 above
--- Desired outcome ---
Modify the config.toml
used by the helm chart deployment to allow a shared certificates volume to be shared between the CI runner, job and service containers.
Proposal
- gitlab-runner#3997 (moved) which will allow helm users to define kubernetes volumes inside of the helm chart
- Update our default values.yml in our kubernetes integration so that it defines this volume.
Edited by Steve Xuereb