Puppet Class: gitlab_runner::config

Defined in:
modules/gitlab_runner/manifests/config.pp

Summary

configure gitlab-runner config.toml and systemd unit file

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • directory (Stdlib::Absolutepath) (defaults to: '/etc/gitlab-runner')

    Location of config files and tokens.

  • concurrent (Integer) (defaults to: 3)

    Number of jobs that can run concurrently.

  • docker_image (String) (defaults to: 'docker-registry.wikimedia.org/bookworm:latest')

    Default Docker image used for jobs.

  • pull_policy (Array[String]) (defaults to: ['always'])

    Docker image pull policies (e.g., 'always').

  • docker_network (String) (defaults to: 'gitlab-runner')

    Docker network to attach containers to.

  • ensure_buildkitd (Wmflib::Ensure) (defaults to: 'present')

    Whether buildkitd should be ensured (e.g., 'present' or 'absent').

  • environment (Wmflib::POSIX::Variables) (defaults to: {})

    Environment variables passed to the runner as a hash.

  • gitlab_url (Stdlib::HTTPSUrl) (defaults to: 'https://gitlab.wikimedia.org/')

    URL of the GitLab instance the runner should connect to.

  • runner_name (String) (defaults to: 'GitLab Runner')

    Name to assign to the runner.

  • enable_exporter (Boolean) (defaults to: false)

    Whether to enable Prometheus exporter for metrics.

  • exporter_listen_address (Stdlib::IP::Address) (defaults to: '127.0.0.1')

    IP address the exporter listens on.

  • exporter_listen_port (Integer) (defaults to: 9252)

    Port the exporter listens on.

  • check_interval (Integer) (defaults to: 3)

    Time (in seconds) between GitLab job checks.

  • session_timeout (Integer) (defaults to: 1800)

    Timeout (in seconds) for job sessions.

  • gitlab_runner_user (String) (defaults to: 'gitlab-runner')

    System user under which the runner service runs.

  • allowed_images (Array[String]) (defaults to: [])

    List of Docker images that are allowed to be used.

  • allowed_docker_services (Array[String]) (defaults to: [])

    List of allowed Docker services.

  • output_limit (Integer) (defaults to: 4096)

    Maximum size (in KB) of job output logs.



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
# File 'modules/gitlab_runner/manifests/config.pp', line 21

class gitlab_runner::config (
    Stdlib::Absolutepath     $directory               = '/etc/gitlab-runner',
    Integer                  $concurrent              = 3,
    String                   $docker_image            = 'docker-registry.wikimedia.org/bookworm:latest',
    Array[String]            $pull_policy             = ['always'],
    String                   $docker_network          = 'gitlab-runner',
    Wmflib::Ensure           $ensure_buildkitd        = 'present',
    Wmflib::POSIX::Variables $environment             = {},
    Stdlib::HTTPSUrl         $gitlab_url              = 'https://gitlab.wikimedia.org/',
    String                   $runner_name             = 'GitLab Runner',
    Boolean                  $enable_exporter         = false,
    Stdlib::IP::Address      $exporter_listen_address = '127.0.0.1',
    Integer                  $exporter_listen_port    = 9252,
    Integer                  $check_interval          = 3,
    Integer                  $session_timeout         = 1800,
    String                   $gitlab_runner_user      = 'gitlab-runner',
    Array[String]            $allowed_images          = [],
    Array[String]            $allowed_docker_services = [],
    Integer                  $output_limit            = 4096,
) {
    ensure_packages('python3-toml')

    # We can't use a GitLab runner config template here because the runner
    # will not pickup changes to it after registration. Instead we'll manage
    # a config file directly and then merge it and the config created during
    # registration ourselves.
    #
    $registration_config = "${directory}/registration.toml"
    $managed_config = "${directory}/managed.toml"
    $runtime_config = "${directory}/config.toml"
    $merger = '/usr/local/bin/gitlab-runner-merge-configs.py'

    file { $managed_config:
        owner   => $gitlab_runner_user,
        mode    => '0400',
        content => template('gitlab_runner/config.toml.erb'),
        require => Package['gitlab-runner'],
        notify  => Exec['gitlab-runner-merge-configs'],
    }

    file { $runtime_config:
        owner => $gitlab_runner_user,
        mode  => '0600',
    }

    file { $merger:
        ensure => 'present',
        owner  => 'root',
        group  => 'root',
        mode   => '0755',
        source => 'puppet:///modules/gitlab_runner/gitlab-runner-merge-configs.py',
    }

    exec { 'gitlab-runner-merge-configs':
        user        => $gitlab_runner_user,
        command     => "${merger} '${registration_config}' '${managed_config}' > '${runtime_config}'",
        refreshonly => true,
        notify      => Systemd::Service['gitlab-runner'],
        require     => [
            File[$runtime_config],
            File[$managed_config],
        ],
    }

    systemd::service{ 'gitlab-runner':
        ensure         => 'present',
        content        => template('gitlab_runner/gitlab-runner.service.erb'),
        service_params => {'restart' => 'systemctl restart -s SIGQUIT gitlab-runner'},
        override       => true, #override default unit file for non-root user
    }
}