Puppet Class: gitlab_runner::config

Defined in:
modules/gitlab_runner/manifests/config.pp

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • directory (Stdlib::Absolutepath) (defaults to: '/etc/gitlab-runner')
  • concurrent (Integer) (defaults to: 3)
  • docker_image (String) (defaults to: 'docker-registry.wikimedia.org/buster:latest')
  • docker_network (String) (defaults to: 'gitlab-runner')
  • ensure_buildkitd (Wmflib::Ensure) (defaults to: 'present')
  • environment (Hash) (defaults to: {})
  • gitlab_url (Stdlib::HTTPSUrl) (defaults to: 'https://gitlab.wikimedia.org/')
  • runner_name (String) (defaults to: 'GitLab Runner')
  • enable_exporter (Boolean) (defaults to: false)
  • exporter_listen_address (Stdlib::IP::Address) (defaults to: '127.0.0.1')
  • exporter_listen_port (Integer) (defaults to: 9252)
  • check_interval (Integer) (defaults to: 3)
  • session_timeout (Integer) (defaults to: 1800)
  • gitlab_runner_user (String) (defaults to: 'gitlab-runner')
  • allowed_images (Array[String]) (defaults to: [])
  • allowed_docker_services (Array[String]) (defaults to: [])


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# File 'modules/gitlab_runner/manifests/config.pp', line 2

class gitlab_runner::config (
    Stdlib::Absolutepath     $directory               = '/etc/gitlab-runner',
    Integer                  $concurrent              = 3,
    String                   $docker_image            = 'docker-registry.wikimedia.org/buster:latest',
    String                   $docker_network          = 'gitlab-runner',
    Wmflib::Ensure           $ensure_buildkitd        = 'present',
    Hash                     $environment             = {},
    Stdlib::HTTPSUrl         $gitlab_url              = 'https://gitlab.wikimedia.org/',
    String                   $runner_name             = 'GitLab Runner',
    Boolean                  $enable_exporter         = false,
    Stdlib::IP::Address      $exporter_listen_address = '127.0.0.1',
    Integer                  $exporter_listen_port    = 9252,
    Integer                  $check_interval          = 3,
    Integer                  $session_timeout         = 1800,
    String                   $gitlab_runner_user      = 'gitlab-runner',
    Array[String]            $allowed_images          = [],
    Array[String]            $allowed_docker_services = [],
) {
    ensure_packages('python3-toml')

    # We can't use a GitLab runner config template here because the runner
    # will not pickup changes to it after registration. Instead we'll manage
    # a config file directly and then merge it and the config created during
    # registration ourselves.
    #
    $registration_config = "${directory}/registration.toml"
    $managed_config = "${directory}/managed.toml"
    $runtime_config = "${directory}/config.toml"
    $merger = '/usr/local/bin/gitlab-runner-merge-configs.py'

    file { $managed_config:
        owner   => $gitlab_runner_user,
        mode    => '0400',
        content => template('gitlab_runner/config.toml.erb'),
        require => Package['gitlab-runner'],
        notify  => Exec['gitlab-runner-merge-configs'],
    }

    file { $runtime_config:
        owner => $gitlab_runner_user,
        mode  => '0600',
    }

    file { $merger:
        ensure => 'present',
        owner  => 'root',
        group  => 'root',
        mode   => '0755',
        source => 'puppet:///modules/gitlab_runner/gitlab-runner-merge-configs.py',
    }

    exec { 'gitlab-runner-merge-configs':
        user        => $gitlab_runner_user,
        command     => "${merger} '${registration_config}' '${managed_config}' > '${runtime_config}'",
        refreshonly => true,
        notify      => Systemd::Service['gitlab-runner'],
        require     => [
            File[$runtime_config],
            File[$managed_config],
        ],
    }

    systemd::service{ 'gitlab-runner':
        ensure         => 'present',
        content        => template('gitlab_runner/gitlab-runner.service.erb'),
        service_params => {'restart' => 'systemctl restart -s SIGQUIT gitlab-runner'},
        override       => true, #override default unit file for non-root user
    }
}