├── .dockerignore ├── .gitignore ├── Changelog.md ├── Dockerfile ├── LICENSE ├── Makefile ├── README.md ├── VERSION └── assets ├── init └── setup └── install /.dockerignore: -------------------------------------------------------------------------------- 1 | .git 2 | VERSION 3 | README.md 4 | Changelog.md 5 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.gem 2 | *.tar.gz 3 | -------------------------------------------------------------------------------- /Changelog.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | 3 | **5.2.1** 4 | - init: removed `CI_RUNNERS_COUNT` option, not recommended 5 | - gitlab-ci-runner: upgrade to v.5.2.1 6 | 7 | **5.0.0-2** 8 | - added CI_RUNNERS_COUNT option to allow launching multiple runners 9 | - start runner as gitlab_ci_runner user 10 | - purge development packages after install. shaves off ~150MB from the image. 11 | - rebase image on sameersbn/debian:jessie.20140918 base image 12 | - upgrade to sameersbn/ubuntu:14.04.20150120 13 | 14 | **5.0.0-1** 15 | - Create deploy keys for root user 16 | - update to sameersbn/ubuntu:14.04.20140628 image 17 | - update to the sameersbn/ubuntu:12.04.20140818 baseimage 18 | - update to the sameersbn/ubuntu:12.04.20140812 baseimage 19 | - shallow clone gitlab-ci-runner 20 | - update to sameersbn/ubuntu:14.04.20140628 base image 21 | - removed sshd start, use nsenter instead 22 | 23 | **5.0.0** 24 | - upgrade to gitlab-ci-runner 5.0.0 25 | - upgrade to sameersbn/ubuntu:14.04.20140505 base image 26 | - added CA_CERTIFICATES_PATH configuration option 27 | - use sameersbn/ubuntu as the base docker image 28 | - install ruby2.0 via ppa 29 | 30 | **4.0.0** 31 | - initial creation, adapted from https://github.com/sameersbn/docker-gitlab-ci 32 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM sameersbn/ubuntu:14.04.20150712 2 | MAINTAINER sameer@damagehead.com 3 | 4 | RUN apt-key adv --keyserver keyserver.ubuntu.com --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 \ 5 | && echo "deb http://ppa.launchpad.net/git-core/ppa/ubuntu trusty main" >> /etc/apt/sources.list \ 6 | && apt-key adv --keyserver keyserver.ubuntu.com --recv 80F70E11F0F0D5F10CB20E62F5DA5F09C3173AA6 \ 7 | && echo "deb http://ppa.launchpad.net/brightbox/ruby-ng/ubuntu trusty main" >> /etc/apt/sources.list \ 8 | && apt-get update \ 9 | && apt-get install -y supervisor git-core openssh-client ruby2.1 \ 10 | zlib1g libyaml-0-2 libssl1.0.0 \ 11 | libgdbm3 libreadline6 libncurses5 libffi6 \ 12 | libxml2 libxslt1.1 libcurl3 libicu52 \ 13 | && gem install --no-document bundler \ 14 | && rm -rf /var/lib/apt/lists/* # 20150712 15 | 16 | ADD assets/setup/ /app/setup/ 17 | RUN chmod 755 /app/setup/install 18 | RUN /app/setup/install 19 | 20 | ADD assets/init /app/init 21 | RUN chmod 755 /app/init 22 | 23 | VOLUME ["/home/gitlab_ci_runner/data"] 24 | 25 | ENTRYPOINT ["/app/init"] 26 | CMD ["app:start"] 27 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2014 Sameer Naik 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | all: build 2 | 3 | build: 4 | @docker build --tag=${USER}/gitlab-ci-runner . 5 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | **NOTICE**: `gitlab-ci-runner` has been deprecated by GitLab in favour of the highly performant and feature rich [gitlab-ci-multi-runner](https://gitlab.com/gitlab-org/gitlab-ci-multi-runner). `gitlab-ci-multi-runner` is implemented in golang and has the ability to launch CI tests in docker containers. 3 | 4 | # Table of Contents 5 | - [Introduction](#introduction) 6 | - [Version](#version) 7 | - [Changelog](Changelog.md) 8 | - [Contributing](#contributing) 9 | - [Reporting Issues](#reporting-issues) 10 | - [Installation](#installation) 11 | - [Quick Start](#quick-start) 12 | - [Configuration](#configuration) 13 | - [Data Store](#data-store) 14 | - [Installing Trusted SSL Server Certificates](#installing-trusted-ssl-server-certificates) 15 | - [Deploy Keys](#deploy-keys) 16 | - [Configuration Parameters](#configuration-parameters) 17 | - [Shell Access](#shell-access) 18 | - [Upgrading](#upgrading) 19 | - [References](#references) 20 | 21 | # Introduction 22 | 23 | Dockerfile to build a GitLab CI Runner base image. You can use this as the base image to build your own runner images. The [sameersbn/runner-gitlab](https://github.com/sameersbn/docker-runner-gitlab) project demonstrates its use to build a CI image for GitLab CE. 24 | 25 | ## Version 26 | 27 | Current Version: **5.2.1** 28 | 29 | # Contributing 30 | 31 | If you find this image useful here's how you can help: 32 | 33 | - Send a Pull Request with your awesome new features and bug fixes 34 | - Help new users with [Issues](https://github.com/sameersbn/docker-gitlab-ci-runner/issues) they may encounter 35 | - Support the development of this image with a [donation](http://www.damagehead.com/donate/) 36 | 37 | # Reporting Issues 38 | 39 | Docker is a relatively new project and is active being developed and tested by a thriving community of developers and testers and every release of docker features many enhancements and bugfixes. 40 | 41 | Given the nature of the development and release cycle it is very important that you have the latest version of docker installed because any issue that you encounter might have already been fixed with a newer docker release. 42 | 43 | For ubuntu users I suggest [installing docker](https://docs.docker.com/installation/ubuntulinux/) using docker's own package repository since the version of docker packaged in the ubuntu repositories are a little dated. 44 | 45 | Here is the shortform of the installation of an updated version of docker on ubuntu. 46 | 47 | ```bash 48 | sudo apt-get purge docker.io 49 | curl -s https://get.docker.com/ | sudo sh 50 | sudo apt-get update 51 | sudo apt-get install lxc-docker 52 | ``` 53 | 54 | Fedora and RHEL/CentOS users should try disabling selinux with `setenforce 0` and check if resolves the issue. If it does than there is not much that I can help you with. You can either stick with selinux disabled (not recommended by redhat) or switch to using ubuntu. 55 | 56 | If using the latest docker version and/or disabling selinux does not fix the issue then please file a issue request on the [issues](https://github.com/sameersbn/docker-gitlab-ci-runner/issues) page. 57 | 58 | In your issue report please make sure you provide the following information: 59 | 60 | - The host ditribution and release version. 61 | - Output of the `docker version` command 62 | - Output of the `docker info` command 63 | - The `docker run` command you used to run the image (mask out the sensitive bits). 64 | 65 | # Installation 66 | 67 | Pull the latest version of the image from the docker index. This is the recommended method of installation as it is easier to update image in the future. These builds are performed by the **Docker Trusted Build** service. 68 | 69 | ```bash 70 | docker pull sameersbn/gitlab-ci-runner:latest 71 | ``` 72 | 73 | Starting from GitLab CI Runner version `5.2.1`, You can pull a particular version of GitLab CI Runner by specifying the version number. For example, 74 | 75 | ```bash 76 | docker pull sameersbn/gitlab-ci-runner:5.2.1 77 | ``` 78 | 79 | Alternately you can build the image yourself. 80 | 81 | ```bash 82 | git clone https://github.com/sameersbn/docker-gitlab-ci-runner.git 83 | cd docker-gitlab-ci-runner 84 | docker build --tag="$USER/gitlab-ci-runner" . 85 | ``` 86 | 87 | # Quick Start 88 | 89 | For a runner to do its trick, it has to first be registered/authorized on the GitLab CI server. This can be done by running the image with the `app:setup` command. 90 | 91 | ```bash 92 | mkdir -p /opt/gitlab-ci-runner 93 | docker run --name gitlab-ci-runner -it --rm \ 94 | -v /opt/gitlab-ci-runner:/home/gitlab_ci_runner/data \ 95 | sameersbn/gitlab-ci-runner:5.2.1 app:setup 96 | ``` 97 | 98 | The command will prompt you to specify the location of the GitLab CI server and provide the registration token to access the server. With this out of the way the image is ready, lets get is started. 99 | 100 | ```bash 101 | docker run --name gitlab-ci-runner -it --rm \ 102 | -v /opt/gitlab-ci-runner:/home/gitlab_ci_runner/data \ 103 | sameersbn/gitlab-ci-runner:5.2.1 104 | ``` 105 | 106 | You now have a basic runner up and running. But in this form its more or less useless. See [sameersbn/runner-gitlab](https://github.com/sameersbn/docker-runner-gitlab) to understand how you can use this base image to build a runner for your own projects. 107 | 108 | # Configuration 109 | 110 | ## Data Store 111 | 112 | GitLab CI Runner saves the configuration for connection and access to the GitLab CI server. In addition, SSH keys are generated as well. To make sure this configuration is not lost when when the container is stopped/deleted, we should mount a data store volume at 113 | 114 | * `/home/gitlab_ci_runner/data` 115 | 116 | Volumes can be mounted in docker by specifying the **'-v'** option in the docker run command. 117 | 118 | ```bash 119 | mkdir /opt/gitlab-ci-runner 120 | docker run --name gitlab-ci-runner -it --rm -h gitlab-ci-runner.local.host \ 121 | -v /opt/gitlab-ci-runner:/home/gitlab_ci_runner/data \ 122 | sameersbn/gitlab-ci-runner:5.2.1 123 | ``` 124 | 125 | ## Installing Trusted SSL Server Certificates 126 | 127 | If your GitLab server is using self-signed SSL certificates then you should make sure the GitLab server certificate is trusted on the runner for the git clone operations to work. 128 | 129 | The default path the runner is configured to look for the trusted SSL certificates is at `/home/gitlab_ci_runner/data/certs/ca.crt`, this can however be changed using the `CA_CERTIFICATES_PATH` configuration option. 130 | 131 | If you remember from above, the `/home/gitlab_ci_runner/data` is the path of the [data store](#data-store), which means that we have to create a folder named `certs` inside `/opt/gitlab-ci-runner/data/` and copy the `ca.crt` file into it. 132 | 133 | The `ca.crt` file should contain the root certificates of all the servers you want to trust. With respect to GitLab, this will be the contents of the `gitlab.crt` file as described in the [README](https://github.com/sameersbn/docker-gitlab/blob/master/README.md#ssl) of the [docker-gitlab](https://github.com/sameersbn/docker-gitlab) container. 134 | 135 | # Deploy Keys 136 | 137 | The image automatically generates a deploy keys for the `gitlab_ci_runner` user and these keys are available at the data volume at `/home/gitlab_ci_runner/data/.ssh`. You can overwrite these keys if you wish to do so. 138 | 139 | If the runner needs to access a private git repo then add the generated public key to your projects deploy keys so that the runner can clone the required repos. 140 | 141 | *NOTE: The deploy keys are generated without a passphrase.* 142 | 143 | # Configuration Parameters 144 | 145 | *Please refer the docker run command options for the `--env-file` flag where you can specify all required environment variables in a single file. This will save you from writing a potentially long docker run command.* 146 | 147 | Below is the list of available options that you can use to configure your runner. 148 | 149 | - **CI_SERVER_URL**: The hostname of the GitLab CI server. No defaults 150 | - **REGISTRATION_TOKEN**: The token to use to register on the CI server 151 | *The above two options are only applicable if you want to skip the `app:setup` step and want to instead provide these parameters at launch. Additionally, they are effective only the first time you launch the container* 152 | 153 | # Shell Access 154 | 155 | For debugging and maintenance purposes you may want access the containers shell. If you are using docker version `1.3.0` or higher you can access a running containers shell using `docker exec` command. 156 | 157 | ```bash 158 | docker exec -it gitlab-ci-runner bash 159 | ``` 160 | 161 | If you are using an older version of docker, you can use the [nsenter](http://man7.org/linux/man-pages/man1/nsenter.1.html) linux tool (part of the util-linux package) to access the container shell. 162 | 163 | Some linux distros (e.g. ubuntu) use older versions of the util-linux which do not include the `nsenter` tool. To get around this @jpetazzo has created a nice docker image that allows you to install the `nsenter` utility and a helper script named `docker-enter` on these distros. 164 | 165 | To install `nsenter` execute the following command on your host, 166 | 167 | ```bash 168 | docker run --rm -v /usr/local/bin:/target jpetazzo/nsenter 169 | ``` 170 | 171 | Now you can access the container shell using the command 172 | 173 | ```bash 174 | sudo docker-enter gitlab-ci-runner 175 | ``` 176 | 177 | For more information refer https://github.com/jpetazzo/nsenter 178 | 179 | # Upgrading 180 | 181 | To update the runner, simply stop the image and pull the latest version from the docker index. 182 | 183 | ```bash 184 | docker pull sameersbn/gitlab-ci-runner:5.2.1 185 | docker stop gitlab-ci-runner 186 | docker rm gitlab-ci-runner 187 | docker run --name gitlab-ci-runner -d [OPTIONS] sameersbn/gitlab-ci-runner:5.2.1 188 | ``` 189 | 190 | # References 191 | * https://gitlab.com/gitlab-org/gitlab-ci-runner/blob/master/README.md 192 | -------------------------------------------------------------------------------- /VERSION: -------------------------------------------------------------------------------- 1 | 5.2.1 2 | -------------------------------------------------------------------------------- /assets/init: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | HOME_DIR="/home/gitlab_ci_runner" 5 | INSTALL_DIR="${HOME_DIR}/gitlab-ci-runner" 6 | DATA_DIR="${HOME_DIR}/data" 7 | 8 | CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-$DATA_DIR/certs/ca.crt} 9 | 10 | # create and take ownership of ${DATA_DIR} 11 | mkdir -p ${DATA_DIR} 12 | chown gitlab_ci_runner:gitlab_ci_runner ${DATA_DIR} 13 | 14 | # create the builds directory 15 | sudo -u gitlab_ci_runner -H mkdir -p ${DATA_DIR}/builds/ 16 | 17 | # create the .ssh directory 18 | sudo -u gitlab_ci_runner -H mkdir -p ${DATA_DIR}/.ssh/ 19 | 20 | # generate deploy key 21 | if [ ! -e ${DATA_DIR}/.ssh/id_rsa -o ! -e ${DATA_DIR}/.ssh/id_rsa.pub ]; then 22 | echo "Generating SSH deploy keys..." 23 | rm -rf ${DATA_DIR}/.ssh/id_rsa ${DATA_DIR}/.ssh/id_rsa.pub 24 | sudo -u gitlab_ci_runner -H ssh-keygen -t rsa -N "" -f ${DATA_DIR}/.ssh/id_rsa 25 | fi 26 | 27 | # make sure the ssh keys have the right ownership and permissions 28 | chmod 600 ${DATA_DIR}/.ssh/id_rsa ${DATA_DIR}/.ssh/id_rsa.pub 29 | chmod 700 ${DATA_DIR}/.ssh 30 | chown -R gitlab_ci_runner:gitlab_ci_runner ${DATA_DIR}/.ssh/ 31 | 32 | cd ${INSTALL_DIR} 33 | 34 | if [ -f "${CA_CERTIFICATES_PATH}" ]; then 35 | echo "Updating CA certificates..." 36 | cp "${CA_CERTIFICATES_PATH}" /usr/local/share/ca-certificates/ca.crt 37 | update-ca-certificates --fresh >/dev/null 38 | fi 39 | 40 | appStart () { 41 | echo "Starting gitlab-ci-runner..." 42 | 43 | # make sure the runner is configured 44 | if [ ! -e ${DATA_DIR}/config.yml ]; then 45 | appSetup 46 | fi 47 | 48 | # remove stale runners.pid if it exists 49 | sudo -u gitlab_ci_runner -H rm -rf ${INSTALL_DIR}/tmp/pids/runners.pid 50 | 51 | sudo -u gitlab_ci_runner -H ln -sf ${DATA_DIR}/config.yml config.yml 52 | exec /usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf 53 | } 54 | 55 | appSetup () { 56 | if [ -n "${CI_SERVER_URL}" -a -n "${REGISTRATION_TOKEN}" ]; then 57 | sudo -u gitlab_ci_runner -H CI_SERVER_URL=${CI_SERVER_URL} REGISTRATION_TOKEN=${REGISTRATION_TOKEN} bundle exec ./bin/setup 58 | else 59 | sudo -u gitlab_ci_runner -H bundle exec ./bin/setup 60 | fi 61 | sudo -u gitlab_ci_runner -H mv config.yml ${DATA_DIR}/config.yml 62 | } 63 | 64 | appHelp () { 65 | echo "Available options:" 66 | echo " app:start - Starts the gitlab-ci server (default)" 67 | echo " app:setup - Setup the runner. Interactively or by passing URL and Token as params." 68 | echo " app:help - Displays the help" 69 | echo " [command] - Execute the specified linux command eg. bash." 70 | } 71 | 72 | case "$1" in 73 | app:start) 74 | appStart 75 | ;; 76 | app:setup) 77 | appSetup 78 | ;; 79 | app:help) 80 | appHelp 81 | ;; 82 | *) 83 | if [ -x $1 ]; then 84 | $1 85 | else 86 | prog=$(which $1) 87 | if [ -n "${prog}" ] ; then 88 | shift 1 89 | $prog $@ 90 | else 91 | appHelp 92 | fi 93 | fi 94 | ;; 95 | esac 96 | 97 | exit 0 98 | -------------------------------------------------------------------------------- /assets/setup/install: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | GITLAB_CI_RUNNER_VERSION=5.2.1 5 | 6 | HOME_DIR="/home/gitlab_ci_runner" 7 | INSTALL_DIR="${HOME_DIR}/gitlab-ci-runner" 8 | DATA_DIR="${HOME_DIR}/data" 9 | SETUP_DIR="/app/setup" 10 | GEM_CACHE_DIR="${SETUP_DIR}/cache" 11 | 12 | # add git user 13 | adduser --disabled-login --gecos 'GitLab CI Runner' gitlab_ci_runner 14 | 15 | ln -s ${DATA_DIR}/.ssh ${HOME_DIR}/.ssh 16 | 17 | # shallow clone gitlab-ci-runner 18 | sudo -u gitlab_ci_runner -H git clone -b v${GITLAB_CI_RUNNER_VERSION} --depth 1 \ 19 | https://github.com/gitlabhq/gitlab-ci-runner.git ${INSTALL_DIR} 20 | 21 | cd ${INSTALL_DIR} 22 | 23 | # rebuild apt cache 24 | apt-get update 25 | 26 | # install build dependencies for gem installation 27 | apt-get install -y gcc g++ patch make \ 28 | libc6-dev ruby2.1-dev zlib1g-dev libyaml-dev libssl-dev \ 29 | libgdbm-dev libreadline-dev libncurses5-dev libffi-dev \ 30 | libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev 31 | 32 | # install gems required by gitlab-ci-runner, use cache if available 33 | if [ -d "${GEM_CACHE_DIR}" ]; then 34 | mkdir -p vendor && mv ${GEM_CACHE_DIR} vendor/ 35 | chown -R gitlab_ci_runner:gitlab_ci_runner vendor/ 36 | fi 37 | sudo -u gitlab_ci_runner -H bundle install -j$(nproc) --path vendor/bundle 38 | 39 | # create tmp/pids directory 40 | sudo -u gitlab_ci_runner -H mkdir -m 0755 -p tmp/pids 41 | 42 | # create symlink to builds directory 43 | rm -rf tmp/builds 44 | ln -sf ${DATA_DIR}/builds tmp/builds 45 | 46 | touch /var/log/gitlab_ci_runner.log 47 | chown gitlab_ci_runner:gitlab_ci_runner /var/log/gitlab_ci_runner.log 48 | 49 | cat > /etc/supervisor/conf.d/runner.conf <