terraform-aws-gitlab-runner icon indicating copy to clipboard operation
terraform-aws-gitlab-runner copied to clipboard

Published 20 hours ago verified publisher icon cattle-ops

refactor!: remove manual registration of Gitlab Runner

Open kayman-mk opened this issue 4 years ago • 13 comments
trafficstars

Description

Removes the ability to register a Gitlab Runner manually (as described in #186) and pass the token into the module. This was done using secure_parameter_store_runner_token_key

It's now recommended to let the Gitlab Runner fetch the registration token from Gitlab and store it into a SSM parameter automatically.

If you use the secure_parameter_store_runner_token_key in the past: This SSM parameter is destroyed for every runner agent and a new one is created which is managed by the module. This means that new runners will register with Gitlab again.

Another way to get the token is the gitlabhq/gitlab provider. Check the data sources gitlab_group and gitlab_project. It does not work for instance runners as there is no data source available.

data "gitlab_group" "my_group" {
  group_id = 4711
}

# data.gitlab_group.my_group.runners_token contains the token

Closes #186

Migrations required

  • secure_parameter_store_runner_token_key
  • clean up the runner list in Gitlab (Settings > CI/CD > Runners) as all Runners will register again.

Verification

Deployed the new version of the module into our production environment and ran some build jobs. Worked fine.

ToDo

  • [ ] Update README.md and describe where to store the token

kayman-mk avatar Oct 14 '21 12:10 kayman-mk

@kayman-mk need a bit more time for this PR. I am happy to drop this really old feature.

npalm avatar Oct 19 '21 21:10 npalm

On my list!

npalm avatar Nov 10 '21 22:11 npalm

@kayman-mk can you rebase this PR, will check this early next week. So I can release all breaking changes at once.

npalm avatar Nov 13 '21 11:11 npalm

thx

npalm avatar Nov 13 '21 12:11 npalm

No idea what happened here

kayman-mk avatar Nov 13 '21 13:11 kayman-mk

@kayman-mk sorry for keep you waiting, quite busy.

npalm avatar Dec 30 '21 21:12 npalm

rebased

kayman-mk avatar Feb 27 '22 14:02 kayman-mk

Will dig in this PR soon, had quite some backlog.

npalm avatar Feb 27 '22 15:02 npalm

Updated with develop branch.

kayman-mk avatar Aug 06 '22 07:08 kayman-mk

@npalm Everything fixed.

kayman-mk avatar Aug 23 '22 21:08 kayman-mk

@npalm What about this PR?

kayman-mk avatar Dec 01 '22 10:12 kayman-mk

@npalm What about this PR?

Goinng to dig in.

npalm avatar Dec 05 '22 22:12 npalm

@kayman-mk, maybe we could also suggest users to use the GitLab Terraform Provider to obtain their registration token?

  • https://registry.terraform.io/providers/gitlabhq/gitlab/latest/docs/data-sources/group#runners_token
  • https://registry.terraform.io/providers/gitlabhq/gitlab/latest/docs/data-sources/project#runners_token

Way I'm using the module right now:

image

image

This would not work however for instance runners since there is no API. Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/16319

tmeijn avatar Feb 25 '23 15:02 tmeijn