terraform-aws-gitlab-runner icon indicating copy to clipboard operation
terraform-aws-gitlab-runner copied to clipboard

Published 20 hours ago verified publisher icon cattle-ops

Add support for session_server

Open roock opened this issue 6 years ago • 14 comments
trafficstars

It would be cool if we could support session_server in the gitlab runner config for interactive webterminals

https://docs.gitlab.com/ee/ci/interactive_web_terminal/index.html https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-session_server-section

roock avatar Jul 05 '19 12:07 roock

@roock cool idea, any idea thoughts for an implementation?

npalm avatar Jul 08 '19 17:07 npalm

some thoughts:

  • we would need to aquire an static Elastic IP address
  • we could assign this IP with the following script: https://github.com/skymill/aws-ec2-assign-elastic-ip
  • we would need an additiona parameter to add a rule to the security group for allowing Gitlab to the websession port

roock avatar Jul 24 '19 19:07 roock

Oh yes, a feature I missed already. Guess no work is going on at the moment, right?

kayman-mk avatar Jul 24 '20 15:07 kayman-mk

Yep, no development is going on, feel free to create a PR

npalm avatar Jul 24 '20 16:07 npalm

The EIP is assigned to the runner agent. #124 will not be solved here. I will also offer the possibility to add a rule to a load balancer instead of assigning an EIP.

kayman-mk avatar Jul 28 '20 21:07 kayman-mk

I reviewed my last comment and think that it makes no sense to add an IP or load balancer or something else. The reason is, that you should already been able to reach the runner from your gitlab instance (to start the build jobs).

kayman-mk avatar Aug 13 '20 08:08 kayman-mk

I reviewed my last comment and think that it makes no sense to add an IP or load balancer or something else. The reason is, that you should already been able to reach the runner from your gitlab instance (to start the build jobs).

Afaik there is a difference between regular runner jobs and the session Server. For regular jobs, the runner will establish a http connection to the gitlab server. For the session server, Gitlab will establish a (tls-encrypted) connection to the runner, so you will need to expose the session service to Gitlab.

roock avatar Aug 25 '20 10:08 roock

Oh yes, you are absolutely right. I will add options for an IP address and a load balancer (ALB, ELB do not work here, see https://docs.gitlab.com/ee/administration/integration/terminal.html#enabling-and-disabling-terminal-support)

kayman-mk avatar Sep 04 '20 07:09 kayman-mk

The module already supports adding an EIP directly to the instance. Not sure if it is strictly required to put it behind a ALB, although it might be a more elegant solution.

roock avatar Sep 04 '20 08:09 roock

@roock Yeah, just saw it. So nothing to do for the EIP. An ALB listener can now be passed to the module. But the test is still missing. The idea is to use either EIP or ALB. Depends on your preferences, company guidelines, ...

kayman-mk avatar Sep 04 '20 09:09 kayman-mk

Hm, still on my wishlist. Using an ALB is too complicated. Let's stick with the EIP solution which is already in place.

kayman-mk avatar Oct 14 '21 14:10 kayman-mk

Ok, let's give it another try. Stick with EIP for the base feature and add ALB support later.

kayman-mk avatar Jan 15 '22 22:01 kayman-mk