1. 技术文章
  2. Change Gitlab CI Runner user

Change Gitlab CI Runner user

拟墨画扇 提交于 2019-12-13 11:32:39

问题


Currently when I start a build in GitlabCI it is running under gitlab-runner user. I want to change it the company's internal user. I didn't find any parameter to the /etc/gitlab-runner/config.toml which is solve that.

My current configuration: 

concurrent = 1
[[runners]]
  name = "deploy"
  url = ""
  token = ""
  executor = "shell"

回答1:


Running ps aux you can see:

/usr/bin/gitlab-ci-multi-runner run --working-directory /home/gitlab-runner --config /etc/gitlab-runner/config.toml --service gitlab-runner --syslog --user gitlab-runner

Service is running with option --user.

So let's change this, it depends on what distro. you are running it. If systemd, there is a file:

/etc/systemd/system/gitlab-runner.service:

[Service]
StartLimitInterval=5
StartLimitBurst=10
ExecStart=/usr/bin/gitlab-ci-multi-runner "run" "--working-directory" "/home/gitlab-runner" "--config" "/etc/gitlab-runner/config.toml" "--se

Bingo, let's change this file now:

gitlab-runner uninstall

gitlab-runner install --working-directory /home/ubuntu --user ubuntu

reboot the machine or reload the service (i.e. systemctl daemon-reload), et voilà!




回答2:


Note that when installing with a specific user (--user), whenever you update, it will revert back to the original systemd script and so, back to using gitlab-runner user.

in order to keep the user change across updates, using systemd overrides (centos7) you can use these steps (assuming service is at /etc/systemd/system/gitlab-runner.service):

  1. Create a /etc/systemd/system/gitlab-runner.service.d directory.

  2. Create a /etc/systemd/system/gitlab-runner.service.d/exec_start.conf file, with content:

    [Service]
ExecStart=
ExecStart=/usr/lib/gitlab-runner/gitlab-runner "run" "--working-directory" "/home/ubuntu" "--config" "/etc/gitlab-runner/config.toml" "--service" "gitlab-runner" "--syslog" "--user" "ubuntu"

  3. Execute systemctl daemon-reload


Now to check this is working, you can do this:

  1. Reinstall GitLab Runner package gitlab-runner uninstall and then gitlab-runner install

  2. Check ps aux | grep gitlab and confirm the right user is being used

source: https://gitlab.com/gitlab-org/gitlab-runner/issues/3675




回答3:


[DEPRECATED ANSWER]

I found a solution, which is not best pactrice but solved it. I need to use the ssh executer and ssh to localhost. It is require to add gitlab-runner id_rsa.pub to the user's authorized_keys what you want to use. There is my extended code:

concurrent = 1

[[runners]]
  name = "deploy"
  url = ""
  token = ""
  executor = "ssh"
  [runners.ssh]
    user = "user"
    host = "localhost"
    port = "22"
    identity_file = "/home/gitlab-runner/.ssh/id_rsa"



回答4:


Just for future reference, I was doing a test with a cloned version of my setup, if the domainname is not pointing to the server you are working with, gitlab might consider your runners offline. If you have another (copied) instance running at the ip the domain is pointing at and there is no firewall blocking, the gitlab-runner verify command will say your runners are alive.

a solution could be adding your domain pointing to 127.0.0.1 to your hosts file. you'll have to restart your gitlab instance and runners.



来源:https://stackoverflow.com/questions/37187899/change-gitlab-ci-runner-user

标签
gitlab
gitlab-ci
gitlab-ci-runner
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!