Auto-register GitLab runner

Question

I have a docker-compose.yml file that sets up Gitlab, Container Registry and a Gitlab Runner.

version: '2'

services:
  redis:
    restart: always
    image: sameersbn/redis:latest
    command:
    - --loglevel warning
    volumes:
    - redis:/var/lib/redis:Z

  postgresql:
    restart: always
    image: sameersbn/postgresql:9.5-3
    volumes:
    - postgresql:/var/lib/postgresql:Z
    environment:
    - DB_USER=gitlab
    - DB_PASS=password
    - DB_NAME=gitlabhq_production
    - DB_EXTENSION=pg_trgm

  gitlab:
    restart: always
    image: sameersbn/gitlab:10.1.1
    volumes:
    - gitlab-data:/home/git/data:Z
    - gitlab-logs:/var/log/gitlab
    - ./certs:/certs
    depends_on:
    - redis
    - postgresql
    ports:
    - "80:80"
    - "2222:22"
    external_links:
    - "registry:registry"
    environment:
    - DEBUG=false

    - DB_ADAPTER=postgresql
    - DB_HOST=postgresql
    - DB_PORT=5432
    - DB_USER=gitlab
    - DB_PASS=password
    - DB_NAME=gitlabhq_production

    - REDIS_HOST=redis
    - REDIS_PORT=6379

    - GITLAB_HTTPS=false # <---
    - SSL_SELF_SIGNED=true # <---

    - GITLAB_HOST=192.168.99.100 # <---
    - GITLAB_PORT=80
    - GITLAB_SSH_PORT=2222
    - GITLAB_SHELL_SSH_PORT=2222
    - GITLAB_RELATIVE_URL_ROOT=
    - GITLAB_SECRETS_DB_KEY_BASE=secret
    - GITLAB_SECRETS_SECRET_KEY_BASE=secret
    - GITLAB_SECRETS_OTP_KEY_BASE=secret

    - GITLAB_REGISTRY_ENABLED=true
    - GITLAB_REGISTRY_HOST=localhost # <---
    - GITLAB_REGISTRY_PORT=4567
    - GITLAB_REGISTRY_API_URL=https://localhost:4567/ # Internal address to the registry, will be used by GitLab to directly communicate with API.
    - GITLAB_REGISTRY_CERT_PATH=/certs/localhost-auth.crt # <---
    - GITLAB_REGISTRY_KEY_PATH=/certs/localhost-auth.key # <---

# Read here --> https://hub.docker.com/r/sameersbn/gitlab-ci-multi-runner/
  runner:
    restart: always
    image: gitlab/gitlab-runner:latest
    external_links:
    - "gitlab:gitlab" # <---
    environment:
    - CI_SERVER_URL=http://192.168.99.100:80/ci/
    - RUNNER_TOKEN=1XoJuQeyyN3EZxAt7pkn # < ------------------- different every time
    - RUNNER_DESCRIPTION=default_runner
    - RUNNER_EXECUTOR=shell

  registry:
    restart: always
    image: registry:2.4.1
    ports:
    - "4567:5000" # <---
    volumes:
    - registry-data:/var/lib/registry
    - ./certs:/certs
    external_links:
    - "gitlab:gitlab" # <---
    environment:
    - REGISTRY_LOG_LEVEL=info
    - REGISTRY_STORAGE_DELETE_ENABLED=true
    - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry

    - REGISTRY_AUTH_TOKEN_REALM=http://localhost/jwt/auth # <---
    - REGISTRY_AUTH_TOKEN_SERVICE=container_registry
    - REGISTRY_AUTH_TOKEN_ISSUER=localhost
    - REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/certs/localhost-auth.crt # <---

    - SSL_REGISTRY_KEY_PATH=/certs/localhost-auth.key # <---
    - SSL_REGISTRY_CERT_PATH=/certs/localhost-auth.crt # <---

    - REGISTRY_HTTP_TLS_CERTIFICATE=/certs/localhost-auth.crt # <---
    - REGISTRY_HTTP_TLS_KEY=/certs/localhost-auth.key # <---
    - REGISTRY_HTTP_SECRET=secret

  portainer:
    image: portainer/portainer
    ports:
      - "9000:9000"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "/opt/portainer:/data"

volumes:
    gitlab-data:
    gitlab-logs:
    postgresql:
    redis:
    registry-data:

The problem is that the runner is not registered and I have to do it every time manually (not succeeded yet though). I would like to be registered automatically to the Gitlab server with the auto-generated token so I [or the arbitrary dev that would use the docker-compose.yml file] do not care about that.

I am trying to find a way to grab the token and feed it to the runner. Is it possible in any way?

Answer 1

You can either (1) mount your /etc/gitlab-runner directory and keep it persistent or (2) create an entrypoint script that registers the runner every time the container starts.

For example, you may have an entrypoint script like this:

#!/usr/bin/env bash
# entrypoint.sh
gitlab-runner register \
  --non-interactive \
  --url "${CI_SERVER_URL}/" \
  --registration-token "${RUNNER_TOKEN}" \
  --executor "${RUNNER_EXECUTOR}" \
  --descritpion="${RUNNER_DESCRIPTION}" \
  --config="/etc/gitlab-runner/config.toml"

# call original gitlab-runner entrypoint with CMD args
exec /usr/bin/dumb-init /entrypoint "$@"

And a dockerfile for the runner like this:

FROM gitlab/gitlab-runner:v14.8.2

COPY entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT ["./docker-entrypoint.sh"]

# Need to redefine original CMD provided by the parent image after setting ENTRYPOINT
CMD ["run", "--user=gitlab-runner", "--working-directory=/home/gitlab-runner"]

This is just one way of expressing the solution. In principle, you don't need to custom-build the image -- you could make an equivalent entrypoint: key in your compose file and skip the custom dockerfile.