Add playbook for installing and setting up gitlab-runner

40494471 · Karel van Klink · ac57cfe1 · 40494471 · 40494471 · 40494471
Verified Commit 40494471 authored 2 years ago by Karel van Klink
--- a/.gitignore
+++ b/.gitignore
 *.idea/
+group_vars/ci-runners.yml
--- a/README.md
+++ b/README.md
+# Ansible playbook for deploying a GAP GitLab CI runner
+
+This playbook is used to install the gitlab-runner package on a VM.
+
+To run this playbook:
+
+ 1. Provision a 'nat_ci' VM in Puppet
+ 2. Get the ip address of the new VM, and configure your ssh environment
+ 3. Create & activate a python virtual environment and install ansible
+ 4. Update inventory.yml so that your VM is defined in the "gitlab-runner" group
+ 5. Update group_vars/ci-runners.yml with your gitlab.geant.net username and personal access token
+ 6. Install the `community.general` collection from Ansible galaxy with the following command: `ansible-galaxy collection install community.general`
+ 7. Run the following command to execute the playbook: `ansible-playbook -i inventory.yml playbook.yml`
--- a/group_vars/ci-runners.yml.example
+++ b/group_vars/ci-runners.yml.example
+runner:
+  gitlab_url: 'https://gitlab.geant.org/'
+  access_token: xxx
+  registration_token: xxx
+  runner_tags:
+    - gap
+    - nat
--- a/inventory.yml
+++ b/inventory.yml
+ci-runners:
+  hosts:
+    test-nat-ci01:
+      ansible_host:
+        test-nat-ci01
--- a/playbook.yml
+++ b/playbook.yml
+- name: Install and set up a GitLab CI runner
+  hosts: ci-runners
+  become: true
+  roles:
+    - gitlab-runner
--- a/roles/gitlab-runner/files/pin-gitlab-runner.pref
+++ b/roles/gitlab-runner/files/pin-gitlab-runner.pref
+Explanation: Prefer GitLab provided packages over the Debian native ones
+Package: gitlab-runner
+Pin: origin packages.gitlab.com
+Pin-Priority: 1001
--- a/roles/gitlab-runner/tasks/main.yml
+++ b/roles/gitlab-runner/tasks/main.yml
+- name: Add GitLab runner APT repository
+  ansible.builtin.shell:
+    cmd: curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh | bash
+  become: true
+
+- name: Pin GitLab runner package to correct repository
+  ansible.builtin.copy:
+    src: pin-gitlab-runner.pref
+    dest: /etc/apt/preferences.d/pin-gitlab-runner.pref
+
+- name: Install GitLab runner package
+  ansible.builtin.apt:
+    update_cache: true
+    pkg:
+      - gitlab-runner
+
+- name: Install gitlab Python package
+  ansible.builtin.pip:
+    name: python-gitlab
+
+- name: Register runner
+  no_log: true
+  community.general.gitlab_runner:
+    api_url: '{{ runner.gitlab_url }}'
+    api_token: '{{ runner.access_token }}'
+    registration_token: '{{ runner.registration_token }}'
+    description: '{{ inventory_hostname_short }}'
+    project: 'nat/gap'
+    state: present
+    tag_list: '{{ runner.runner_tags + [inventory_hostname_short] }}'
+    run_untagged: false
+    locked: true
+    access_level_on_creation: true
+    access_level: 'not_protected'