Add gitlab-runner-docker-mtls/register-runner.sh
This commit is contained in:
parent
19a4815b6a
commit
e52ad4491f
87
gitlab-runner-docker-mtls/register-runner.sh
Normal file
87
gitlab-runner-docker-mtls/register-runner.sh
Normal file
@ -0,0 +1,87 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
CONFIG_FILE="/etc/gitlab-runner/config.toml"
|
||||||
|
|
||||||
|
# Проверка обязательных переменных
|
||||||
|
if [ -z "$CI_SERVER_URL" ] || [ -z "$REGISTRATION_TOKEN" ]; then
|
||||||
|
echo "ERROR: CI_SERVER_URL and REGISTRATION_TOKEN must be set"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Параметры со значениями по умолчанию
|
||||||
|
EXECUTOR=${EXECUTOR:-"docker"}
|
||||||
|
DESCRIPTION=${DESCRIPTION:-"GitLab Runner with mTLS"}
|
||||||
|
DOCKER_IMAGE=${DOCKER_IMAGE:-"docker:27.3.1"}
|
||||||
|
CONCURRENT=${CONCURRENT:-"10"}
|
||||||
|
DISABLE_CACHE=${DISABLE_CACHE:-"false"}
|
||||||
|
|
||||||
|
# mTLS параметры
|
||||||
|
DOCKER_HOST=${DOCKER_HOST:-""}
|
||||||
|
DOCKER_TLS_VERIFY=${DOCKER_TLS_VERIFY:-"true"}
|
||||||
|
CERT_PATH=${CERT_PATH:-"/certs"}
|
||||||
|
|
||||||
|
# Проверка mTLS
|
||||||
|
if [ "$DOCKER_TLS_VERIFY" = "true" ] && [ -z "$DOCKER_HOST" ]; then
|
||||||
|
echo "ERROR: DOCKER_HOST is required when DOCKER_TLS_VERIFY=true"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Регистрация, если config.toml ещё не существует
|
||||||
|
if [ ! -f "$CONFIG_FILE" ]; then
|
||||||
|
echo "Registering GitLab Runner with mTLS-enabled Docker executor..."
|
||||||
|
|
||||||
|
# Подготавливаем флаги
|
||||||
|
TLS_FLAG=""
|
||||||
|
if [ "$DOCKER_TLS_VERIFY" = "true" ]; then
|
||||||
|
TLS_FLAG="--docker-tlsverify"
|
||||||
|
fi
|
||||||
|
|
||||||
|
CACHE_FLAG=""
|
||||||
|
if [ "$DISABLE_CACHE" = "true" ]; then
|
||||||
|
CACHE_FLAG="--docker-disable-cache"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Проверка наличия обязательных сертификатов
|
||||||
|
if [ "$DOCKER_TLS_VERIFY" = "true" ]; then
|
||||||
|
if [ ! -f "$CERT_PATH/ca.pem" ]; then
|
||||||
|
echo "ERROR: ca.pem not found in $CERT_PATH"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ ! -f "$CERT_PATH/cert.pem" ]; then
|
||||||
|
echo "ERROR: cert.pem not found in $CERT_PATH"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ ! -f "$CERT_PATH/key.pem" ]; then
|
||||||
|
echo "ERROR: key.pem not found in $CERT_PATH"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# Основная команда регистрации
|
||||||
|
gitlab-runner register \
|
||||||
|
--non-interactive \
|
||||||
|
--url "$CI_SERVER_URL" \
|
||||||
|
--token "$REGISTRATION_TOKEN" \
|
||||||
|
--executor "$EXECUTOR" \
|
||||||
|
--description "$DESCRIPTION" \
|
||||||
|
--docker-image "$DOCKER_IMAGE" \
|
||||||
|
--docker-host "$DOCKER_HOST" \
|
||||||
|
$TLS_FLAG \
|
||||||
|
--docker-cert-path "$CERT_PATH" \
|
||||||
|
$CACHE_FLAG
|
||||||
|
|
||||||
|
# Устанавливаем concurrent
|
||||||
|
if grep -q "^concurrent = " "$CONFIG_FILE"; then
|
||||||
|
sed -i "s/^concurrent = .*/concurrent = $CONCURRENT/" "$CONFIG_FILE"
|
||||||
|
else
|
||||||
|
sed -i "1iconcurrent = $CONCURRENT" "$CONFIG_FILE"
|
||||||
|
fi
|
||||||
|
|
||||||
|
else
|
||||||
|
echo "GitLab Runner is already registered. Skipping registration."
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Запускаем runner
|
||||||
|
echo "Starting GitLab Runner..."
|
||||||
|
exec gitlab-runner run
|
||||||
Loading…
x
Reference in New Issue
Block a user