88 lines
2.5 KiB
Bash
88 lines
2.5 KiB
Bash
#!/bin/sh
|
||
|
||
CONFIG_FILE="/etc/gitlab-runner/config.toml"
|
||
|
||
# Проверка обязательных переменных
|
||
if [ -z "$CI_SERVER_URL" ] || [ -z "$REGISTRATION_TOKEN" ]; then
|
||
echo "ERROR: CI_SERVER_URL and REGISTRATION_TOKEN must be set"
|
||
exit 1
|
||
fi
|
||
|
||
# Параметры со значениями по умолчанию
|
||
EXECUTOR=${EXECUTOR:-"docker"}
|
||
DESCRIPTION=${DESCRIPTION:-"GitLab Runner with mTLS"}
|
||
DOCKER_IMAGE=${DOCKER_IMAGE:-"docker:27.3.1"}
|
||
CONCURRENT=${CONCURRENT:-"10"}
|
||
DISABLE_CACHE=${DISABLE_CACHE:-"false"}
|
||
|
||
# mTLS параметры
|
||
DOCKER_HOST=${DOCKER_HOST:-""}
|
||
DOCKER_TLS_VERIFY=${DOCKER_TLS_VERIFY:-"true"}
|
||
CERT_PATH=${CERT_PATH:-"/certs"}
|
||
|
||
# Проверка mTLS
|
||
if [ "$DOCKER_TLS_VERIFY" = "true" ] && [ -z "$DOCKER_HOST" ]; then
|
||
echo "ERROR: DOCKER_HOST is required when DOCKER_TLS_VERIFY=true"
|
||
exit 1
|
||
fi
|
||
|
||
# Регистрация, если config.toml ещё не существует
|
||
if [ ! -f "$CONFIG_FILE" ]; then
|
||
echo "Registering GitLab Runner with mTLS-enabled Docker executor..."
|
||
|
||
# Подготавливаем флаги
|
||
TLS_FLAG=""
|
||
if [ "$DOCKER_TLS_VERIFY" = "true" ]; then
|
||
TLS_FLAG="--docker-tlsverify"
|
||
fi
|
||
|
||
CACHE_FLAG=""
|
||
if [ "$DISABLE_CACHE" = "true" ]; then
|
||
CACHE_FLAG="--docker-disable-cache"
|
||
fi
|
||
|
||
# Проверка наличия обязательных сертификатов
|
||
if [ "$DOCKER_TLS_VERIFY" = "true" ]; then
|
||
if [ ! -f "$CERT_PATH/ca.pem" ]; then
|
||
echo "ERROR: ca.pem not found in $CERT_PATH"
|
||
exit 1
|
||
fi
|
||
if [ ! -f "$CERT_PATH/cert.pem" ]; then
|
||
echo "ERROR: cert.pem not found in $CERT_PATH"
|
||
exit 1
|
||
fi
|
||
if [ ! -f "$CERT_PATH/key.pem" ]; then
|
||
echo "ERROR: key.pem not found in $CERT_PATH"
|
||
exit 1
|
||
fi
|
||
fi
|
||
|
||
|
||
# Основная команда регистрации
|
||
gitlab-runner register \
|
||
--non-interactive \
|
||
--url "$CI_SERVER_URL" \
|
||
--token "$REGISTRATION_TOKEN" \
|
||
--executor "$EXECUTOR" \
|
||
--description "$DESCRIPTION" \
|
||
--docker-image "$DOCKER_IMAGE" \
|
||
--docker-host "$DOCKER_HOST" \
|
||
$TLS_FLAG \
|
||
--docker-cert-path "$CERT_PATH" \
|
||
$CACHE_FLAG
|
||
|
||
# Устанавливаем concurrent
|
||
if grep -q "^concurrent = " "$CONFIG_FILE"; then
|
||
sed -i "s/^concurrent = .*/concurrent = $CONCURRENT/" "$CONFIG_FILE"
|
||
else
|
||
sed -i "1iconcurrent = $CONCURRENT" "$CONFIG_FILE"
|
||
fi
|
||
|
||
else
|
||
echo "GitLab Runner is already registered. Skipping registration."
|
||
fi
|
||
|
||
# Запускаем runner
|
||
echo "Starting GitLab Runner..."
|
||
exec gitlab-runner run
|