With the recent efforts in upstream libvirt to centralize our CI on
gitlab, let's add a new gitlab-specific flavor along with related
playbook tasks. This flavour revolves around installing and configuring
the gitlab-runner agent binary which requires the per-project
registration token to be specified in order for the runner to be
successfully registered with the gitlab server.
Note that as part of the registration process each runner acquires a new
unique access token. This means that we must ensure that the
registration is run only on the first update, otherwise a new runner
with a new access token is registered with the gitlab project.
Signed-off-by: Erik Skultety <eskultet@xxxxxxxxxx>
---
guests/playbooks/update/main.yml | 5 +++
guests/playbooks/update/tasks/gitlab.yml | 52 ++++++++++++++++++++++++
2 files changed, 57 insertions(+)
create mode 100644 guests/playbooks/update/tasks/gitlab.yml
diff --git a/guests/playbooks/update/main.yml b/guests/playbooks/update/main.yml
index a5a4de8..371e53d 100644
--- a/guests/playbooks/update/main.yml
+++ b/guests/playbooks/update/main.yml
@@ -58,3 +58,8 @@
- include: '{{ playbook_base }}/tasks/jenkins.yml'
when:
- flavor == 'jenkins'
+
+ # Install the Gitlab runner agent
+ - include: '{{ playbook_base }}/tasks/gitlab.yml'
+ when:
+ - flavor == 'gitlab'
diff --git a/guests/playbooks/update/tasks/gitlab.yml b/guests/playbooks/update/tasks/gitlab.yml
new file mode 100644
index 0000000..b8f731d
--- /dev/null
+++ b/guests/playbooks/update/tasks/gitlab.yml
@@ -0,0 +1,52 @@
+---
+- name: Define gitlab-related facts
+ set_fact:
+ gitlab_url: '{{ lookup("file", gitlab_url_file) }}'
+ gitlab_runner_secret: '{{ lookup("file", gitlab_runner_token_file) }}'
+ gitlab_runner_download_url: https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-{{ ansible_system|lower }}-amd64
+ gitlab_runner_config_path: '/home/gitlab/.gitlab-runner/config.toml'
+
+- name: Download gitlab-runner agent
+ get_url:
+ url: '{{ gitlab_runner_download_url }}'
+ dest: /home/gitlab/bin/gitlab-runner
+ owner: gitlab
+ group: gitlab
+ mode: '0775'
+ force: yes
+
+- name: Register the gitlab-runner agent
+ become: true
+ become_user: gitlab
+ shell: '/home/gitlab/bin/gitlab-runner register --non-interactive --config {{ gitlab_runner_config_path }} --registration-token {{ gitlab_runner_secret }} --url {{ gitlab_url }} --executor shell --tag-list {{ inventory_hostname }}'
+ args:
+ creates: '{{ gitlab_runner_config_path }}'
+
+- block:
+ - name: Install the gitlab-runner service unit
+ template:
+ src: '{{ playbook_base }}/templates/gitlab-runner.service.j2'
+ dest: /etc/systemd/system/gitlab-runner.service
+
+ - name: Enable the gitlab-runner service
+ systemd:
+ name: gitlab-runner
+ state: started
+ enabled: yes
+ daemon_reload: yes
+ when: ansible_service_mgr == 'systemd'
+
+- block:
+ - name: Install the gitlab_runner rc service script
+ template:
+ src: '{{ playbook_base }}/templates/gitlab-runner.j2'
+ dest: '/usr/local/etc/rc.d/gitlab_runner'
+ mode: '0755'
+
+ - name: Enable the gitlab-runner rc service
+ service:
+ name: gitlab_runner
+ state: started
+ enabled: yes
+ when: ansible_service_mgr != 'systemd'
+
--
2.25.1
