From 214d1b08865a8fa2e341b1a803148893ec480ea0 Mon Sep 17 00:00:00 2001 From: Julian Calaby Date: Thu, 3 Mar 2022 10:50:22 +1100 Subject: [PATCH 1/3] feat: Switch to GitLab's forked docker-machine version Update the version-generated URL to use the GitLab fork of docker-machine as the official one is dead and buried. --- template/gitlab-runner.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/template/gitlab-runner.tpl b/template/gitlab-runner.tpl index 3d6b0f52d..e068b5df6 100644 --- a/template/gitlab-runner.tpl +++ b/template/gitlab-runner.tpl @@ -42,7 +42,7 @@ fi if [[ `echo ${docker_machine_download_url}` == "" ]] then - curl --fail --retry 6 -L https://github.com/docker/machine/releases/download/v${docker_machine_version}/docker-machine-`uname -s`-`uname -m` >/tmp/docker-machine + curl --fail --retry 6 -L https://gitlab-docker-machine-downloads.s3.amazonaws.com/v${docker_machine_version}/docker-machine-`uname -s`-`uname -m` >/tmp/docker-machine else curl --fail --retry 6 -L ${docker_machine_download_url} >/tmp/docker-machine fi From 2cce8dcc6c6f8e835a41f2ca3175e5c30727f5b2 Mon Sep 17 00:00:00 2001 From: Julian Calaby Date: Thu, 3 Mar 2022 10:29:08 +1100 Subject: [PATCH 2/3] fix: Default to a version instead of an explicit URL GitLab has made the "generic" URLs which end in `/docker-machine` inaccessible, so instead specify a version for docker-machine and use the URL generation as that both produces URLs that work and should do the right thing in most cases. Fixes #457. --- README.md | 6 +++--- variables.tf | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 868857474..bd0d3afca 100644 --- a/README.md +++ b/README.md @@ -310,7 +310,7 @@ terraform destroy | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.71.0 | +| [aws](#provider\_aws) | ~> 3.35 | ## Modules @@ -393,7 +393,7 @@ terraform destroy | [cache\_expiration\_days](#input\_cache\_expiration\_days) | Number of days before cache objects expires. | `number` | `1` | no | | [cache\_shared](#input\_cache\_shared) | Enables cache sharing between runners, false by default. | `bool` | `false` | no | | [cloudwatch\_logging\_retention\_in\_days](#input\_cloudwatch\_logging\_retention\_in\_days) | Retention for cloudwatch logs. Defaults to unlimited | `number` | `0` | no | -| [docker\_machine\_download\_url](#input\_docker\_machine\_download\_url) | Full url pointing to a linux x64 distribution of docker machine. Once set `docker_machine_version` will be ingored. See also https://docs.gitlab.com/runner/executors/docker_machine.html#install | `string` | `"https://gitlab-docker-machine-downloads.s3.amazonaws.com/v0.16.2-gitlab.12/docker-machine"` | no | +| [docker\_machine\_download\_url](#input\_docker\_machine\_download\_url) | Full url pointing to a linux x64 distribution of docker machine. Once set `docker_machine_version` will be ingored. See also https://docs.gitlab.com/runner/executors/docker_machine.html#install | `string` | `""` | no | | [docker\_machine\_egress\_rules](#input\_docker\_machine\_egress\_rules) | List of egress rules for the docker-machine instance(s). | 
list(object({
    cidr_blocks      = list(string)
    ipv6_cidr_blocks = list(string)
    prefix_list_ids  = list(string)
    from_port        = number
    protocol         = string
    security_groups  = list(string)
    self             = bool
    to_port          = number
    description      = string
  }))
| 
[
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "description": "Allow all egress traffic for docker machine build runners",
    "from_port": 0,
    "ipv6_cidr_blocks": [
      "::/0"
    ],
    "prefix_list_ids": null,
    "protocol": "-1",
    "security_groups": null,
    "self": null,
    "to_port": 0
  }
]
| no | | [docker\_machine\_iam\_policy\_arns](#input\_docker\_machine\_iam\_policy\_arns) | List of policy ARNs to be added to the instance profile of the docker machine runners. | `list(string)` | `[]` | no | | [docker\_machine\_instance\_type](#input\_docker\_machine\_instance\_type) | Instance type used for the instances hosting docker-machine. | `string` | `"m5.large"` | no | @@ -401,7 +401,7 @@ terraform destroy | [docker\_machine\_role\_json](#input\_docker\_machine\_role\_json) | Docker machine runner instance override policy, expected to be in JSON format. | `string` | `""` | no | | [docker\_machine\_security\_group\_description](#input\_docker\_machine\_security\_group\_description) | A description for the docker-machine security group | `string` | `"A security group containing docker-machine instances"` | no | | [docker\_machine\_spot\_price\_bid](#input\_docker\_machine\_spot\_price\_bid) | Spot price bid. The maximum price willing to pay. By default the price is limited by the current on demand price for the instance type chosen. | `string` | `"on-demand-price"` | no | -| [docker\_machine\_version](#input\_docker\_machine\_version) | By default docker\_machine\_download\_url is used to set the docker machine version. Version of docker-machine. The version will be ingored once `docker_machine_download_url` is set. | `string` | `""` | no | +| [docker\_machine\_version](#input\_docker\_machine\_version) | By default docker\_machine\_download\_url is used to set the docker machine version. Version of docker-machine. The version will be ingored once `docker_machine_download_url` is set. | `string` | `"0.16.2-gitlab.12"` | no | | [enable\_asg\_recreation](#input\_enable\_asg\_recreation) | Enable automatic redeployment of the Runner ASG when the Launch Configs change. | `bool` | `true` | no | | [enable\_cloudwatch\_logging](#input\_enable\_cloudwatch\_logging) | Boolean used to enable or disable the CloudWatch logging. | `bool` | `true` | no | | [enable\_docker\_machine\_ssm\_access](#input\_enable\_docker\_machine\_ssm\_access) | Add IAM policies to the docker-machine instances to connect via the Session Manager. | `bool` | `false` | no | diff --git a/variables.tf b/variables.tf index a0f377f22..569f693ad 100644 --- a/variables.tf +++ b/variables.tf @@ -88,13 +88,13 @@ variable "docker_machine_spot_price_bid" { variable "docker_machine_download_url" { description = "Full url pointing to a linux x64 distribution of docker machine. Once set `docker_machine_version` will be ingored. See also https://docs.gitlab.com/runner/executors/docker_machine.html#install" type = string - default = "https://gitlab-docker-machine-downloads.s3.amazonaws.com/v0.16.2-gitlab.12/docker-machine" + default = "" } variable "docker_machine_version" { description = "By default docker_machine_download_url is used to set the docker machine version. Version of docker-machine. The version will be ingored once `docker_machine_download_url` is set." type = string - default = "" + default = "0.16.2-gitlab.12" } variable "runners_name" { From 912f2c950eef08feb4ab41a09c15920f499cad1a Mon Sep 17 00:00:00 2001 From: Julian Calaby Date: Thu, 3 Mar 2022 10:38:07 +1100 Subject: [PATCH 3/3] fix: Update runner version to 14.8.2 Version 14.8.0 had a major regression and was removed from all release distribution channels. Update to 14.8.2 as that's the latest 14.8.x version. Fixes #456 --- README.md | 2 +- variables.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index bd0d3afca..ed5e13b0d 100644 --- a/README.md +++ b/README.md @@ -418,7 +418,7 @@ terraform destroy | [gitlab\_runner\_registration\_config](#input\_gitlab\_runner\_registration\_config) | Configuration used to register the runner. See the README for an example, or reference the examples in the examples directory of this repo. | `map(string)` | 
{
  "access_level": "",
  "description": "",
  "locked_to_project": "",
  "maximum_timeout": "",
  "registration_token": "",
  "run_untagged": "",
  "tag_list": ""
}
| no | | [gitlab\_runner\_security\_group\_description](#input\_gitlab\_runner\_security\_group\_description) | A description for the gitlab-runner security group | `string` | `"A security group containing gitlab-runner agent instances"` | no | | [gitlab\_runner\_security\_group\_ids](#input\_gitlab\_runner\_security\_group\_ids) | A list of security group ids that are allowed to access the gitlab runner agent | `list(string)` | `[]` | no | -| [gitlab\_runner\_version](#input\_gitlab\_runner\_version) | Version of the [GitLab runner](https://gitlab.com/gitlab-org/gitlab-runner/-/releases). | `string` | `"14.8.0"` | no | +| [gitlab\_runner\_version](#input\_gitlab\_runner\_version) | Version of the [GitLab runner](https://gitlab.com/gitlab-org/gitlab-runner/-/releases). | `string` | `"14.8.2"` | no | | [instance\_role\_json](#input\_instance\_role\_json) | Default runner instance override policy, expected to be in JSON format. | `string` | `""` | no | | [instance\_type](#input\_instance\_type) | Instance type used for the GitLab runner. | `string` | `"t3.micro"` | no | | [kms\_alias\_name](#input\_kms\_alias\_name) | Alias added to the kms\_key (if created and not provided by kms\_key\_id) | `string` | `""` | no | diff --git a/variables.tf b/variables.tf index 569f693ad..4b9a555ff 100644 --- a/variables.tf +++ b/variables.tf @@ -361,7 +361,7 @@ variable "cache_shared" { variable "gitlab_runner_version" { description = "Version of the [GitLab runner](https://gitlab.com/gitlab-org/gitlab-runner/-/releases)." type = string - default = "14.8.0" + default = "14.8.2" } variable "enable_ping" {