From 1836a6dea80399a306428c5e58c339dd742939c5 Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 11:22:09 +0000 Subject: [PATCH 01/22] fix: use fqcn Signed-off-by: gardar --- .github/workflows/ansible.yml | 2 - handlers/main.yml | 8 +- tasks/config-runner-container.yml | 9 +- tasks/config-runner-windows.yml | 8 +- tasks/config-runner.yml | 8 +- tasks/config-runners-container.yml | 10 +- tasks/config-runners-windows.yml | 23 ++- tasks/config-runners.yml | 10 +- tasks/global-setup-windows.yml | 16 +-- tasks/global-setup.yml | 18 +-- tasks/install-arch.yml | 6 +- tasks/install-container.yml | 4 +- tasks/install-debian.yml | 22 +-- tasks/install-macos.yml | 29 ++-- tasks/install-redhat.yml | 12 +- tasks/install-windows.yml | 22 +-- tasks/line-config-runner-windows.yml | 6 +- tasks/line-config-runner.yml | 6 +- tasks/list-configured-runners-container.yml | 8 +- tasks/list-configured-runners-unix.yml | 8 +- tasks/list-configured-runners-windows.yml | 8 +- tasks/main-container.yml | 18 ++- tasks/main-unix.yml | 22 ++- tasks/main-windows.yml | 19 ++- tasks/main.yml | 10 +- tasks/register-runner-container.yml | 9 +- tasks/register-runner-windows.yml | 9 +- tasks/register-runner.yml | 14 +- tasks/section-config-runner-windows.yml | 2 +- tasks/section-config-runner.yml | 2 +- tasks/systemd-reload.yml | 8 +- ...gister-runner-if-not-longer-configured.yml | 8 +- tasks/unregister-runner.yml | 4 +- tasks/update-ca-bundle.yml | 10 +- tasks/update-config-runner-windows.yml | 71 +++++----- tasks/update-config-runner.yml | 134 +++++++++--------- tasks/validate-runner-config.yml | 2 +- tests/test.yml | 14 +- 38 files changed, 292 insertions(+), 307 deletions(-) diff --git a/.github/workflows/ansible.yml b/.github/workflows/ansible.yml index 375986d..8dae39f 100644 --- a/.github/workflows/ansible.yml +++ b/.github/workflows/ansible.yml @@ -4,8 +4,6 @@ on: branches: - master workflow_dispatch: - - jobs: ansible-lint: runs-on: ubuntu-latest diff --git a/handlers/main.yml b/handlers/main.yml index 8835c70..6ec42da 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,25 +1,25 @@ --- # non macOS - name: restart_gitlab_runner - service: name=gitlab-runner state={{ gitlab_runner_restart_state }} + ansible.builtin.service: name=gitlab-runner state={{ gitlab_runner_restart_state }} become: true when: ansible_os_family != 'Darwin' and ansible_os_family != 'Windows' and not gitlab_runner_container_install # macOS - name: restart_gitlab_runner_macos - command: "{{ gitlab_runner_executable }} restart" + ansible.builtin.command: "{{ gitlab_runner_executable }} restart" become: "{{ gitlab_runner_system_mode }}" when: ansible_os_family == 'Darwin' and gitlab_runner_macos_start_runner - name: restart_gitlab_runner_windows - win_command: "{{ gitlab_runner_executable }} restart" + ansible.windows.win_command: "{{ gitlab_runner_executable }} restart" args: chdir: "{{ gitlab_runner_config_file_location }}" when: ansible_os_family == 'Windows' and gitlab_runner_windows_start_runner # Container - name: restart_gitlab_runner_container - docker_container: + community.docker.docker_container: name: "{{ gitlab_runner_container_name }}" restart: true when: gitlab_runner_container_install diff --git a/tasks/config-runner-container.yml b/tasks/config-runner-container.yml index 9fc4693..baccd52 100644 --- a/tasks/config-runner-container.yml +++ b/tasks/config-runner-container.yml @@ -1,6 +1,6 @@ --- - name: "{{ conf_name_prefix }} Create temporary file" - tempfile: + ansible.builtin.tempfile: state: file path: "{{ temp_runner_config_dir.path }}" prefix: gitlab-runner.{{ runner_config_index }}. @@ -9,13 +9,14 @@ changed_when: false - name: "{{ conf_name_prefix }} Isolate runner configuration" - copy: + ansible.builtin.copy: dest: "{{ temp_runner_config.path }}" content: "{{ runner_config }}" + mode: "0644" check_mode: false changed_when: false -- include_tasks: update-config-runner.yml +- ansible.builtin.include_tasks: update-config-runner.yml vars: runn_name_prefix: "{{ conf_name_prefix }} runner[{{ (gitlab_runner_index|int) + 1 }}/{{ gitlab_runner_runners|length }}]:" when: @@ -27,7 +28,7 @@ loop_var: gitlab_runner - name: "{{ conf_name_prefix }} Remove runner config" - file: + ansible.builtin.file: path: "{{ temp_runner_config.path }}" state: absent when: diff --git a/tasks/config-runner-windows.yml b/tasks/config-runner-windows.yml index 1805eff..dd2cbec 100644 --- a/tasks/config-runner-windows.yml +++ b/tasks/config-runner-windows.yml @@ -1,6 +1,6 @@ --- - name: (Windows) {{ conf_name_prefix }} Create temporary file - win_tempfile: + ansible.windows.win_tempfile: state: file path: "{{ temp_runner_config_dir.path }}" prefix: gitlab-runner.{{ runner_config_index }}. @@ -9,13 +9,13 @@ changed_when: false - name: (Windows) {{ conf_name_prefix }} Isolate runner configuration - win_copy: + ansible.windows.win_copy: dest: "{{ temp_runner_config.path }}" content: "{{ runner_config }}" check_mode: false changed_when: false -- include_tasks: update-config-runner-windows.yml +- ansible.builtin.include_tasks: update-config-runner-windows.yml vars: runn_name_prefix: "{{ conf_name_prefix }} runner[{{ (gitlab_runner_index|int) + 1 }}/{{ gitlab_runner_runners|length }}]:" when: @@ -27,7 +27,7 @@ loop_var: gitlab_runner - name: (Windows) {{ conf_name_prefix }} Remove runner config - win_file: + ansible.windows.win_file: path: "{{ temp_runner_config.path }}" state: absent when: diff --git a/tasks/config-runner.yml b/tasks/config-runner.yml index 3df6cef..aeba009 100644 --- a/tasks/config-runner.yml +++ b/tasks/config-runner.yml @@ -1,6 +1,6 @@ --- - name: "{{ conf_name_prefix }} Create temporary file" - tempfile: + ansible.builtin.tempfile: state: file path: "{{ temp_runner_config_dir.path }}" prefix: gitlab-runner.{{ runner_config_index }}. @@ -9,14 +9,14 @@ changed_when: false - name: "{{ conf_name_prefix }} Isolate runner configuration" - copy: + ansible.builtin.copy: dest: "{{ temp_runner_config.path }}" content: "{{ runner_config }}" check_mode: false changed_when: false no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" -- include_tasks: update-config-runner.yml +- ansible.builtin.include_tasks: update-config-runner.yml vars: runn_name_prefix: "{{ conf_name_prefix }} runner[{{ (gitlab_runner_index|int) + 1 }}/{{ gitlab_runner_runners|length }}]:" when: @@ -29,7 +29,7 @@ no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - name: "{{ conf_name_prefix }} Remove runner config" - file: + ansible.builtin.file: path: "{{ temp_runner_config.path }}" state: absent when: diff --git a/tasks/config-runners-container.yml b/tasks/config-runners-container.yml index f0b0479..954286e 100644 --- a/tasks/config-runners-container.yml +++ b/tasks/config-runners-container.yml @@ -1,15 +1,15 @@ --- - name: Get existing config.toml - slurp: + ansible.builtin.slurp: src: "{{ gitlab_runner_config_file }}" register: runner_config_file - name: Get pre-existing runner configs - set_fact: + ansible.builtin.set_fact: runner_configs: "{{ (runner_config_file['content'] | b64decode).split('[[runners]]\n') }}" - name: Create temporary directory - tempfile: + ansible.builtin.tempfile: state: directory suffix: gitlab-runner-config register: temp_runner_config_dir @@ -19,14 +19,14 @@ - name: Write config section for each runner vars: conf_name_prefix: "conf[{{ (runner_config_index|int) + 1 }}/{{ runner_configs|length }}]:" - include_tasks: config-runner-container.yml + ansible.builtin.include_tasks: config-runner-container.yml loop: "{{ runner_configs }}" loop_control: index_var: runner_config_index loop_var: runner_config - name: Assemble new config.toml - assemble: + ansible.builtin.assemble: src: "{{ temp_runner_config_dir.path }}" dest: "{{ gitlab_runner_config_file }}" delimiter: "[[runners]]\\n" diff --git a/tasks/config-runners-windows.yml b/tasks/config-runners-windows.yml index e3522e5..028a57e 100644 --- a/tasks/config-runners-windows.yml +++ b/tasks/config-runners-windows.yml @@ -1,19 +1,19 @@ --- - name: (Windows) Get existing config.toml - slurp: + ansible.builtin.slurp: src: "{{ gitlab_runner_config_file }}" register: runner_config_file - name: (Windows) Get pre-existing global config - set_fact: + ansible.builtin.set_fact: runner_global_config: "{{ (runner_config_file['content'] | b64decode).split('[[runners]]')[0] }}" - name: (Windows) Get pre-existing runner configs - set_fact: + ansible.builtin.set_fact: runner_configs: "{{ (runner_config_file['content'] | b64decode).split('[[runners]]')[1:] }}" - name: (Windows) Create temporary directory - win_tempfile: + ansible.windows.win_tempfile: state: directory suffix: gitlab-runner-config register: temp_runner_config_dir @@ -23,7 +23,7 @@ - name: (Windows) Write config section for each runner vars: conf_name_prefix: "conf[{{ (runner_config_index|int) + 1 }}/{{ runner_configs|length }}]:" - include_tasks: config-runner-windows.yml + ansible.builtin.include_tasks: config-runner-windows.yml loop: "{{ runner_configs }}" loop_control: index_var: runner_config_index @@ -33,32 +33,31 @@ when: not ansible_check_mode block: - name: (Windows) Create temporary file config.toml - win_tempfile: + ansible.windows.win_tempfile: state: file suffix: temp register: config_toml_temp - name: (Windows) Write global config to file - win_lineinfile: + community.windows.win_lineinfile: insertbefore: BOF path: "{{ config_toml_temp.path }}" line: "{{ runner_global_config }}" - name: (Windows) Create temporary file runners-config.toml - win_tempfile: + ansible.windows.win_tempfile: state: file suffix: temp register: runners_config_toml_temp - name: (Windows) Assemble runners files in config dir - win_shell: dir -rec | gc | out-file "{{ runners_config_toml_temp.path }}" + ansible.windows.win_shell: dir -rec | gc | out-file "{{ runners_config_toml_temp.path }}" args: chdir: "{{ temp_runner_config_dir.path }}" - name: (Windows) Assemble new config.toml - win_shell: gc "{{ config_toml_temp.path }}","{{ runners_config_toml_temp.path }}" | Set-Content "{{ gitlab_runner_config_file }}" - + ansible.windows.win_shell: gc "{{ config_toml_temp.path }}","{{ runners_config_toml_temp.path }}" | Set-Content "{{ gitlab_runner_config_file }}" - name: (Windows) Verify config - win_command: "{{ gitlab_runner_executable }} verify" + ansible.windows.win_command: "{{ gitlab_runner_executable }} verify" args: chdir: "{{ gitlab_runner_config_file_location }}" diff --git a/tasks/config-runners.yml b/tasks/config-runners.yml index 1054eed..1c4a59f 100644 --- a/tasks/config-runners.yml +++ b/tasks/config-runners.yml @@ -1,17 +1,17 @@ --- - name: Get existing config.toml - slurp: + ansible.builtin.slurp: src: "{{ gitlab_runner_config_file }}" register: runner_config_file become: "{{ gitlab_runner_system_mode }}" - name: Get pre-existing runner configs - set_fact: + ansible.builtin.set_fact: runner_configs: "{{ (runner_config_file['content'] | b64decode).split('[[runners]]\n') }}" no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - name: Create temporary directory - tempfile: + ansible.builtin.tempfile: state: directory suffix: gitlab-runner-config register: temp_runner_config_dir @@ -21,7 +21,7 @@ - name: Write config section for each runner vars: conf_name_prefix: "conf[{{ (runner_config_index|int) + 1 }}/{{ runner_configs|length }}]:" - include_tasks: config-runner.yml + ansible.builtin.include_tasks: config-runner.yml loop: "{{ runner_configs }}" loop_control: index_var: runner_config_index @@ -29,7 +29,7 @@ no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - name: Assemble new config.toml - assemble: + ansible.builtin.assemble: src: "{{ temp_runner_config_dir.path }}" dest: "{{ gitlab_runner_config_file }}" delimiter: "[[runners]]\\n" diff --git a/tasks/global-setup-windows.yml b/tasks/global-setup-windows.yml index 7fe7d38..5691859 100644 --- a/tasks/global-setup-windows.yml +++ b/tasks/global-setup-windows.yml @@ -1,18 +1,18 @@ --- - name: (Windows) Create .gitlab-runner dir - win_file: + ansible.windows.win_file: path: "{{ gitlab_runner_config_file_location }}" state: directory - name: (Windows) Ensure config.toml exists - win_file: + ansible.windows.win_file: path: "{{ gitlab_runner_config_file }}" state: touch modification_time: preserve access_time: preserve - name: (Windows) Set concurrent option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^(\s*)concurrent =.* line: $1concurrent = {{ gitlab_runner_concurrent }} @@ -37,7 +37,7 @@ - restart_gitlab_runner_windows - name: (Windows) Add listen_address to config - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^listen_address =.* line: listen_address = "{{ gitlab_runner_listen_address }}" @@ -49,7 +49,7 @@ - restart_gitlab_runner_windows - name: (Windows) Add sentry dsn to config - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^sentry_dsn =.* line: sentry_dsn = "{{ gitlab_runner_sentry_dsn }}" @@ -62,7 +62,7 @@ - restart_gitlab_runner_windows - name: (Windows) Add session server listen_address to config - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^(\s+)listen_address = line: ' listen_address = "{{ gitlab_runner_session_server_listen_address }}"' @@ -74,7 +74,7 @@ - restart_gitlab_runner_windows - name: (Windows) Add session server advertise_address to config - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^\s*advertise_address = line: ' advertise_address = "{{ gitlab_runner_session_server_advertise_address }}"' @@ -86,7 +86,7 @@ - restart_gitlab_runner_windows - name: (Windows) Add session server session_timeout to config - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^\s*session_timeout = line: " session_timeout = {{ gitlab_runner_session_server_session_timeout }}" diff --git a/tasks/global-setup.yml b/tasks/global-setup.yml index 98b0e8b..3e57344 100644 --- a/tasks/global-setup.yml +++ b/tasks/global-setup.yml @@ -1,13 +1,13 @@ --- - name: Create .gitlab-runner dir - file: + ansible.builtin.file: path: "{{ gitlab_runner_config_file_location }}" state: directory mode: "0700" become: "{{ gitlab_runner_system_mode }}" - name: Ensure config.toml exists - file: + ansible.builtin.file: path: "{{ gitlab_runner_config_file }}" state: touch modification_time: preserve @@ -15,7 +15,7 @@ become: "{{ gitlab_runner_system_mode }}" - name: Set concurrent option - lineinfile: + ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^(\s*)concurrent = line: \1concurrent = {{ gitlab_runner_concurrent }} @@ -41,7 +41,7 @@ - restart_gitlab_runner_macos - name: Add listen_address to config - lineinfile: + ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^listen_address = line: listen_address = "{{ gitlab_runner_listen_address }}" @@ -55,7 +55,7 @@ - restart_gitlab_runner_macos - name: Add log_format to config - lineinfile: + ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^log_format = line: log_format = "{{ gitlab_runner_log_format|default("runner") }}" @@ -83,7 +83,7 @@ - restart_gitlab_runner_macos - name: Add sentry dsn to config - lineinfile: + ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^sentry_dsn = line: sentry_dsn = "{{ gitlab_runner_sentry_dsn }}" @@ -97,7 +97,7 @@ - restart_gitlab_runner_macos - name: Add session server listen_address to config - lineinfile: + ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^(\s+)listen_address = line: ' listen_address = "{{ gitlab_runner_session_server_listen_address }}"' @@ -110,7 +110,7 @@ - restart_gitlab_runner_macos - name: Add session server advertise_address to config - lineinfile: + ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^\s*advertise_address = line: ' advertise_address = "{{ gitlab_runner_session_server_advertise_address }}"' @@ -123,7 +123,7 @@ - restart_gitlab_runner_macos - name: Add session server session_timeout to config - lineinfile: + ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^\s*session_timeout = line: " session_timeout = {{ gitlab_runner_session_server_session_timeout }}" diff --git a/tasks/install-arch.yml b/tasks/install-arch.yml index 41073e8..ee9f428 100644 --- a/tasks/install-arch.yml +++ b/tasks/install-arch.yml @@ -1,15 +1,15 @@ --- - name: (Arch) Set gitlab_runner_package_name - set_fact: + ansible.builtin.set_fact: gitlab_runner_package: "{{ gitlab_runner_package_name }}" gitlab_runner_package_state: latest when: gitlab_runner_package_version is not defined - name: (Arch) Install GitLab Runner - package: + ansible.builtin.package: name: "{{ gitlab_runner_package }}" state: "{{ gitlab_runner_package_state }}" become: true - name: Set systemd reload options - import_tasks: systemd-reload.yml + ansible.builtin.import_tasks: systemd-reload.yml diff --git a/tasks/install-container.yml b/tasks/install-container.yml index b14c455..b401554 100644 --- a/tasks/install-container.yml +++ b/tasks/install-container.yml @@ -1,11 +1,11 @@ --- - name: (Container) Pull Image from Registry - docker_image: + community.docker.docker_image: name: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}" source: pull force_source: "{{ gitlab_runner_container_latest_update }}" - name: (Container) Define Container volume Path - file: + ansible.builtin.file: state: directory path: "{{ gitlab_runner_container_mount_path }}" diff --git a/tasks/install-debian.yml b/tasks/install-debian.yml index 52230a8..bf6fae1 100644 --- a/tasks/install-debian.yml +++ b/tasks/install-debian.yml @@ -6,44 +6,44 @@ when: gitlab_runner_skip_package_repo_install is not defined or not gitlab_runner_skip_package_repo_install - name: (Debian) Get Gitlab repository installation script - get_url: + ansible.builtin.get_url: url: https://packages.gitlab.com/install/repositories/runner/{{ gitlab_runner_package_name }}/script.deb.sh dest: /tmp/gitlab-runner.script.deb.sh mode: "0744" when: gitlab_runner_skip_package_repo_install is not defined or not gitlab_runner_skip_package_repo_install - name: (Debian) Install Gitlab repository - command: bash /tmp/gitlab-runner.script.deb.sh + ansible.builtin.command: bash /tmp/gitlab-runner.script.deb.sh args: creates: /etc/apt/sources.list.d/runner_{{ gitlab_runner_package_name }}.list become: true when: gitlab_runner_skip_package_repo_install is not defined or not gitlab_runner_skip_package_repo_install - name: (Debian) Update gitlab_runner_package_name - set_fact: + ansible.builtin.set_fact: gitlab_runner_package: "{{ gitlab_runner_package_name }}={{ gitlab_runner_package_version }}" gitlab_runner_package_state: present when: gitlab_runner_package_version is defined - name: (Debian) Set gitlab_runner_package_name - set_fact: + ansible.builtin.set_fact: gitlab_runner_package: "{{ gitlab_runner_package_name }}" gitlab_runner_package_state: latest when: gitlab_runner_package_version is not defined - name: Gather the package facts - package_facts: + ansible.builtin.package_facts: manager: apt - name: (Debian) Unhold GitLab Runner version changed_when: false - dpkg_selections: + ansible.builtin.dpkg_selections: name: "{{ gitlab_runner_package_name }}" selection: install when: "'gitlab-runner' in ansible_facts.packages" - name: (Debian) Install GitLab Runner - apt: + ansible.builtin.apt: name: "{{ gitlab_runner_package }}" state: "{{ gitlab_runner_package_state }}" allow_change_held_packages: true @@ -54,7 +54,7 @@ when: ansible_distribution_release in ["buster", "focal", "jammy"] - name: (Debian) Install GitLab Runner - apt: + ansible.builtin.apt: name: "{{ gitlab_runner_package }}" state: "{{ gitlab_runner_package_state }}" allow_change_held_packages: true @@ -63,17 +63,17 @@ when: ansible_distribution_release not in ["buster", "focal", "jammy"] - name: (Debian) Hold GitLab Runner version - dpkg_selections: + ansible.builtin.dpkg_selections: name: "{{ gitlab_runner_package_name }}" selection: hold when: gitlab_runner_package_version is defined changed_when: false - name: (Debian) Remove ~/gitlab-runner/.bash_logout on debian buster and ubuntu focal - file: + ansible.builtin.file: path: /home/gitlab-runner/.bash_logout state: absent when: ansible_distribution_release in ["buster", "focal", "jammy"] - name: Set systemd reload options - import_tasks: systemd-reload.yml + ansible.builtin.import_tasks: systemd-reload.yml diff --git a/tasks/install-macos.yml b/tasks/install-macos.yml index 71729c0..388a573 100644 --- a/tasks/install-macos.yml +++ b/tasks/install-macos.yml @@ -2,37 +2,37 @@ - name: (MacOS) PRE-CHECK GitLab Runner exists block: - name: (MacOS) Check gitlab-runner executable exists - stat: + ansible.builtin.stat: path: "{{ gitlab_runner_executable }}" register: gitlab_runner_exists - name: (MacOS) Set fact -> gitlab_runner_exists - set_fact: + ansible.builtin.set_fact: gitlab_runner_exists: "{{ gitlab_runner_exists.stat.exists }}" - name: (MacOS) Get existing version - shell: "{{ gitlab_runner_executable }} --version | awk '/Version: ([\\d\\.]*)/{print $2}'" + ansible.builtin.shell: "{{ gitlab_runner_executable }} --version | awk '/Version: ([\\d\\.]*)/{print $2}'" register: existing_version_shell failed_when: false check_mode: false changed_when: false - name: (MacOS) Set fact -> gitlab_runner_existing_version - set_fact: + ansible.builtin.set_fact: gitlab_runner_existing_version: "{{ existing_version_shell.stdout if existing_version_shell.rc == 0 else '0' }}" - name: (MacOS) Precreate necessary directories for arm64 architecture block: - name: (MacOS) Precreate gitlab-runner log directory become: true - file: + ansible.builtin.file: path: /usr/local/var/log state: directory owner: "{{ ansible_user_id | string }}" - name: (MacOS) Precreate {{ gitlab_runner_directory }} directory become: true - file: + ansible.builtin.file: mode: "755" owner: root path: "{{ gitlab_runner_directory }}" @@ -44,17 +44,16 @@ block: - name: (MacOS) Download GitLab Runner become: true - get_url: + ansible.builtin.get_url: url: "{{ gitlab_runner_download_url }}" dest: "{{ gitlab_runner_executable }}" force: true mode: +x - name: (MacOS) Install GitLab Runner - command: "{{ gitlab_runner_executable }} install" - + ansible.builtin.command: "{{ gitlab_runner_executable }} install" - name: (MacOS) Start GitLab Runner - command: "{{ gitlab_runner_executable }} start" + ansible.builtin.command: "{{ gitlab_runner_executable }} start" when: gitlab_runner_macos_start_runner when: (not gitlab_runner_exists) @@ -62,17 +61,15 @@ - name: (MacOS) UPGRADE GitLab Runner for macOS block: - name: (MacOS) Stop GitLab Runner - command: "{{ gitlab_runner_executable }} stop" - + ansible.builtin.command: "{{ gitlab_runner_executable }} stop" - name: (MacOS) Download GitLab Runner - become: true - get_url: + ansible.builtin.get_url: url: "{{ gitlab_runner_download_url }}" dest: "{{ gitlab_runner_executable }}" force: true - name: (MacOS) Setting Permissions for gitlab-runner executable - file: + ansible.builtin.file: path: "{{ gitlab_runner_executable }}" owner: "{{ ansible_user_id | string }}" group: "{{ ansible_user_gid | string }}" @@ -80,7 +77,7 @@ become: true - name: (MacOS) Start GitLab Runner - command: "{{ gitlab_runner_executable }} start" + ansible.builtin.command: "{{ gitlab_runner_executable }} start" when: - gitlab_runner_exists - gitlab_runner_existing_version != gitlab_runner_wanted_version or gitlab_runner_wanted_version == 'latest' diff --git a/tasks/install-redhat.yml b/tasks/install-redhat.yml index a97c0d3..2b9a6eb 100644 --- a/tasks/install-redhat.yml +++ b/tasks/install-redhat.yml @@ -1,13 +1,13 @@ --- - name: (RedHat) Get Gitlab repository installation script - get_url: + ansible.builtin.get_url: url: https://packages.gitlab.com/install/repositories/runner/{{ gitlab_runner_package_name }}/script.rpm.sh dest: /tmp/gitlab-runner.script.rpm.sh mode: "0744" when: gitlab_runner_skip_package_repo_install is not defined or not gitlab_runner_skip_package_repo_install - name: (RedHat) Install Gitlab repository - command: > + ansible.builtin.command: > {% if ansible_distribution == "Rocky" %} env os=el dist={{ ansible_distribution_major_version }} {% endif %} @@ -18,22 +18,22 @@ when: gitlab_runner_skip_package_repo_install is not defined or not gitlab_runner_skip_package_repo_install - name: (RedHat) Update gitlab_runner_package_name - set_fact: + ansible.builtin.set_fact: gitlab_runner_package: "{{ gitlab_runner_package_name }}-{{ gitlab_runner_package_version }}" gitlab_runner_package_state: present when: gitlab_runner_package_version is defined - name: (RedHat) Set gitlab_runner_package_name - set_fact: + ansible.builtin.set_fact: gitlab_runner_package: "{{ gitlab_runner_package_name }}" gitlab_runner_package_state: latest when: gitlab_runner_package_version is not defined - name: (RedHat) Install GitLab Runner - package: + ansible.builtin.package: name: "{{ gitlab_runner_package }}" state: "{{ gitlab_runner_package_state }}" become: true - name: Set systemd reload options - import_tasks: systemd-reload.yml + ansible.builtin.import_tasks: systemd-reload.yml diff --git a/tasks/install-windows.yml b/tasks/install-windows.yml index 61d19aa..3a0dc48 100644 --- a/tasks/install-windows.yml +++ b/tasks/install-windows.yml @@ -2,47 +2,47 @@ - name: (Windows) PRE-CHECK GitLab Runner exists block: - name: (Windows) Check gitlab-runner executable exists - win_stat: + ansible.windows.win_stat: path: "{{ gitlab_runner_executable }}" register: gitlab_runner_exists - name: (Windows) Set fact -> gitlab_runner_exists - set_fact: + ansible.builtin.set_fact: gitlab_runner_exists: "{{ gitlab_runner_exists.stat.exists }}" - name: (Windows) Get existing version - win_shell: "{{ gitlab_runner_executable }} --version | Select-String 'Version:' -CaseSensitive | %{ $_.Line.Split(' ')[-1].Trim(); }" + ansible.windows.win_shell: "{{ gitlab_runner_executable }} --version | Select-String 'Version:' -CaseSensitive | %{ $_.Line.Split(' ')[-1].Trim(); }" register: existing_version_shell failed_when: false check_mode: false changed_when: false - name: (Windows) Set fact -> gitlab_runner_existing_version - set_fact: + ansible.builtin.set_fact: gitlab_runner_existing_version: "{{ existing_version_shell.stdout | trim if existing_version_shell.rc == 0 else '0' }}" - name: (Windows) INSTALL GitLab Runner for Windows block: - name: (Windows) Ensure install directory exists - win_file: + ansible.windows.win_file: path: "{{ gitlab_runner_install_directory }}" state: directory - name: (Windows) Download GitLab Runner - win_get_url: + ansible.windows.win_get_url: url: "{{ gitlab_runner_download_url }}" dest: "{{ gitlab_runner_executable }}" force: true - name: (Windows) Install GitLab Runner - win_command: "{{ gitlab_runner_executable }} install" + ansible.windows.win_command: "{{ gitlab_runner_executable }} install" args: chdir: "{{ gitlab_runner_config_file_location }}" when: (gitlab_runner_windows_service_user | length == 0) or (gitlab_runner_windows_service_password | length == 0) - name: (Windows) Install GitLab Runner - win_command: '{{ gitlab_runner_executable }} install --user "{{ gitlab_runner_windows_service_user }}" --password "{{ gitlab_runner_windows_service_password - }}"' # noqa 204 + ansible.windows.win_command: '{{ gitlab_runner_executable }} install --user "{{ gitlab_runner_windows_service_user }}" --password "{{ gitlab_runner_windows_service_password + }}"' args: chdir: "{{ gitlab_runner_config_file_location }}" when: @@ -52,7 +52,7 @@ when: (not gitlab_runner_exists) - name: (Windows) Make sure runner is stopped - win_command: "{{ gitlab_runner_executable }} stop" + ansible.windows.win_command: "{{ gitlab_runner_executable }} stop" ignore_errors: true when: - gitlab_runner_exists @@ -60,7 +60,7 @@ - name: (Windows) UPGRADE GitLab Runner for Windows block: - name: (Windows) Download GitLab Runner - win_get_url: + ansible.windows.win_get_url: url: "{{ gitlab_runner_download_url }}" dest: "{{ gitlab_runner_executable }}" force: true diff --git a/tasks/line-config-runner-windows.yml b/tasks/line-config-runner-windows.yml index 0f2de57..3eb754d 100644 --- a/tasks/line-config-runner-windows.yml +++ b/tasks/line-config-runner-windows.yml @@ -1,12 +1,12 @@ --- - name: (Windows) {{ line_name_prefix }} Ensure section exists - win_lineinfile: + community.windows.win_lineinfile: path: "{{ temp_runner_config.path }}" regexp: ^(\s*)\[{{ section|regex_escape }}\]$ line: '{{ " " * (section.split(".")|length -1) }}[{{ section }}]' - name: (Windows) {{ line_name_prefix }} Modify existing line - win_lineinfile: + community.windows.win_lineinfile: path: "{{ temp_runner_config.path }}" insertafter: \s+\[{{ section | regex_escape }}\] regexp: ^(\s*)({{ line | regex_escape }}|{{ line | regex_escape }}) =.* @@ -15,7 +15,7 @@ when: not '.' in line - name: (Windows) {{ line_name_prefix }} Modify existing line to_json - win_lineinfile: + community.windows.win_lineinfile: path: "{{ temp_runner_config.path }}" insertafter: \s+\[{{ section | regex_escape }}\] regexp: ^(\s*)({{ line | to_json | regex_escape }}|{{ line | regex_escape }}) =.* diff --git a/tasks/line-config-runner.yml b/tasks/line-config-runner.yml index db6446b..f1300a9 100644 --- a/tasks/line-config-runner.yml +++ b/tasks/line-config-runner.yml @@ -1,12 +1,12 @@ --- - name: "{{ line_name_prefix }} Ensure section exists" - lineinfile: + ansible.builtin.lineinfile: path: "{{ temp_runner_config.path }}" regexp: ^(\s*)\[{{ section|regex_escape }}\]$ line: '{{ " " * (section.split(".")|length -1) }}[{{ section }}]' - name: "{{ line_name_prefix }} Modify existing line" - lineinfile: + ansible.builtin.lineinfile: path: "{{ temp_runner_config.path }}" insertafter: \s+\[{{ section | regex_escape }}\] regexp: ^(\s*)({{ line | regex_escape }}|{{ line | regex_escape }}) = @@ -15,7 +15,7 @@ when: "not '.' in line and not '/' in line" - name: "{{ line_name_prefix }} Modify existing line to_json" - lineinfile: + ansible.builtin.lineinfile: path: "{{ temp_runner_config.path }}" insertafter: \s+\[{{ section | regex_escape }}\] regexp: ^(\s*)({{ line | to_json | regex_escape }}|{{ line | regex_escape }}) = diff --git a/tasks/list-configured-runners-container.yml b/tasks/list-configured-runners-container.yml index 8e54a8f..544ee64 100644 --- a/tasks/list-configured-runners-container.yml +++ b/tasks/list-configured-runners-container.yml @@ -1,6 +1,6 @@ --- - name: List configured runners as json - docker_container: + community.docker.docker_container: name: "{{ gitlab_runner_container_name }}-list" image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}" command: --log-format json list @@ -17,11 +17,11 @@ check_mode: false - name: Initialze runner list - set_fact: + ansible.builtin.set_fact: registered_gitlab_runner_names: [] - name: Create list of configured runners - set_fact: + ansible.builtin.set_fact: registered_gitlab_runner_names: "{{ registered_gitlab_runner_names + [json_item['msg']] }}" vars: json_item: "{{ item | from_json }}" @@ -29,4 +29,4 @@ when: "'Executor' in json_item" - name: Print configured runners - debug: var=registered_gitlab_runner_names + ansible.builtin.debug: var=registered_gitlab_runner_names diff --git a/tasks/list-configured-runners-unix.yml b/tasks/list-configured-runners-unix.yml index aed2025..e65600d 100644 --- a/tasks/list-configured-runners-unix.yml +++ b/tasks/list-configured-runners-unix.yml @@ -1,17 +1,17 @@ --- - name: List configured runners as json - command: "{{ gitlab_runner_executable }} --log-format json list" + ansible.builtin.command: "{{ gitlab_runner_executable }} --log-format json list" register: registered_runners_json_result changed_when: false check_mode: false become: "{{ gitlab_runner_system_mode }}" - name: Initialze runner list - set_fact: + ansible.builtin.set_fact: registered_gitlab_runner_names: [] - name: Create list of configured runners - set_fact: + ansible.builtin.set_fact: registered_gitlab_runner_names: "{{ registered_gitlab_runner_names + [json_item['msg']] }}" vars: json_item: "{{ item | from_json }}" @@ -20,4 +20,4 @@ no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - name: Print registered runners - debug: var=registered_gitlab_runner_names + ansible.builtin.debug: var=registered_gitlab_runner_names diff --git a/tasks/list-configured-runners-windows.yml b/tasks/list-configured-runners-windows.yml index 628ad0f..30cdd07 100644 --- a/tasks/list-configured-runners-windows.yml +++ b/tasks/list-configured-runners-windows.yml @@ -1,6 +1,6 @@ --- - name: List configured runners as json - win_command: "{{ gitlab_runner_executable }} --log-format json list" + ansible.windows.win_command: "{{ gitlab_runner_executable }} --log-format json list" args: chdir: "{{ gitlab_runner_config_file_location }}" register: registered_runners_json_result @@ -8,11 +8,11 @@ check_mode: false - name: Initialze runner list - set_fact: + ansible.builtin.set_fact: registered_gitlab_runner_names: [] - name: Create list of configured runners - set_fact: + ansible.builtin.set_fact: registered_gitlab_runner_names: "{{ registered_gitlab_runner_names + [json_item['msg']] }}" vars: json_item: "{{ item | from_json }}" @@ -20,4 +20,4 @@ when: "'Executor' in json_item" - name: Print registered runners - debug: var=registered_gitlab_runner_names + ansible.builtin.debug: var=registered_gitlab_runner_names diff --git a/tasks/main-container.yml b/tasks/main-container.yml index d262855..9660ea3 100644 --- a/tasks/main-container.yml +++ b/tasks/main-container.yml @@ -1,10 +1,10 @@ --- - name: (Container) Install Gitlab Runner - import_tasks: install-container.yml + ansible.builtin.import_tasks: install-container.yml when: gitlab_runner_container_install - name: (Container) Delete runners which were removed in GitLab - docker_container: + community.docker.docker_container: name: "{{ gitlab_runner_container_name }}-check" image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}" command: verify --delete @@ -20,10 +20,9 @@ changed_when: '"Updated " in verified_runners.container.Output' check_mode: false -- import_tasks: list-configured-runners-container.yml - +- ansible.builtin.import_tasks: list-configured-runners-container.yml - name: (Container) Register GitLab Runner - include_tasks: register-runner-container.yml + ansible.builtin.include_tasks: register-runner-container.yml vars: actual_gitlab_runner_name: "{{ gitlab_runner.name | default(ansible_hostname + '-' + gitlab_runner_index | string) }}" when: gitlab_runner.token is defined or gitlab_runner_registration_token | string | length > 0 @@ -33,18 +32,17 @@ loop_var: gitlab_runner - name: Unregister runners which are not longer configured - include_tasks: unregister-runner-if-not-longer-configured.yml + ansible.builtin.include_tasks: unregister-runner-if-not-longer-configured.yml when: gitlab_unregister_runner_executors_which_are_not_longer_configured - name: (Container) Set global options - import_tasks: global-setup.yml - + ansible.builtin.import_tasks: global-setup.yml - name: (Container) Configure GitLab Runner - include_tasks: config-runners-container.yml + ansible.builtin.include_tasks: config-runners-container.yml when: gitlab_runner_config_update_mode == 'by_config_toml' - name: (Container) Start the container - docker_container: + community.docker.docker_container: name: "{{ gitlab_runner_container_name }}" image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}" restart_policy: "{{ gitlab_runner_container_restart_policy }}" diff --git a/tasks/main-unix.yml b/tasks/main-unix.yml index 958688e..3b86db1 100644 --- a/tasks/main-unix.yml +++ b/tasks/main-unix.yml @@ -1,31 +1,30 @@ --- - name: Install GitLab Runner (Debian) - include_tasks: install-debian.yml + ansible.builtin.include_tasks: install-debian.yml when: ansible_os_family == 'Debian' - name: Install GitLab Runner (RedHat) - include_tasks: install-redhat.yml + ansible.builtin.include_tasks: install-redhat.yml when: ansible_os_family == 'RedHat' - name: Install GitLab Runner (macOS) - include_tasks: install-macos.yml + ansible.builtin.include_tasks: install-macos.yml when: ansible_os_family == 'Darwin' - name: Install GitLab Runner (Arch) - include_tasks: install-arch.yml + ansible.builtin.include_tasks: install-arch.yml when: ansible_os_family == 'Archlinux' - name: (Unix) Delete runners which were removed in GitLab - command: "{{ gitlab_runner_executable }} verify --delete" + ansible.builtin.command: "{{ gitlab_runner_executable }} verify --delete" register: verified_runners changed_when: '"Updated " in verified_runners.stderr' check_mode: false become: "{{ gitlab_runner_system_mode }}" -- import_tasks: list-configured-runners-unix.yml - +- ansible.builtin.import_tasks: list-configured-runners-unix.yml - name: (Unix) Register GitLab Runner - include_tasks: register-runner.yml + ansible.builtin.include_tasks: register-runner.yml vars: actual_gitlab_runner_name: "{{ gitlab_runner.name | default(ansible_hostname + '-' + gitlab_runner_index | string) }}" when: gitlab_runner.token is defined or gitlab_runner_registration_token | string | length > 0 @@ -36,12 +35,11 @@ no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - name: Unregister runners which are not longer configured - include_tasks: unregister-runner-if-not-longer-configured.yml + ansible.builtin.include_tasks: unregister-runner-if-not-longer-configured.yml when: gitlab_unregister_runner_executors_which_are_not_longer_configured - name: Set global options (macOS/Debian/RedHat) - import_tasks: global-setup.yml - + ansible.builtin.import_tasks: global-setup.yml - name: (Unix) Configure GitLab Runner - include_tasks: config-runners.yml + ansible.builtin.include_tasks: config-runners.yml when: gitlab_runner_config_update_mode == 'by_config_toml' diff --git a/tasks/main-windows.yml b/tasks/main-windows.yml index 5b24a80..fec8ca1 100644 --- a/tasks/main-windows.yml +++ b/tasks/main-windows.yml @@ -1,19 +1,17 @@ --- - name: Install GitLab Runner (Windows) - import_tasks: install-windows.yml - + ansible.builtin.import_tasks: install-windows.yml - name: (Windows) Delete runners which were removed in GitLab - win_command: "{{ gitlab_runner_executable }} verify --delete" + ansible.windows.win_command: "{{ gitlab_runner_executable }} verify --delete" args: chdir: "{{ gitlab_runner_config_file_location }}" register: verified_runners changed_when: '"Updated " in verified_runners.stderr' check_mode: false -- import_tasks: list-configured-runners-windows.yml - +- ansible.builtin.import_tasks: list-configured-runners-windows.yml - name: (Windows) Register GitLab Runner - include_tasks: register-runner-windows.yml + ansible.builtin.include_tasks: register-runner-windows.yml vars: actual_gitlab_runner_name: "{{ gitlab_runner.name | default(ansible_hostname + '-' + gitlab_runner_index | string) }}" when: gitlab_runner.token is defined or gitlab_runner_registration_token | string | length > 0 @@ -23,18 +21,17 @@ loop_var: gitlab_runner - name: Unregister runners which are not longer configured - include_tasks: unregister-runner-if-not-longer-configured.yml + ansible.builtin.include_tasks: unregister-runner-if-not-longer-configured.yml when: gitlab_unregister_runner_executors_which_are_not_longer_configured - name: (Windows) Set global options - import_tasks: global-setup-windows.yml - + ansible.builtin.import_tasks: global-setup-windows.yml - name: (Windows) Configure GitLab Runner - include_tasks: config-runners-windows.yml + ansible.builtin.include_tasks: config-runners-windows.yml when: gitlab_runner_config_update_mode == 'by_config_toml' - name: (Windows) Start GitLab Runner - win_command: "{{ gitlab_runner_executable }} start" + ansible.windows.win_command: "{{ gitlab_runner_executable }} start" args: chdir: "{{ gitlab_runner_config_file_location }}" when: gitlab_runner_windows_start_runner diff --git a/tasks/main.yml b/tasks/main.yml index 38ae63e..cfc84ee 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Load platform-specific variables - include_vars: "{{ lookup('first_found', possible_files) }}" + ansible.builtin.include_vars: "{{ lookup('first_found', possible_files) }}" vars: possible_files: files: @@ -11,7 +11,7 @@ - vars - name: Validate GitLab Runner configurations - include_tasks: validate-runner-config.yml + ansible.builtin.include_tasks: validate-runner-config.yml vars: actual_gitlab_runner_name: "{{ gitlab_runner.name|default(ansible_hostname+'-'+gitlab_runner_index|string) }}" loop: "{{ gitlab_runner_runners }}" @@ -23,17 +23,17 @@ - name: Install Gitlab Runner (Container) vars: gitlab_install_target_platform: container - include_tasks: main-container.yml + ansible.builtin.include_tasks: main-container.yml when: gitlab_runner_container_install - name: Install GitLab Runner (Unix) vars: gitlab_install_target_platform: unix - include_tasks: main-unix.yml + ansible.builtin.include_tasks: main-unix.yml when: ansible_os_family != 'Windows' and not gitlab_runner_container_install - name: Install GitLab Runner (Windows) vars: gitlab_install_target_platform: windows - include_tasks: main-windows.yml + ansible.builtin.include_tasks: main-windows.yml when: ansible_os_family == 'Windows' and not gitlab_runner_container_install diff --git a/tasks/register-runner-container.yml b/tasks/register-runner-container.yml index adf6b23..c309497 100644 --- a/tasks/register-runner-container.yml +++ b/tasks/register-runner-container.yml @@ -1,6 +1,6 @@ --- - name: Construct the runner command without secrets - set_fact: + ansible.builtin.set_fact: register_runner_cmd: >- register {% if gitlab_runner_registration_token_type != "authentication-token" %} @@ -135,16 +135,15 @@ dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" register: runner_config_state - - import_tasks: unregister-runner.yml + - ansible.builtin.import_tasks: unregister-runner.yml when: - actual_gitlab_runner_name in registered_gitlab_runner_names - runner_config_state.changed when: gitlab_runner_config_update_mode == 'by_registering' -- import_tasks: list-configured-runners-container.yml - +- ansible.builtin.import_tasks: list-configured-runners-container.yml - name: Register runner to GitLab - docker_container: + community.docker.docker_container: name: "{{ gitlab_runner_container_name }}" image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}" command: > diff --git a/tasks/register-runner-windows.yml b/tasks/register-runner-windows.yml index 2262097..d66f48f 100644 --- a/tasks/register-runner-windows.yml +++ b/tasks/register-runner-windows.yml @@ -1,6 +1,6 @@ --- - name: Construct the runner command without secrets - set_fact: + ansible.builtin.set_fact: register_runner_cmd: >- {{ gitlab_runner_executable }} register {% if gitlab_runner_registration_token_type != "authentication-token" %} @@ -134,16 +134,15 @@ dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" register: runner_config_state - - import_tasks: unregister-runner.yml + - ansible.builtin.import_tasks: unregister-runner.yml when: - actual_gitlab_runner_name in registered_gitlab_runner_names - runner_config_state.changed when: gitlab_runner_config_update_mode == 'by_registering' -- import_tasks: list-configured-runners-windows.yml - +- ansible.builtin.import_tasks: list-configured-runners-windows.yml - name: (Windows) Register runner to GitLab - win_shell: >- + ansible.windows.win_shell: >- {{ register_runner_cmd }} {% if gitlab_runner_registration_token_type == "authentication-token" %} --token '{{ gitlab_runner.token }}' diff --git a/tasks/register-runner.yml b/tasks/register-runner.yml index 8f999f0..330b1a5 100644 --- a/tasks/register-runner.yml +++ b/tasks/register-runner.yml @@ -1,14 +1,15 @@ --- - name: Accept gitlab server self signed cert as valid CA - shell: openssl s_client -connect {{gitlab_server_ip}}:443 -showcerts /dev/null | sed -e '/-----BEGIN/,/-----END/!d' | tee {{tls_ca_file}} >/dev/null + ansible.builtin.shell: openssl s_client -connect {{gitlab_server_ip}}:443 -showcerts /dev/null | sed -e '/-----BEGIN/,/-----END/!d' | tee {{tls_ca_file}} + >/dev/null when: force_accept_gitlab_server_self_signed - name: Update CA bundle with self signe cert of the gitlab server - import_tasks: update-ca-bundle.yml + ansible.builtin.import_tasks: update-ca-bundle.yml when: force_accept_gitlab_server_self_signed - name: Construct the runner command without secrets - set_fact: + ansible.builtin.set_fact: register_runner_cmd: >- {{ gitlab_runner_executable }} register {% if gitlab_runner_registration_token_type != "authentication-token" %} @@ -173,16 +174,15 @@ dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" register: runner_config_state - - import_tasks: unregister-runner.yml + - ansible.builtin.import_tasks: unregister-runner.yml when: - actual_gitlab_runner_name in registered_gitlab_runner_names - runner_config_state.changed when: gitlab_runner_config_update_mode == 'by_registering' -- import_tasks: list-configured-runners-unix.yml - +- ansible.builtin.import_tasks: list-configured-runners-unix.yml - name: Register runner to GitLab - command: > + ansible.builtin.command: > {{ register_runner_cmd }} {% if gitlab_runner_registration_token_type == "authentication-token" %} --token '{{ gitlab_runner.token }}' diff --git a/tasks/section-config-runner-windows.yml b/tasks/section-config-runner-windows.yml index ada1a46..cf6da05 100644 --- a/tasks/section-config-runner-windows.yml +++ b/tasks/section-config-runner-windows.yml @@ -1,5 +1,5 @@ --- -- include_tasks: line-config-runner-windows.yml +- ansible.builtin.include_tasks: line-config-runner-windows.yml vars: line_name_prefix: "{{ sect_name_prefix }} line:[{{ (line_index|int) + 1 }}/{{ gitlab_runner.extra_configs[section]|list|length }}]: " loop: "{{ gitlab_runner.extra_configs[section] | list }}" diff --git a/tasks/section-config-runner.yml b/tasks/section-config-runner.yml index b8c9893..f326890 100644 --- a/tasks/section-config-runner.yml +++ b/tasks/section-config-runner.yml @@ -1,5 +1,5 @@ --- -- include_tasks: line-config-runner.yml +- ansible.builtin.include_tasks: line-config-runner.yml vars: line_name_prefix: "{{ sect_name_prefix }} line:[{{ (line_index|int) + 1 }}/{{ gitlab_runner.extra_configs[section]|list|length }}]: " loop: "{{ gitlab_runner.extra_configs[section] | list }}" diff --git a/tasks/systemd-reload.yml b/tasks/systemd-reload.yml index a493b10..60d637c 100644 --- a/tasks/systemd-reload.yml +++ b/tasks/systemd-reload.yml @@ -1,7 +1,7 @@ --- - name: Ensure /etc/systemd/system/gitlab-runner.service.d/ exists become: true - file: + ansible.builtin.file: path: /etc/systemd/system/gitlab-runner.service.d state: directory owner: root @@ -10,7 +10,7 @@ - name: Add reload command to GitLab Runner system service become: true - copy: + ansible.builtin.copy: dest: /etc/systemd/system/gitlab-runner.service.d/exec-reload.conf content: | [Service] @@ -20,7 +20,7 @@ # https://docs.gitlab.com/runner/configuration/init.html#overriding-systemd - name: Configure graceful stop for GitLab Runner system service become: true - copy: + ansible.builtin.copy: dest: /etc/systemd/system/gitlab-runner.service.d/kill.conf content: | [Service] @@ -31,6 +31,6 @@ - name: Force systemd to reread configs become: true - systemd: + ansible.builtin.systemd: daemon_reload: true when: gitlab_runner_exec_reload.changed or gitlab_runner_kill_timeout diff --git a/tasks/unregister-runner-if-not-longer-configured.yml b/tasks/unregister-runner-if-not-longer-configured.yml index 3a4e527..baf645c 100644 --- a/tasks/unregister-runner-if-not-longer-configured.yml +++ b/tasks/unregister-runner-if-not-longer-configured.yml @@ -1,17 +1,17 @@ --- - name: Get the names of all configured runner executors - set_fact: + ansible.builtin.set_fact: local_gitlab_executor_names: "{{ gitlab_runner_runners | map(attribute='name') | list }}" - name: Find all executors which are not longer configured in ansible - set_fact: + ansible.builtin.set_fact: available_runners_not_longer_configured: "{{ registered_gitlab_runner_names | difference(local_gitlab_executor_names) }}" - name: These runners are going to be unregistered - debug: var=available_runners_not_longer_configured + ansible.builtin.debug: var=available_runners_not_longer_configured when: available_runners_not_longer_configured | length > 0 -- include_tasks: unregister-runner.yml +- ansible.builtin.include_tasks: unregister-runner.yml loop: "{{ available_runners_not_longer_configured }}" loop_control: loop_var: actual_gitlab_runner_name diff --git a/tasks/unregister-runner.yml b/tasks/unregister-runner.yml index 32c67d3..673b6b4 100644 --- a/tasks/unregister-runner.yml +++ b/tasks/unregister-runner.yml @@ -1,6 +1,6 @@ --- - name: (Container) Unregister runner - docker_container: + community.docker.docker_container: name: "{{ gitlab_runner_container_name }}-list" image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}" command: unregister --name '{{ actual_gitlab_runner_name }}' @@ -18,7 +18,7 @@ - gitlab_install_target_platform == 'container' - name: (Windows) Unregister runner - win_command: "{{ gitlab_runner_executable }} unregister --name {{ actual_gitlab_runner_name }}" + ansible.windows.win_command: "{{ gitlab_runner_executable }} unregister --name {{ actual_gitlab_runner_name }}" args: chdir: "{{ gitlab_runner_config_file_location }}" when: diff --git a/tasks/update-ca-bundle.yml b/tasks/update-ca-bundle.yml index 91fd666..9cb6888 100644 --- a/tasks/update-ca-bundle.yml +++ b/tasks/update-ca-bundle.yml @@ -1,25 +1,25 @@ --- - name: install ca package on rhel systems - yum: + ansible.builtin.yum: name: ca-certificates state: present when: ansible_os_family == "RedHat" - name: install ca package on debian systems - apt: + ansible.builtin.apt: name: ca-certificates state: present update_cache: true when: ansible_os_family == "Debian" - name: enable dynamic ca configuration on rhel6 - shell: /bin/update-ca-trust enable + ansible.builtin.shell: /bin/update-ca-trust enable when: ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 6 - name: update trusted ca debian - shell: /usr/sbin/update-ca-certificates + ansible.builtin.shell: /usr/sbin/update-ca-certificates when: ansible_os_family == "Debian" - name: update trusted ca redhat - shell: /bin/update-ca-trust + ansible.builtin.shell: /bin/update-ca-trust when: ansible_os_family == "RedHat" diff --git a/tasks/update-config-runner-windows.yml b/tasks/update-config-runner-windows.yml index dbbe4f2..652e1bc 100644 --- a/tasks/update-config-runner-windows.yml +++ b/tasks/update-config-runner-windows.yml @@ -1,6 +1,6 @@ --- - name: (Windows) {{ runn_name_prefix }} Set "[[runners]]" section - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: \n line: "[[runners]]" @@ -11,7 +11,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set concurrent limit option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*limit =.* line: " limit = {{ gitlab_runner.concurrent_specific|default(0) }}" @@ -22,7 +22,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set coordinator URL - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*url =.* line: " url = {{ gitlab_runner.url|default(gitlab_runner_coordinator_url) | to_json }}" @@ -33,7 +33,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set clone URL - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*clone_url = line: " clone_url = {{ gitlab_runner.clone_url | to_json }}" @@ -45,7 +45,7 @@ when: gitlab_runner.clone_url is defined - name: (Windows) {{ runn_name_prefix }} Set environment option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*environment =.* line: " environment = {{ gitlab_runner.env_vars|default([]) | to_json }}" @@ -56,7 +56,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set pre_get_sources_script - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pre_get_sources_script = line: " pre_get_sources_script = {{ gitlab_runner.pre_get_sources_script | to_json }}" @@ -68,7 +68,7 @@ when: gitlab_runner.pre_get_sources_script is defined - name: (Windows) {{ runn_name_prefix }} Set post_get_sources_script - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*post_get_sources_script = line: " post_get_sources_script = {{ gitlab_runner.post_get_sources_script | to_json }}" @@ -80,7 +80,7 @@ when: gitlab_runner.post_get_sources_script is defined - name: (Windows) {{ runn_name_prefix }} Set pre_build_script - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pre_build_script = line: " pre_build_script = {{ gitlab_runner.pre_build_script | to_json }}" @@ -92,7 +92,7 @@ when: gitlab_runner.pre_build_script is defined - name: (Windows) {{ runn_name_prefix }} Set post_build_script - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*post_build_script = line: " post_build_script = {{ gitlab_runner.post_build_script | to_json }}" @@ -104,7 +104,7 @@ when: gitlab_runner.post_build_script is defined - name: (Windows) {{ runn_name_prefix }} Set runner executor option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*executor =.* line: ' executor = {{ gitlab_runner.executor|default("shell") | to_json }}' @@ -115,7 +115,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set runner shell option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*shell =.* line: ' shell = {{ gitlab_runner.shell|default("") | to_json }}' @@ -126,7 +126,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set output_limit option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*output_limit =.* line: " output_limit = {{ gitlab_runner.output_limit|default(4096) }}" @@ -137,7 +137,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set runner docker image option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*image =.* line: ' image = {{ gitlab_runner.docker_image|default("") | to_json }}' @@ -148,7 +148,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set docker privileged option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*privileged =.* line: " privileged = {{ gitlab_runner.docker_privileged|default(false) | lower }}" @@ -159,7 +159,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set docker volumes option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*volumes =.* line: " volumes = {{ gitlab_runner.docker_volumes|default([])|to_json }}" @@ -170,7 +170,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set docker devices option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*devices =.* line: " devices = {{ gitlab_runner.docker_devices|default([])|to_json }}" @@ -181,7 +181,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set docker network_mode option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*network_mode =.* line: ' network_mode = {{ gitlab_runner.docker_network_mode|default("bridge") | to_json }}' @@ -192,7 +192,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache type option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Type =.* line: ' Type = {{ gitlab_runner.cache_type|default("") | to_json }}' @@ -203,7 +203,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache path option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Path =.* line: ' Path = {{ gitlab_runner.cache_path|default("") | to_json }}' @@ -214,7 +214,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache s3 server address - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*ServerAddress =.* line: ' ServerAddress = {{ gitlab_runner.cache_s3_server_address|default("") | to_json }}' @@ -225,7 +225,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache s3 access key - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccessKey =.* line: ' AccessKey = {{ gitlab_runner.cache_s3_access_key|default("") | to_json }}' @@ -236,7 +236,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache s3 secret key - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*SecretKey =.* line: ' SecretKey = {{ gitlab_runner.cache_s3_secret_key|default("") | to_json }}' @@ -247,7 +247,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache shared option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Shared =.* line: ' Shared = {{ gitlab_runner.cache_shared|default("") | lower }}' @@ -258,7 +258,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache s3 bucket name option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketName =.* line: ' BucketName = {{ gitlab_runner.cache_s3_bucket_name|default("") | to_json }}' @@ -269,7 +269,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache s3 bucket location option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketLocation =.* line: ' BucketLocation = {{ gitlab_runner.cache_s3_bucket_location|default("") | to_json }}' @@ -280,7 +280,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache s3 insecure option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Insecure =.* line: ' Insecure = {{ gitlab_runner.cache_s3_insecure|default("") | lower }}' @@ -291,7 +291,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set ssh user option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*user =.* line: ' user = {{ gitlab_runner.ssh_user|default("") | to_json }}' @@ -302,7 +302,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set ssh host option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*host =.* line: ' host = {{ gitlab_runner.ssh_host|default("") | to_json }}' @@ -313,7 +313,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set ssh port option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*port =.* line: ' port = {{ gitlab_runner.ssh_port|default("") | to_json }}' @@ -324,7 +324,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set ssh password option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*password =.* line: ' password = {{ gitlab_runner.ssh_password|default("") | to_json }}' @@ -335,7 +335,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set ssh identity file option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*identity_file =.* line: ' identity_file = {{ gitlab_runner.ssh_identity_file|default("") | to_json }}' @@ -346,7 +346,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set builds dir file option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*builds_dir =.* line: ' builds_dir = {{ gitlab_runner.builds_dir|default("") | to_json }}' @@ -357,7 +357,7 @@ notify: restart_gitlab_runner_windows - name: (Windows) {{ runn_name_prefix }} Set cache dir file option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*cache_dir =.* line: ' cache_dir = {{ gitlab_runner.cache_dir|default("") | to_json }}' @@ -368,9 +368,8 @@ notify: restart_gitlab_runner_windows - name: (Windows) Remove empty lines - win_shell: (Get-Content {{ temp_runner_config.path }}) | ? {$_.trim() -ne "" } | Set-Content {{ temp_runner_config.path }} - -- include_tasks: section-config-runner-windows.yml + ansible.windows.win_shell: (Get-Content {{ temp_runner_config.path }}) | ? {$_.trim() -ne "" } | Set-Content {{ temp_runner_config.path }} +- ansible.builtin.include_tasks: section-config-runner-windows.yml vars: sect_name_prefix: "{{ runn_name_prefix }} section[{{ (section_index|int) + 1 }}/{{ gitlab_runner.extra_configs|list|length }}]:" loop: "{{ gitlab_runner.extra_configs|list }}" diff --git a/tasks/update-config-runner.yml b/tasks/update-config-runner.yml index 76e4de9..a2d1d71 100644 --- a/tasks/update-config-runner.yml +++ b/tasks/update-config-runner.yml @@ -1,6 +1,6 @@ --- - name: "{{ runn_name_prefix }} Set concurrent limit option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*limit = line: " limit = {{ gitlab_runner.concurrent_specific|default(0) }}" @@ -14,7 +14,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set coordinator URL" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*url = line: " url = {{ gitlab_runner.url|default(gitlab_runner_coordinator_url) | to_json }}" @@ -28,7 +28,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set clone URL" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*clone_url = line: " clone_url = {{ gitlab_runner.clone_url | to_json }}" @@ -43,7 +43,7 @@ when: gitlab_runner.clone_url is defined - name: "{{ runn_name_prefix }} Set environment option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*environment = line: " environment = {{ gitlab_runner.env_vars|default([]) | to_json }}" @@ -57,7 +57,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set pre_get_sources_script" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pre_get_sources_script = line: " pre_get_sources_script = {{ gitlab_runner.pre_get_sources_script | to_json }}" @@ -72,7 +72,7 @@ when: gitlab_runner.pre_get_sources_script is defined - name: "{{ runn_name_prefix }} Set post_get_sources_script" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*post_get_sources_script = line: " post_get_sources_script = {{ gitlab_runner.post_get_sources_script | to_json }}" @@ -86,7 +86,7 @@ when: gitlab_runner.post_get_sources_script is defined - name: "{{ runn_name_prefix }} Set pre_build_script" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pre_build_script = line: " pre_build_script = {{ gitlab_runner.pre_build_script | to_json }}" @@ -101,7 +101,7 @@ when: gitlab_runner.pre_build_script is defined - name: "{{ runn_name_prefix }} Set tls_ca_file" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*tls-ca-file = line: " tls-ca-file = {{ gitlab_runner.tls_ca_file | to_json }}" @@ -116,7 +116,7 @@ when: gitlab_runner.tls_ca_file is defined - name: "{{ runn_name_prefix }} Set post_build_script" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*post_build_script = line: " post_build_script = {{ gitlab_runner.post_build_script | to_json }}" @@ -131,7 +131,7 @@ when: gitlab_runner.post_build_script is defined - name: "{{ runn_name_prefix }} Set runner executor option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*executor = line: ' executor = {{ gitlab_runner.executor|default("shell") | to_json }}' @@ -145,7 +145,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set runner shell option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*shell = line: ' shell = {{ gitlab_runner.shell|default("") | to_json }}' @@ -159,7 +159,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set runner executor section" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.{{ gitlab_runner.executor|default("shell") }}\] line: ' [runners.{{ gitlab_runner.executor|replace("docker+machine","machine")|default("shell") }}]' @@ -173,7 +173,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set output_limit option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*output_limit = line: " output_limit = {{ gitlab_runner.output_limit|default(4096) }}" @@ -188,7 +188,7 @@ #### [runners.docker] section #### - name: "{{ runn_name_prefix }} Set runner docker image option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*image = line: ' image = {{ gitlab_runner.docker_image|default("") | to_json }}' @@ -202,7 +202,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker helper image option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*helper_image = line: ' helper_image = {{ gitlab_runner.docker_helper_image|default("") | to_json }}' @@ -216,7 +216,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker privileged option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*privileged = line: " privileged = {{ gitlab_runner.docker_privileged|default(false) | lower }}" @@ -230,7 +230,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker wait_for_services_timeout option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*wait_for_services_timeout = line: " wait_for_services_timeout = {{ gitlab_runner.docker_wait_for_services_timeout|default(30) }}" @@ -244,7 +244,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker tlsverify option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*tls_verify = line: " tls_verify = {{ gitlab_runner.docker_tlsverify|default(false) | lower }}" @@ -258,7 +258,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker shm_size option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*shm_size = line: " shm_size = {{ gitlab_runner.docker_shm_size|default(false) | lower }}" @@ -272,7 +272,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker disable_cache option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*disable_cache = line: " disable_cache = {{ gitlab_runner.docker_disable_cache|default(false) | lower }}" @@ -286,7 +286,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker DNS option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*dns = line: " dns = {{ gitlab_runner.docker_dns|default(false) | to_json }}" @@ -300,7 +300,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker DNS search option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*dns_search = line: " dns_search = {{ gitlab_runner.docker_dns_search|default(false) | to_json }}" @@ -314,7 +314,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker pull_policy option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pull_policy = line: " pull_policy = {{ gitlab_runner.docker_pull_policy|default([])|to_json }}" @@ -342,7 +342,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker volumes option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*volumes = line: " volumes = {{ gitlab_runner.docker_volumes|default([])|to_json }}" @@ -356,7 +356,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker devices option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*devices = line: " devices = {{ gitlab_runner.docker_devices|default([])|to_json }}" @@ -370,7 +370,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set runner docker network option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*network_mode = line: ' network_mode = {{ gitlab_runner.docker_network_mode|default("bridge") | to_json }}' @@ -384,7 +384,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set tls-cert-file option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*tls-cert-file = line: " tls-cert-file = {{ gitlab_runner.tls_cert_file|default([]) | to_json }}" @@ -398,7 +398,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set tls-key-file option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*tls-key-file = line: " tls-key-file = {{ gitlab_runner.tls_key_file|default([]) | to_json }}" @@ -413,7 +413,7 @@ #### [[runners.docker.services]] section #### - name: "{{ runn_name_prefix }} Set additional services" - blockinfile: + ansible.builtin.blockinfile: dest: "{{ temp_runner_config.path }}" content: "{{ lookup('template', 'config.runners.docker.services.j2') if gitlab_runner.docker_services is defined }}" state: "{{ 'present' if gitlab_runner.docker_services is defined else 'absent' }}" @@ -427,7 +427,7 @@ #### [runners.custom_build_dir] section ##### - name: "{{ runn_name_prefix }} Set custom_build_dir section" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.custom_build_dir\] line: " [runners.custom_build_dir]" @@ -441,7 +441,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set docker custom_build_dir-enabled option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*enabled = line: " enabled = {{ gitlab_runner.custom_build_dir_enabled|default(false) | lower }}" @@ -456,7 +456,7 @@ #### [runners.cache] section #### - name: "{{ runn_name_prefix }} Set cache section" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.cache\] line: " [runners.cache]" @@ -470,7 +470,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache s3 section" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.cache\.s3\] line: " [runners.cache.s3]" @@ -484,7 +484,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache gcs section" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.cache\.gcs\] line: " [runners.cache.gcs]" @@ -498,7 +498,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache azure section" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.cache\.azure\] line: " [runners.cache.azure]" @@ -512,7 +512,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache type option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Type = line: ' Type = {{ gitlab_runner.cache_type|default("") | to_json }}' @@ -526,7 +526,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache path option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Path = line: ' Path = {{ gitlab_runner.cache_path|default("") | to_json }}' @@ -540,7 +540,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache shared option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Shared = line: ' Shared = {{ gitlab_runner.cache_shared|default("") | lower }}' @@ -555,7 +555,7 @@ #### [runners.cache.s3] section #### - name: "{{ runn_name_prefix }} Set cache s3 server addresss" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*ServerAddress = line: ' ServerAddress = {{ gitlab_runner.cache_s3_server_address|default("") | to_json }}' @@ -569,7 +569,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache s3 access key" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccessKey = line: ' AccessKey = {{ gitlab_runner.cache_s3_access_key|default("") | to_json }}' @@ -583,7 +583,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache s3 secret key" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*SecretKey = line: ' SecretKey = {{ gitlab_runner.cache_s3_secret_key|default("") | to_json }}' @@ -597,7 +597,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache s3 bucket name option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketName = line: ' BucketName = {{ gitlab_runner.cache_s3_bucket_name|default("") | to_json }}' @@ -612,7 +612,7 @@ when: gitlab_runner.cache_type is defined and gitlab_runner.cache_type == 's3' - name: "{{ runn_name_prefix }} Set cache s3 bucket location option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketLocation = line: ' BucketLocation = {{ gitlab_runner.cache_s3_bucket_location|default("") | to_json }}' @@ -626,7 +626,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache s3 insecure option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Insecure = line: ' Insecure = {{ gitlab_runner.cache_s3_insecure|default("") | lower }}' @@ -641,7 +641,7 @@ #### [runners.cache.gcs] section #### - name: "{{ runn_name_prefix }} Set cache gcs bucket name" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketName = line: ' BucketName = {{ gitlab_runner.cache_gcs_bucket_name|default("") | to_json }}' @@ -655,7 +655,7 @@ when: gitlab_runner.cache_type is defined and gitlab_runner.cache_type == 'gcs' - name: "{{ runn_name_prefix }} Set cache gcs credentials file" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*CredentialsFile = line: ' CredentialsFile = {{ gitlab_runner.cache_gcs_credentials_file|default("") | to_json }}' @@ -669,7 +669,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache gcs access id" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccessID = line: ' AccessID = {{ gitlab_runner.cache_gcs_access_id|default("") | to_json }}' @@ -683,7 +683,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache gcs private key" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*PrivateKey = line: ' PrivateKey = {{ gitlab_runner.cache_gcs_private_key|default("") | to_json }}' @@ -698,7 +698,7 @@ #### [runners.cache.azure] section #### - name: "{{ runn_name_prefix }} Set cache azure account name" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccountName = line: ' AccountName = {{ gitlab_runner.cache_azure_account_name|default("") | to_json }}' @@ -712,7 +712,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache azure account key" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccountKey = line: ' AccountKey = {{ gitlab_runner.cache_azure_account_key|default("") | to_json }}' @@ -726,7 +726,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache azure container name" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*ContainerName = line: ' ContainerName = {{ gitlab_runner.cache_azure_container_name|default("") | to_json }}' @@ -740,7 +740,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache azure storage domain" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*StorageDomain = line: ' StorageDomain = {{ gitlab_runner.cache_azure_storage_domain|default("") | to_json }}' @@ -755,7 +755,7 @@ #### [runners.ssh] section ##### - name: "{{ runn_name_prefix }} Set ssh user option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*user = line: ' user = {{ gitlab_runner.ssh_user|default("") | to_json }}' @@ -769,7 +769,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set ssh host option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*host = line: ' host = {{ gitlab_runner.ssh_host|default("") | to_json }}' @@ -783,7 +783,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set ssh port option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*port = line: ' port = "{{ gitlab_runner.ssh_port|default("") | to_json }}"' @@ -797,7 +797,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set ssh password option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*password = line: ' password = {{ gitlab_runner.ssh_password|default("") | to_json }}' @@ -811,7 +811,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set ssh identity file option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*identity_file = line: ' identity_file = {{ gitlab_runner.ssh_identity_file|default("") | to_json }}' @@ -826,7 +826,7 @@ #### [runners.virtualbox] section ##### - name: "{{ runn_name_prefix }} Set virtualbox base name option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*base_name = line: " base_name = {{ gitlab_runner.virtualbox_base_name | to_json }}" @@ -841,7 +841,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set virtualbox base snapshot option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*base_snapshot = line: " base_snapshot = {{ gitlab_runner.virtualbox_base_snapshot | to_json }}" @@ -856,7 +856,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set virtualbox base folder option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*base_folder = line: " base_folder = {{ gitlab_runner.virtualbox_base_folder | to_json }}" @@ -871,7 +871,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set virtualbox disable snapshots option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*disable_snapshots = line: " disable_snapshots = {{ gitlab_runner.virtualbox_disable_snapshots|default(false) | to_json }}" @@ -1056,7 +1056,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set builds dir file option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*builds_dir = line: ' builds_dir = {{ gitlab_runner.builds_dir|default("") | to_json }}' @@ -1070,7 +1070,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Set cache dir file option" - lineinfile: + ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*cache_dir = line: ' cache_dir = {{ gitlab_runner.cache_dir|default("") | to_json }}' @@ -1084,7 +1084,7 @@ - restart_gitlab_runner_macos - name: "{{ runn_name_prefix }} Ensure directory permissions" - file: + ansible.builtin.file: dest: "{{ item }}" state: directory owner: "{{ gitlab_runner_runtime_owner|default(omit) }}" @@ -1099,7 +1099,7 @@ when: item|length - name: "{{ runn_name_prefix }} Ensure directory access test" - command: test -r {{ item }} + ansible.builtin.command: /usr/bin/test -r {{ item }} loop: - '{{ gitlab_runner.builds_dir | default("") }}' - '{{ gitlab_runner.cache_dir | default("") }}' @@ -1111,13 +1111,13 @@ ignore_errors: true - name: "{{ runn_name_prefix }} Ensure directory access fail on error" - fail: + ansible.builtin.fail: msg: "Error: user gitlab-runner failed to test access to {{ item.item }}. Check parent folder(s) permissions" loop: "{{ ensure_directory_access.results }}" when: - item.rc is defined and item.rc != 0 -- include_tasks: section-config-runner.yml +- ansible.builtin.include_tasks: section-config-runner.yml vars: sect_name_prefix: "{{ runn_name_prefix }} section[{{ (section_index|int) + 1 }}/{{ gitlab_runner.extra_configs|list|length }}]:" loop: "{{ gitlab_runner.extra_configs|list }}" diff --git a/tasks/validate-runner-config.yml b/tasks/validate-runner-config.yml index 6196904..6af8409 100644 --- a/tasks/validate-runner-config.yml +++ b/tasks/validate-runner-config.yml @@ -2,7 +2,7 @@ - name: "Check for deprecated settings: {{ actual_gitlab_runner_name }}" ansible.builtin.assert: that: - - "setting['name'] not in gitlab_runner" + - setting['name'] not in gitlab_runner fail_msg: "DEPRECATED setting for runner {{ actual_gitlab_runner_name }}: {{ setting.name }} - {{ setting.message }}" quiet: true loop: diff --git a/tests/test.yml b/tests/test.yml index 8016fdd..35c470b 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -2,7 +2,7 @@ - hosts: localhost tasks: - name: Load platform-specific variables - include_vars: "{{ lookup('first_found', possible_files) }}" + ansible.builtin.include_vars: "{{ lookup('first_found', possible_files) }}" vars: possible_files: files: @@ -12,23 +12,23 @@ paths: - vars - name: Copy the mock gitlab CI server - copy: + ansible.builtin.copy: src: mock_gitlab_runner_ci.py dest: ~/mock_gitlab_runner_ci.py when: run_mock_server - name: Ensure mock CI pidfile is absent - file: + ansible.builtin.file: path: ~/mock_ci.pid state: absent when: run_mock_server - name: Start the mock CI - shell: python ~/mock_gitlab_runner_ci.py ~/mock_ci.pid 6060 >~/mock_ci.log 2>&1 + ansible.builtin.shell: python ~/mock_gitlab_runner_ci.py ~/mock_ci.pid 6060 >~/mock_ci.log 2>&1 async: 3600 poll: 0 register: mock_server when: run_mock_server - name: Wait for pidfile to be created - wait_for: + ansible.builtin.wait_for: host: 127.0.0.1 port: 6060 delay: 1 @@ -42,10 +42,10 @@ - hosts: localhost tasks: - name: Get pid mock gitlab CI server - slurp: + ansible.builtin.slurp: src: ~/mock_ci.pid register: pidfile_b64 when: run_mock_server - name: kill the mock CI - command: kill {{ pidfile_b64.content | b64decode }} + ansible.builtin.command: kill {{ pidfile_b64.content | b64decode }} when: run_mock_server From c1ed347f56788251a9cf73efeb6696695da8aa5a Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 11:27:25 +0000 Subject: [PATCH 02/22] fix: add ansible.windows collection requirement Signed-off-by: gardar --- requirements.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 requirements.yml diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..74a2942 --- /dev/null +++ b/requirements.yml @@ -0,0 +1,3 @@ +--- +collections: + - name: ansible.windows From 2fca080ba2303973254a882b17b0e019a1a23720 Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 11:28:54 +0000 Subject: [PATCH 03/22] fix: add community.docker collection requirement Signed-off-by: gardar --- requirements.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements.yml b/requirements.yml index 74a2942..dfc68bb 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,3 +1,4 @@ --- collections: - name: ansible.windows + - name: community.docker From 0d7df1c10807ba849dbdf3286245497ea86a96ad Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 11:32:18 +0000 Subject: [PATCH 04/22] fix: use command module instead of shell where possible Signed-off-by: gardar --- tasks/update-ca-bundle.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/update-ca-bundle.yml b/tasks/update-ca-bundle.yml index 9cb6888..0286fa9 100644 --- a/tasks/update-ca-bundle.yml +++ b/tasks/update-ca-bundle.yml @@ -13,13 +13,13 @@ when: ansible_os_family == "Debian" - name: enable dynamic ca configuration on rhel6 - ansible.builtin.shell: /bin/update-ca-trust enable + ansible.builtin.command: /bin/update-ca-trust enable when: ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 6 - name: update trusted ca debian - ansible.builtin.shell: /usr/sbin/update-ca-certificates + ansible.builtin.command: /usr/sbin/update-ca-certificates when: ansible_os_family == "Debian" - name: update trusted ca redhat - ansible.builtin.shell: /bin/update-ca-trust + ansible.builtin.command: /bin/update-ca-trust when: ansible_os_family == "RedHat" From 5338be42a60a5918fd49ac11b839654eb7ba82af Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 11:37:33 +0000 Subject: [PATCH 05/22] fix: name casting Signed-off-by: gardar --- handlers/main.yml | 12 ++++++++---- tasks/update-ca-bundle.yml | 10 +++++----- tests/test.yml | 2 +- 3 files changed, 14 insertions(+), 10 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 6ec42da..6e7f483 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,25 +1,29 @@ --- # non macOS -- name: restart_gitlab_runner +- name: Restart_gitlab_runner ansible.builtin.service: name=gitlab-runner state={{ gitlab_runner_restart_state }} + listen: restart_gitlab_runner become: true when: ansible_os_family != 'Darwin' and ansible_os_family != 'Windows' and not gitlab_runner_container_install # macOS -- name: restart_gitlab_runner_macos +- name: Restart_gitlab_runner_macos ansible.builtin.command: "{{ gitlab_runner_executable }} restart" + listen: restart_gitlab_runner_macos become: "{{ gitlab_runner_system_mode }}" when: ansible_os_family == 'Darwin' and gitlab_runner_macos_start_runner -- name: restart_gitlab_runner_windows +- name: Restart_gitlab_runner_windows ansible.windows.win_command: "{{ gitlab_runner_executable }} restart" args: chdir: "{{ gitlab_runner_config_file_location }}" + listen: restart_gitlab_runner_windows when: ansible_os_family == 'Windows' and gitlab_runner_windows_start_runner # Container -- name: restart_gitlab_runner_container +- name: Restart_gitlab_runner_container community.docker.docker_container: name: "{{ gitlab_runner_container_name }}" restart: true + listen: restart_gitlab_runner_container when: gitlab_runner_container_install diff --git a/tasks/update-ca-bundle.yml b/tasks/update-ca-bundle.yml index 0286fa9..7e85a9c 100644 --- a/tasks/update-ca-bundle.yml +++ b/tasks/update-ca-bundle.yml @@ -1,25 +1,25 @@ --- -- name: install ca package on rhel systems +- name: Install ca package on rhel systems ansible.builtin.yum: name: ca-certificates state: present when: ansible_os_family == "RedHat" -- name: install ca package on debian systems +- name: Install ca package on debian systems ansible.builtin.apt: name: ca-certificates state: present update_cache: true when: ansible_os_family == "Debian" -- name: enable dynamic ca configuration on rhel6 +- name: Enable dynamic ca configuration on rhel6 ansible.builtin.command: /bin/update-ca-trust enable when: ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 6 -- name: update trusted ca debian +- name: Update trusted ca debian ansible.builtin.command: /usr/sbin/update-ca-certificates when: ansible_os_family == "Debian" -- name: update trusted ca redhat +- name: Update trusted ca redhat ansible.builtin.command: /bin/update-ca-trust when: ansible_os_family == "RedHat" diff --git a/tests/test.yml b/tests/test.yml index 35c470b..b7ced6e 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -46,6 +46,6 @@ src: ~/mock_ci.pid register: pidfile_b64 when: run_mock_server - - name: kill the mock CI + - name: Kill the mock CI ansible.builtin.command: kill {{ pidfile_b64.content | b64decode }} when: run_mock_server From 08d194953a6ca33a8aad164ee616a06db5c72fef Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 11:42:35 +0000 Subject: [PATCH 06/22] fix: no-free-form Signed-off-by: gardar --- handlers/main.yml | 4 +++- tasks/list-configured-runners-container.yml | 3 ++- tasks/list-configured-runners-unix.yml | 3 ++- tasks/list-configured-runners-windows.yml | 3 ++- tasks/unregister-runner-if-not-longer-configured.yml | 3 ++- 5 files changed, 11 insertions(+), 5 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 6e7f483..7621fee 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,7 +1,9 @@ --- # non macOS - name: Restart_gitlab_runner - ansible.builtin.service: name=gitlab-runner state={{ gitlab_runner_restart_state }} + ansible.builtin.service: + name: gitlab-runner + state: "{{ gitlab_runner_restart_state }}" listen: restart_gitlab_runner become: true when: ansible_os_family != 'Darwin' and ansible_os_family != 'Windows' and not gitlab_runner_container_install diff --git a/tasks/list-configured-runners-container.yml b/tasks/list-configured-runners-container.yml index 544ee64..2c914fb 100644 --- a/tasks/list-configured-runners-container.yml +++ b/tasks/list-configured-runners-container.yml @@ -29,4 +29,5 @@ when: "'Executor' in json_item" - name: Print configured runners - ansible.builtin.debug: var=registered_gitlab_runner_names + ansible.builtin.debug: + var: registered_gitlab_runner_names diff --git a/tasks/list-configured-runners-unix.yml b/tasks/list-configured-runners-unix.yml index e65600d..6b746dc 100644 --- a/tasks/list-configured-runners-unix.yml +++ b/tasks/list-configured-runners-unix.yml @@ -20,4 +20,5 @@ no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - name: Print registered runners - ansible.builtin.debug: var=registered_gitlab_runner_names + ansible.builtin.debug: + var: registered_gitlab_runner_names diff --git a/tasks/list-configured-runners-windows.yml b/tasks/list-configured-runners-windows.yml index 30cdd07..ebb55ff 100644 --- a/tasks/list-configured-runners-windows.yml +++ b/tasks/list-configured-runners-windows.yml @@ -20,4 +20,5 @@ when: "'Executor' in json_item" - name: Print registered runners - ansible.builtin.debug: var=registered_gitlab_runner_names + ansible.builtin.debug: + var: registered_gitlab_runner_names diff --git a/tasks/unregister-runner-if-not-longer-configured.yml b/tasks/unregister-runner-if-not-longer-configured.yml index baf645c..8535ddf 100644 --- a/tasks/unregister-runner-if-not-longer-configured.yml +++ b/tasks/unregister-runner-if-not-longer-configured.yml @@ -8,7 +8,8 @@ available_runners_not_longer_configured: "{{ registered_gitlab_runner_names | difference(local_gitlab_executor_names) }}" - name: These runners are going to be unregistered - ansible.builtin.debug: var=available_runners_not_longer_configured + ansible.builtin.debug: + var: available_runners_not_longer_configured when: available_runners_not_longer_configured | length > 0 - ansible.builtin.include_tasks: unregister-runner.yml From e3a3678c1b072bfa55ca18bd1bf767eec6c8a02a Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 12:29:35 +0000 Subject: [PATCH 07/22] fix: key order Signed-off-by: gardar --- tasks/install-macos.yml | 24 ++--- tasks/install-windows.yml | 11 ++- tasks/register-runner-container.yml | 94 ++++++++++---------- tasks/register-runner-windows.yml | 71 +++++++-------- tasks/register-runner.yml | 132 +++++++++++++--------------- 5 files changed, 157 insertions(+), 175 deletions(-) diff --git a/tasks/install-macos.yml b/tasks/install-macos.yml index 388a573..8691ed5 100644 --- a/tasks/install-macos.yml +++ b/tasks/install-macos.yml @@ -11,7 +11,8 @@ gitlab_runner_exists: "{{ gitlab_runner_exists.stat.exists }}" - name: (MacOS) Get existing version - ansible.builtin.shell: "{{ gitlab_runner_executable }} --version | awk '/Version: ([\\d\\.]*)/{print $2}'" + ansible.builtin.shell: + cmd: "set -o pipefail && {{ gitlab_runner_executable }} --version | awk '/Version: ([\\d\\.]*)/{print $2}'" register: existing_version_shell failed_when: false check_mode: false @@ -22,25 +23,25 @@ gitlab_runner_existing_version: "{{ existing_version_shell.stdout if existing_version_shell.rc == 0 else '0' }}" - name: (MacOS) Precreate necessary directories for arm64 architecture + when: gitlab_runner_arch == 'arm64' + become: true block: - name: (MacOS) Precreate gitlab-runner log directory - become: true ansible.builtin.file: path: /usr/local/var/log state: directory + mode: 0755 owner: "{{ ansible_user_id | string }}" - - name: (MacOS) Precreate {{ gitlab_runner_directory }} directory - become: true + - name: (MacOS) Precreate directory {{ gitlab_runner_directory }} ansible.builtin.file: mode: "755" owner: root path: "{{ gitlab_runner_directory }}" state: directory - when: gitlab_runner_arch == 'arm64' - - name: (MacOS) INSTALL GitLab Runner for macOS + when: (not gitlab_runner_exists) block: - name: (MacOS) Download GitLab Runner become: true @@ -52,21 +53,25 @@ - name: (MacOS) Install GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} install" + - name: (MacOS) Start GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} start" when: gitlab_runner_macos_start_runner - when: (not gitlab_runner_exists) - - name: (MacOS) UPGRADE GitLab Runner for macOS + when: + - gitlab_runner_exists + - gitlab_runner_existing_version != gitlab_runner_wanted_version or gitlab_runner_wanted_version == 'latest' block: - name: (MacOS) Stop GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} stop" + - name: (MacOS) Download GitLab Runner ansible.builtin.get_url: url: "{{ gitlab_runner_download_url }}" dest: "{{ gitlab_runner_executable }}" force: true + become: true - name: (MacOS) Setting Permissions for gitlab-runner executable ansible.builtin.file: @@ -78,6 +83,3 @@ - name: (MacOS) Start GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} start" - when: - - gitlab_runner_exists - - gitlab_runner_existing_version != gitlab_runner_wanted_version or gitlab_runner_wanted_version == 'latest' diff --git a/tasks/install-windows.yml b/tasks/install-windows.yml index 3a0dc48..c2cb394 100644 --- a/tasks/install-windows.yml +++ b/tasks/install-windows.yml @@ -22,6 +22,7 @@ gitlab_runner_existing_version: "{{ existing_version_shell.stdout | trim if existing_version_shell.rc == 0 else '0' }}" - name: (Windows) INSTALL GitLab Runner for Windows + when: (not gitlab_runner_exists) block: - name: (Windows) Ensure install directory exists ansible.windows.win_file: @@ -49,21 +50,19 @@ - gitlab_runner_windows_service_user | length > 0 - gitlab_runner_windows_service_password | length > 0 - when: (not gitlab_runner_exists) - - name: (Windows) Make sure runner is stopped ansible.windows.win_command: "{{ gitlab_runner_executable }} stop" - ignore_errors: true + failed_when: false when: - gitlab_runner_exists - name: (Windows) UPGRADE GitLab Runner for Windows + when: + - gitlab_runner_exists + - gitlab_runner_existing_version != gitlab_runner_wanted_version or gitlab_runner_wanted_version == 'latest' block: - name: (Windows) Download GitLab Runner ansible.windows.win_get_url: url: "{{ gitlab_runner_download_url }}" dest: "{{ gitlab_runner_executable }}" force: true - when: - - gitlab_runner_exists - - gitlab_runner_existing_version != gitlab_runner_wanted_version or gitlab_runner_wanted_version == 'latest' diff --git a/tasks/register-runner-container.yml b/tasks/register-runner-container.yml index c309497..2f6532a 100644 --- a/tasks/register-runner-container.yml +++ b/tasks/register-runner-container.yml @@ -3,46 +3,44 @@ ansible.builtin.set_fact: register_runner_cmd: >- register - {% if gitlab_runner_registration_token_type != "authentication-token" %} - --locked='{{ gitlab_runner.locked|default(false) }}' - --tag-list '{{ gitlab_runner.tags|default([]) | join(",") }}' - {% if gitlab_runner.run_untagged|default(true) %} - --run-untagged - {% endif %} - {% if gitlab_runner.protected|default(false) %} - --access-level="ref_protected" - {% endif %} - {% endif %} --non-interactive --url '{{ gitlab_runner.url | default(gitlab_runner_coordinator_url) }}' --description '{{ actual_gitlab_runner_name }}' - {% if gitlab_runner.clone_url|default(false) %} + --tag-list '{{ gitlab_runner.tags | default([]) | join(",") }}' + {% if gitlab_runner.clone_url | default(false) %} --clone-url "{{ gitlab_runner.clone_url }}" {% endif %} - --executor '{{ gitlab_runner.executor|default("shell") }}' - --limit '{{ gitlab_runner.concurrent_specific|default(0) }}' - --output-limit '{{ gitlab_runner.output_limit|default(4096) }}' - {% for env_var in gitlab_runner.env_vars|default([]) %} + {% if gitlab_runner.run_untagged | default(true) %} + --run-untagged + {% endif %} + {% if gitlab_runner.protected | default(false) %} + --access-level="ref_protected" + {% endif %} + --executor '{{ gitlab_runner.executor | default("shell") }}' + --limit '{{ gitlab_runner.concurrent_specific | default(0) }}' + --output-limit '{{ gitlab_runner.output_limit | default(4096) }}' + --locked='{{ gitlab_runner.locked | default(false) }}' + {% for env_var in gitlab_runner.env_vars | default([]) %} --env '{{ env_var }}' {% endfor %} - --docker-image '{{ gitlab_runner.docker_image|default("alpine") }}' - {% if gitlab_runner.docker_privileged|default(false) %} + --docker-image '{{ gitlab_runner.docker_image | default("alpine") }}' + {% if gitlab_runner.docker_privileged | default(false) %} --docker-privileged {% endif %} - {% if gitlab_runner.docker_tlsverify|default(false) %} - --docker-tlsverify '{{ gitlab_runner.docker_tlsverify|default("true") }}' + {% if gitlab_runner.docker_tlsverify | default(false) %} + --docker-tlsverify '{{ gitlab_runner.docker_tlsverify | default("true") }}' {% endif %} - {% if gitlab_runner.docker_dns|default(false) %} - --docker-dns '{{ gitlab_runner.docker_dns|default("1.1.1.1") }}' + {% if gitlab_runner.docker_dns | default(false) %} + --docker-dns '{{ gitlab_runner.docker_dns | default("1.1.1.1") }}' {% endif %} - {% if gitlab_runner.docker_dns_search|default(false) %} - --docker-dns-search '{{ gitlab_runner.docker_dns_search|default([]) }}' + {% if gitlab_runner.docker_dns_search | default(false) %} + --docker-dns-search '{{ gitlab_runner.docker_dns_search | default([]) }}' {% endif %} - {% if gitlab_runner.docker_disable_cache|default(false) %} + {% if gitlab_runner.docker_disable_cache | default(false) %} --docker-disable-cache {% endif %} - {% if gitlab_runner.docker_oom_kill_disable|default(false) %} - --docker-oom-kill-disable '{{ gitlab_runner.docker_oom_kill_disable|default("false") }}' + {% if gitlab_runner.docker_oom_kill_disable | default(false) %} + --docker-oom-kill-disable '{{ gitlab_runner.docker_oom_kill_disable | default("false") }}' {% endif %} {% for volume in gitlab_runner.docker_volumes | default([]) %} --docker-volumes "{{ volume }}" @@ -53,14 +51,14 @@ {% if gitlab_runner.docker_network_mode is defined %} --docker-network-mode '{{ gitlab_runner.docker_network_mode }}' {% endif %} - --ssh-user '{{ gitlab_runner.ssh_user|default("") }}' - --ssh-host '{{ gitlab_runner.ssh_host|default("") }}' - --ssh-port '{{ gitlab_runner.ssh_port|default("") }}' - --ssh-identity-file '{{ gitlab_runner.ssh_identity_file|default("") }}' + --ssh-user '{{ gitlab_runner.ssh_user | default("") }}' + --ssh-host '{{ gitlab_runner.ssh_host | default("") }}' + --ssh-port '{{ gitlab_runner.ssh_port | default("") }}' + --ssh-identity-file '{{ gitlab_runner.ssh_identity_file | default("") }}' {% if gitlab_runner.cache_type is defined %} --cache-type '{{ gitlab_runner.cache_type }}' {% endif %} - {% if gitlab_runner.cache_shared|default(false) %} + {% if gitlab_runner.cache_shared | default(false) %} --cache-shared {% endif %} {% if gitlab_runner.cache_path is defined %} @@ -96,13 +94,13 @@ {% if gitlab_runner.cache_azure_storage_domain is defined %} --cache-azure-storage-domain '{{ gitlab_runner.cache_azure_storage_domain }}' {% endif %} - {% if gitlab_runner.builds_dir|default(false) %} + {% if gitlab_runner.builds_dir | default(false) %} --builds-dir '{{ gitlab_runner.builds_dir }}' {% endif %} - {% if gitlab_runner.cache_dir|default(false) %} + {% if gitlab_runner.cache_dir | default(false) %} --cache-dir '{{ gitlab_runner.cache_dir }}' {% endif %} - {% if gitlab_runner.cache_s3_insecure|default(false) %} + {% if gitlab_runner.cache_s3_insecure | default(false) %} --cache-s3-insecure {% endif %} {% if gitlab_runner.extra_registration_option is defined %} @@ -110,18 +108,15 @@ {% endif %} - name: Apply updates (if any) by unregister the runner and let it then register later on + when: gitlab_runner_config_update_mode == 'by_registering' block: - name: Check if the configuration has changed since the last run ansible.builtin.copy: content: > {{ register_runner_cmd }} - {% if gitlab_runner_registration_token_type == "authentication-token" %} - --token '{{ gitlab_runner.token|hash("sha1") }}' - {% else %} - --registration-token '{{ gitlab_runner.token|default(gitlab_runner_registration_token)|hash("sha1") }}' - {% endif %} + --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) | hash("sha1") }}' {% if gitlab_runner.cache_s3_secret_key is defined %} - --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key|hash("sha1") }}' + --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key | hash("sha1") }}' {% endif %} {% if gitlab_runner.cache_gcs_private_key is defined %} --cache-gcs-private-key '{{ gitlab_runner.cache_gcs_private_key }}' @@ -130,29 +125,28 @@ --cache-azure-account-key '{{ gitlab_runner.cache_azure_account_key }}' {% endif %} {% if gitlab_runner.ssh_password is defined %} - --ssh-password '{{ gitlab_runner.ssh_password|hash("sha1") }}' + --ssh-password '{{ gitlab_runner.ssh_password | hash("sha1") }}' {% endif %} dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" + mode: 0644 register: runner_config_state - - ansible.builtin.import_tasks: unregister-runner.yml + - name: Unregister runner + ansible.builtin.import_tasks: unregister-runner.yml when: - actual_gitlab_runner_name in registered_gitlab_runner_names - runner_config_state.changed - when: gitlab_runner_config_update_mode == 'by_registering' -- ansible.builtin.import_tasks: list-configured-runners-container.yml +- name: List configured runners + ansible.builtin.import_tasks: list-configured-runners-container.yml + - name: Register runner to GitLab community.docker.docker_container: name: "{{ gitlab_runner_container_name }}" image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}" command: > {{ register_runner_cmd }} - {% if gitlab_runner_registration_token_type == "authentication-token" %} - --token '{{ gitlab_runner.token }}' - {% else %} - --registration-token '{{ gitlab_runner.token|default(gitlab_runner_registration_token) }}' - {% endif %} + --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) }}' {% if gitlab_runner.cache_s3_secret_key is defined %} --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key }}' {% endif %} @@ -174,5 +168,5 @@ network_mode: "{{ gitlab_runner_container_network }}" when: - actual_gitlab_runner_name not in registered_gitlab_runner_names - - gitlab_runner.state|default('present') == 'present' + - gitlab_runner.state | default('present') == 'present' no_log: false diff --git a/tasks/register-runner-windows.yml b/tasks/register-runner-windows.yml index d66f48f..2aef5a0 100644 --- a/tasks/register-runner-windows.yml +++ b/tasks/register-runner-windows.yml @@ -3,36 +3,34 @@ ansible.builtin.set_fact: register_runner_cmd: >- {{ gitlab_runner_executable }} register - {% if gitlab_runner_registration_token_type != "authentication-token" %} - --locked='{{ gitlab_runner.locked|default(false) }}' - --tag-list '{{ gitlab_runner.tags|default([]) | join(",") }}' - {% if gitlab_runner.run_untagged|default(true) %} - --run-untagged - {% endif %} - {% if gitlab_runner.protected|default(false) %} - --access-level="ref_protected" - {% endif %} - {% endif %} --non-interactive - --url '{{ gitlab_runner.url|default(gitlab_runner_coordinator_url) }}' + --url '{{ gitlab_runner.url | default(gitlab_runner_coordinator_url) }}' --description '{{ actual_gitlab_runner_name }}' - {% if gitlab_runner.clone_url|default(false) %} + --tag-list '{{ gitlab_runner.tags | default([]) | join(",") }}' + {% if gitlab_runner.clone_url | default(false) %} --clone-url "{{ gitlab_runner.clone_url }}" {% endif %} - --executor '{{ gitlab_runner.executor|default("shell") }}' + {% if gitlab_runner.run_untagged | default(true) %} + --run-untagged + {% endif %} + {% if gitlab_runner.protected | default(false) %} + --access-level="ref_protected" + {% endif %} + --executor '{{ gitlab_runner.executor | default("shell") }}' {% if gitlab_runner.shell is defined %} --shell '{{ gitlab_runner.shell }}' {% endif %} - --limit '{{ gitlab_runner.concurrent_specific|default(0) }}' - --output-limit '{{ gitlab_runner.output_limit|default(4096) }}' - {% for env_var in gitlab_runner.env_vars|default([]) %} + --limit '{{ gitlab_runner.concurrent_specific | default(0) }}' + --output-limit '{{ gitlab_runner.output_limit | default(4096) }}' + --locked='{{ gitlab_runner.locked | default(false) }}' + {% for env_var in gitlab_runner.env_vars | default([]) %} --env '{{ env_var }}' {% endfor %} - {% if gitlab_runner.tls_ca_file|default(false) %} + {% if gitlab_runner.tls_ca_file | default(false) %} --tls-ca-file "{{ gitlab_runner.tls_ca_file }}" {% endif %} - --docker-image '{{ gitlab_runner.docker_image|default("alpine") }}' - {% if gitlab_runner.docker_privileged|default(false) %} + --docker-image '{{ gitlab_runner.docker_image | default("alpine") }}' + {% if gitlab_runner.docker_privileged | default(false) %} --docker-privileged {% endif %} {% for volume in gitlab_runner.docker_volumes | default([]) %} @@ -59,7 +57,7 @@ {% if gitlab_runner.cache_type is defined %} --cache-type '{{ gitlab_runner.cache_type }}' {% endif %} - {% if gitlab_runner.cache_shared|default(false) %} + {% if gitlab_runner.cache_shared | default(false) %} --cache-shared {% endif %} {% if gitlab_runner.cache_path is defined %} @@ -95,13 +93,13 @@ {% if gitlab_runner.cache_azure_storage_domain is defined %} --cache-azure-storage-domain '{{ gitlab_runner.cache_azure_storage_domain }}' {% endif %} - {% if gitlab_runner.builds_dir|default(false) %} + {% if gitlab_runner.builds_dir | default(false) %} --builds-dir '{{ gitlab_runner.builds_dir }}' {% endif %} - {% if gitlab_runner.cache_dir|default(false) %} + {% if gitlab_runner.cache_dir | default(false) %} --cache-dir '{{ gitlab_runner.cache_dir }}' {% endif %} - {% if gitlab_runner.cache_s3_insecure|default(false) %} + {% if gitlab_runner.cache_s3_insecure | default(false) %} --cache-s3-insecure {% endif %} {% if gitlab_runner.extra_registration_option is defined %} @@ -109,18 +107,15 @@ {% endif %} - name: Apply updates (if any) by unregister the runner and let it then register later on + when: gitlab_runner_config_update_mode == 'by_registering' block: - name: Check if the configuration has changed since the last run ansible.builtin.copy: content: >- {{ register_runner_cmd }} - {% if gitlab_runner_registration_token_type == "authentication-token" %} - --token '{{ gitlab_runner.token|hash("sha1") }}' - {% else %} - --registration-token '{{ gitlab_runner.token|default(gitlab_runner_registration_token)|hash("sha1") }}' - {% endif %} + --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) | hash("sha1") }}' {% if gitlab_runner.cache_s3_secret_key is defined %} - --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key|hash("sha1") }}' + --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key | hash("sha1") }}' {% endif %} {% if gitlab_runner.cache_gcs_private_key is defined %} --cache-gcs-private-key '{{ gitlab_runner.cache_gcs_private_key }}' @@ -129,26 +124,24 @@ --cache-azure-account-key '{{ gitlab_runner.cache_azure_account_key }}' {% endif %} {% if gitlab_runner.ssh_password is defined %} - --ssh-password '{{ gitlab_runner.ssh_password|hash("sha1") }}' + --ssh-password '{{ gitlab_runner.ssh_password | hash("sha1") }}' {% endif %} dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" register: runner_config_state - - ansible.builtin.import_tasks: unregister-runner.yml + - name: Unregister runner + ansible.builtin.import_tasks: unregister-runner.yml when: - actual_gitlab_runner_name in registered_gitlab_runner_names - runner_config_state.changed - when: gitlab_runner_config_update_mode == 'by_registering' -- ansible.builtin.import_tasks: list-configured-runners-windows.yml +- name: List configured runners + ansible.builtin.import_tasks: list-configured-runners-windows.yml + - name: (Windows) Register runner to GitLab ansible.windows.win_shell: >- {{ register_runner_cmd }} - {% if gitlab_runner_registration_token_type == "authentication-token" %} - --token '{{ gitlab_runner.token }}' - {% else %} - --registration-token '{{ gitlab_runner.token|default(gitlab_runner_registration_token) }}' - {% endif %} + --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) }}' {% if gitlab_runner.cache_s3_secret_key is defined %} --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key }}' {% endif %} @@ -163,6 +156,6 @@ {% endif %} when: - actual_gitlab_runner_name not in registered_gitlab_runner_names - - gitlab_runner.state|default('present') == 'present' + - gitlab_runner.state | default('present') == 'present' args: chdir: "{{ gitlab_runner_config_file_location }}" diff --git a/tasks/register-runner.yml b/tasks/register-runner.yml index 330b1a5..5646a19 100644 --- a/tasks/register-runner.yml +++ b/tasks/register-runner.yml @@ -1,8 +1,11 @@ --- - name: Accept gitlab server self signed cert as valid CA - ansible.builtin.shell: openssl s_client -connect {{gitlab_server_ip}}:443 -showcerts /dev/null | sed -e '/-----BEGIN/,/-----END/!d' | tee {{tls_ca_file}} - >/dev/null + ansible.builtin.shell: | + set -o pipefail + openssl s_client -connect {{gitlab_server_ip}}:443 -showcerts /dev/null | + sed -e '/-----BEGIN/,/-----END/!d' | tee {{tls_ca_file}} >/dev/null when: force_accept_gitlab_server_self_signed + changed_when: true - name: Update CA bundle with self signe cert of the gitlab server ansible.builtin.import_tasks: update-ca-bundle.yml @@ -12,91 +15,86 @@ ansible.builtin.set_fact: register_runner_cmd: >- {{ gitlab_runner_executable }} register - {% if gitlab_runner_registration_token_type != "authentication-token" %} - --locked='{{ gitlab_runner.locked|default(false) }}' - --tag-list '{{ gitlab_runner.tags|default([]) | join(",") }}' - {% if gitlab_runner.run_untagged|default(true) %} - --run-untagged - {% endif %} - {% if gitlab_runner.protected|default(false) %} - --access-level="ref_protected" - {% endif %} - {% endif %} --non-interactive - --url '{{ gitlab_runner.url|default(gitlab_runner_coordinator_url) }}' + --url '{{ gitlab_runner.url | default(gitlab_runner_coordinator_url) }}' --name '{{ actual_gitlab_runner_name }}' - {% if gitlab_runner.clone_url|default(false) %} + --tag-list '{{ gitlab_runner.tags | default([]) | join(",") }}' + {% if gitlab_runner.clone_url | default(false) %} --clone-url "{{ gitlab_runner.clone_url }}" {% endif %} - --executor '{{ gitlab_runner.executor|default("shell") }}' + {% if gitlab_runner.run_untagged | default(true) %} + --run-untagged + {% endif %} + {% if gitlab_runner.protected | default(false) %} + --access-level="ref_protected" + {% endif %} + --executor '{{ gitlab_runner.executor | default("shell") }}' {% if gitlab_runner.shell is defined %} --shell '{{ gitlab_runner.shell }}' {% endif %} - --limit '{{ gitlab_runner.concurrent_specific|default(0) }}' - --output-limit '{{ gitlab_runner.output_limit|default(4096) }}' - {% for env_var in gitlab_runner.env_vars|default([]) %} + --limit '{{ gitlab_runner.concurrent_specific | default(0) }}' + --output-limit '{{ gitlab_runner.output_limit | default(4096) }}' + --locked='{{ gitlab_runner.locked | default(false) }}' + {% for env_var in gitlab_runner.env_vars | default([]) %} --env '{{ env_var }}' {% endfor %} - {% if gitlab_runner.tls_ca_file|default(false) %} + {% if gitlab_runner.tls_ca_file | default(false) %} --tls-ca-file "{{ gitlab_runner.tls_ca_file }}" {% endif %} - --docker-image '{{ gitlab_runner.docker_image|default("alpine") }}' + --docker-image '{{ gitlab_runner.docker_image | default("alpine") }}' {% if gitlab_runner.docker_helper_image is defined %} --docker-helper-image "{{ gitlab_runner.docker_helper_image }}" {% endif %} - {% if gitlab_runner.docker_privileged|default(false) %} + {% if gitlab_runner.docker_privileged | default(false) %} --docker-privileged {% endif %} - {% if gitlab_runner.docker_wait_for_services_timeout|default(false) %} - --docker-wait-for-services-timeout '{{ gitlab_runner.docker_wait_for_services_timeout|default(30) }}' + {% if gitlab_runner.docker_wait_for_services_timeout | default(false) %} + --docker-wait-for-services-timeout '{{ gitlab_runner.docker_wait_for_services_timeout | default(30) }}' {% endif %} - {% if gitlab_runner.docker_tlsverify|default(false) %} - --docker-tlsverify='{{ gitlab_runner.docker_tlsverify|default("true") }}' + {% if gitlab_runner.docker_tlsverify | default(false) %} + --docker-tlsverify '{{ gitlab_runner.docker_tlsverify | default("true") }}' {% endif %} - {% if gitlab_runner.docker_disable_cache|default(false) %} - --docker-disable-cache '{{ gitlab_runner.docker_disable_cache|default("false") }}' + {% if gitlab_runner.docker_disable_cache | default(false) %} + --docker-disable-cache '{{ gitlab_runner.docker_disable_cache | default("false") }}' {% endif %} - {% if gitlab_runner.docker_dns|default(false) %} - --docker-dns '{{ gitlab_runner.docker_dns|default("1.1.1.1") }}' + {% if gitlab_runner.docker_dns | default(false) %} + --docker-dns '{{ gitlab_runner.docker_dns | default("1.1.1.1") }}' {% endif %} - {% if gitlab_runner.docker_dns_search|default(false) %} - --docker-dns-search '{{ gitlab_runner.docker_dns_search|default([]) }}' + {% if gitlab_runner.docker_dns_search | default(false) %} + --docker-dns-search '{{ gitlab_runner.docker_dns_search | default([]) }}' {% endif %} - {% if gitlab_runner.docker_disable_cache|default(false) %} + {% if gitlab_runner.docker_disable_cache | default(false) %} --docker-disable-cache {% endif %} - {% if gitlab_runner.docker_oom_kill_disable|default(false) %} - --docker-oom-kill-disable '{{ gitlab_runner.docker_oom_kill_disable|default("false") }}' + {% if gitlab_runner.docker_oom_kill_disable | default(false) %} + --docker-oom-kill-disable '{{ gitlab_runner.docker_oom_kill_disable | default("false") }}' {% endif %} - {% for policy in gitlab_runner.docker_allowed_pull_policies|default([]) %} - --docker-allowed-pull-policies "{{ policy }}" - {% endfor %} - {% for policy in gitlab_runner.docker_pull_policy|default([]) %} + {% for policy in gitlab_runner.docker_pull_policy | default([]) %} --docker-pull-policy "{{ policy }}" {% endfor %} - {% for volume in gitlab_runner.docker_volumes|default([]) %} + {% for volume in gitlab_runner.docker_volumes | default([]) %} --docker-volumes "{{ volume }}" {% endfor %} - {% for device in gitlab_runner.docker_devices|default([]) %} + {% for device in gitlab_runner.docker_devices | default([]) %} --docker-devices "{{ device }}" {% endfor %} {% if gitlab_runner.docker_network_mode is defined %} --docker-network-mode '{{ gitlab_runner.docker_network_mode }}' {% endif %} - --ssh-user '{{ gitlab_runner.ssh_user|default("") }}' - --ssh-host '{{ gitlab_runner.ssh_host|default("") }}' - --ssh-port '{{ gitlab_runner.ssh_port|default("") }}' - --ssh-identity-file '{{ gitlab_runner.ssh_identity_file|default("") }}' + --ssh-user '{{ gitlab_runner.ssh_user | default("") }}' + --ssh-host '{{ gitlab_runner.ssh_host | default("") }}' + --ssh-port '{{ gitlab_runner.ssh_port | default("") }}' + --ssh-identity-file '{{ gitlab_runner.ssh_identity_file | default("") }}' {% if gitlab_runner.executor == "virtualbox" and gitlab_runner.virtualbox_base_name %} --virtualbox-base-name '{{ gitlab_runner.virtualbox_base_name }}' - --virtualbox-base-snapshot '{{ gitlab_runner.virtualbox_base_snapshot|default("") }}' - --virtualbox-base-folder '{{ gitlab_runner.virtualbox_base_folder|default("") }}' - --virtualbox-disable-snapshots='{{ gitlab_runner.virtualbox_disable_snapshots|default(false) }}' + --virtualbox-base-snapshot '{{ gitlab_runner.virtualbox_base_snapshot | default("") }}' + --virtualbox-base-folder '{{ gitlab_runner.virtualbox_base_folder | default("") }}' + --virtualbox-disable-snapshots='{{ gitlab_runner.virtualbox_disable_snapshots | default(false) }}' {% endif %} {% if gitlab_runner.cache_type is defined %} --cache-type '{{ gitlab_runner.cache_type }}' {% endif %} - {% if gitlab_runner.cache_shared|default(false) %} + {% if gitlab_runner.cache_shared | default(false) %} --cache-shared {% endif %} {% if gitlab_runner.cache_path is defined %} @@ -132,16 +130,16 @@ {% if gitlab_runner.cache_azure_storage_domain is defined %} --cache-azure-storage-domain '{{ gitlab_runner.cache_azure_storage_domain }}' {% endif %} - {% if gitlab_runner.builds_dir|default(false) %} + {% if gitlab_runner.builds_dir | default(false) %} --builds-dir '{{ gitlab_runner.builds_dir }}' {% endif %} - {% if gitlab_runner.custom_build_dir_enabled|default(false) %} + {% if gitlab_runner.custom_build_dir_enabled | default(false) %} --custom_build_dir-enabled '{{ gitlab_runner.custom_build_dir_enabled }}' {% endif %} - {% if gitlab_runner.cache_dir|default(false) %} + {% if gitlab_runner.cache_dir | default(false) %} --cache-dir '{{ gitlab_runner.cache_dir }}' {% endif %} - {% if gitlab_runner.cache_s3_insecure|default(false) %} + {% if gitlab_runner.cache_s3_insecure | default(false) %} --cache-s3-insecure {% endif %} {% if gitlab_runner.extra_registration_option is defined %} @@ -149,18 +147,15 @@ {% endif %} - name: Apply updates (if any) by unregister the runner and let it then register later on + when: gitlab_runner_config_update_mode == 'by_registering' block: - name: Check if the configuration has changed since the last run ansible.builtin.copy: content: > {{ register_runner_cmd }} - {% if gitlab_runner_registration_token_type == "authentication-token" %} - --token '{{ gitlab_runner.token|hash("sha1") }}' - {% else %} - --registration-token '{{ gitlab_runner.token|default(gitlab_runner_registration_token)|hash("sha1") }}' - {% endif %} + --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) | hash("sha1") }}' {% if gitlab_runner.cache_s3_secret_key is defined %} - --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key|hash("sha1") }}' + --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key | hash("sha1") }}' {% endif %} {% if gitlab_runner.cache_gcs_private_key is defined %} --cache-gcs-private-key '{{ gitlab_runner.cache_gcs_private_key }}' @@ -169,26 +164,25 @@ --cache-azure-account-key '{{ gitlab_runner.cache_azure_account_key }}' {% endif %} {% if gitlab_runner.ssh_password is defined %} - --ssh-password '{{ gitlab_runner.ssh_password|hash("sha1") }}' + --ssh-password '{{ gitlab_runner.ssh_password | hash("sha1") }}' {% endif %} dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" + mode: 0644 register: runner_config_state - - ansible.builtin.import_tasks: unregister-runner.yml + - name: Unregister runner + ansible.builtin.import_tasks: unregister-runner.yml when: - actual_gitlab_runner_name in registered_gitlab_runner_names - runner_config_state.changed - when: gitlab_runner_config_update_mode == 'by_registering' -- ansible.builtin.import_tasks: list-configured-runners-unix.yml +- name: List configured runners + ansible.builtin.import_tasks: list-configured-runners-unix.yml + - name: Register runner to GitLab ansible.builtin.command: > {{ register_runner_cmd }} - {% if gitlab_runner_registration_token_type == "authentication-token" %} - --token '{{ gitlab_runner.token }}' - {% else %} - --registration-token '{{ gitlab_runner.token|default(gitlab_runner_registration_token) }}' - {% endif %} + --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) }}' {% if gitlab_runner.cache_s3_secret_key is defined %} --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key }}' {% endif %} @@ -203,6 +197,6 @@ {% endif %} when: - actual_gitlab_runner_name not in registered_gitlab_runner_names - - gitlab_runner.state|default('present') == 'present' - no_log: "{{ gitlab_runner_no_log_secrets | default(true) }}" + - gitlab_runner.state | default('present') == 'present' + no_log: true become: "{{ gitlab_runner_system_mode }}" From 269d2f0e2a8940874f7cef2cebb0278f3655cc66 Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 15:43:32 +0000 Subject: [PATCH 08/22] fix: task names Signed-off-by: gardar --- meta/main.yml | 2 +- tasks/config-runner-container.yml | 11 +- tasks/config-runner-windows.yml | 11 +- tasks/config-runner.yml | 12 +- tasks/line-config-runner-windows.yml | 12 +- tasks/line-config-runner.yml | 14 +- tasks/main-container.yml | 5 +- tasks/main-unix.yml | 5 +- tasks/main-windows.yml | 5 +- tasks/section-config-runner-windows.yml | 5 +- tasks/section-config-runner.yml | 5 +- ...gister-runner-if-not-longer-configured.yml | 3 +- tasks/update-config-runner-windows.yml | 130 +++--- tasks/update-config-runner.yml | 431 +++++------------- tests/test.yml | 15 +- 15 files changed, 255 insertions(+), 411 deletions(-) diff --git a/meta/main.yml b/meta/main.yml index 6aafb96..4aebabf 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -4,7 +4,7 @@ galaxy_info: namespace: riemers description: GitLab Runner license: MIT - min_ansible_version: 2.13 + min_ansible_version: "2.13" platforms: - name: EL versions: diff --git a/tasks/config-runner-container.yml b/tasks/config-runner-container.yml index baccd52..7a366c2 100644 --- a/tasks/config-runner-container.yml +++ b/tasks/config-runner-container.yml @@ -1,5 +1,5 @@ --- -- name: "{{ conf_name_prefix }} Create temporary file" +- name: "Create temporary file {{ conf_name_prefix }}" ansible.builtin.tempfile: state: file path: "{{ temp_runner_config_dir.path }}" @@ -8,7 +8,7 @@ check_mode: false changed_when: false -- name: "{{ conf_name_prefix }} Isolate runner configuration" +- name: "Isolate runner configuration {{ conf_name_prefix }}" ansible.builtin.copy: dest: "{{ temp_runner_config.path }}" content: "{{ runner_config }}" @@ -16,9 +16,10 @@ check_mode: false changed_when: false -- ansible.builtin.include_tasks: update-config-runner.yml +- name: Update config + ansible.builtin.include_tasks: update-config-runner.yml vars: - runn_name_prefix: "{{ conf_name_prefix }} runner[{{ (gitlab_runner_index|int) + 1 }}/{{ gitlab_runner_runners|length }}]:" + runn_name_prefix: "{{ conf_name_prefix }} runner[{{ (gitlab_runner_index | int) + 1 }}/{{ gitlab_runner_runners | length }}]:" when: - ('name = "'+gitlab_runner.name|default(ansible_hostname+'-'+gitlab_runner_index|string)+'"') in runner_config - gitlab_runner.state|default('present') == 'present' @@ -27,7 +28,7 @@ index_var: gitlab_runner_index loop_var: gitlab_runner -- name: "{{ conf_name_prefix }} Remove runner config" +- name: "Remove runner config {{ conf_name_prefix }}" ansible.builtin.file: path: "{{ temp_runner_config.path }}" state: absent diff --git a/tasks/config-runner-windows.yml b/tasks/config-runner-windows.yml index dd2cbec..4690028 100644 --- a/tasks/config-runner-windows.yml +++ b/tasks/config-runner-windows.yml @@ -1,5 +1,5 @@ --- -- name: (Windows) {{ conf_name_prefix }} Create temporary file +- name: "(Windows) Create temporary file {{ conf_name_prefix }}" ansible.windows.win_tempfile: state: file path: "{{ temp_runner_config_dir.path }}" @@ -8,16 +8,17 @@ check_mode: false changed_when: false -- name: (Windows) {{ conf_name_prefix }} Isolate runner configuration +- name: "(Windows) Isolate runner configuration {{ conf_name_prefix }}" ansible.windows.win_copy: dest: "{{ temp_runner_config.path }}" content: "{{ runner_config }}" check_mode: false changed_when: false -- ansible.builtin.include_tasks: update-config-runner-windows.yml +- name: Update config + ansible.builtin.include_tasks: update-config-runner-windows.yml vars: - runn_name_prefix: "{{ conf_name_prefix }} runner[{{ (gitlab_runner_index|int) + 1 }}/{{ gitlab_runner_runners|length }}]:" + runn_name_prefix: "{{ conf_name_prefix }} runner[{{ (gitlab_runner_index | int) + 1 }}/{{ gitlab_runner_runners | length }}]:" when: - ('name = "'+gitlab_runner.name|default(ansible_hostname+'-'+gitlab_runner_index|string)+'"') in runner_config - gitlab_runner.state|default('present') == 'present' @@ -26,7 +27,7 @@ index_var: gitlab_runner_index loop_var: gitlab_runner -- name: (Windows) {{ conf_name_prefix }} Remove runner config +- name: "(Windows) Remove runner config {{ conf_name_prefix }}" ansible.windows.win_file: path: "{{ temp_runner_config.path }}" state: absent diff --git a/tasks/config-runner.yml b/tasks/config-runner.yml index aeba009..934257b 100644 --- a/tasks/config-runner.yml +++ b/tasks/config-runner.yml @@ -1,5 +1,5 @@ --- -- name: "{{ conf_name_prefix }} Create temporary file" +- name: "Create temporary file {{ conf_name_prefix }}" ansible.builtin.tempfile: state: file path: "{{ temp_runner_config_dir.path }}" @@ -8,17 +8,19 @@ check_mode: false changed_when: false -- name: "{{ conf_name_prefix }} Isolate runner configuration" +- name: "Isolate runner configuration {{ conf_name_prefix }}" ansible.builtin.copy: dest: "{{ temp_runner_config.path }}" content: "{{ runner_config }}" + mode: 0644 check_mode: false changed_when: false no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" -- ansible.builtin.include_tasks: update-config-runner.yml +- name: Update config + ansible.builtin.include_tasks: update-config-runner.yml vars: - runn_name_prefix: "{{ conf_name_prefix }} runner[{{ (gitlab_runner_index|int) + 1 }}/{{ gitlab_runner_runners|length }}]:" + runn_name_prefix: "{{ conf_name_prefix }} runner[{{ (gitlab_runner_index | int) + 1 }}/{{ gitlab_runner_runners | length }}]:" when: - ('name = "'+gitlab_runner.name|default(ansible_hostname+'-'+gitlab_runner_index|string)+'"') in runner_config - gitlab_runner.state|default('present') == 'present' @@ -28,7 +30,7 @@ loop_var: gitlab_runner no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" -- name: "{{ conf_name_prefix }} Remove runner config" +- name: "Remove runner config {{ conf_name_prefix }}" ansible.builtin.file: path: "{{ temp_runner_config.path }}" state: absent diff --git a/tasks/line-config-runner-windows.yml b/tasks/line-config-runner-windows.yml index 3eb754d..bb773bd 100644 --- a/tasks/line-config-runner-windows.yml +++ b/tasks/line-config-runner-windows.yml @@ -1,20 +1,20 @@ --- -- name: (Windows) {{ line_name_prefix }} Ensure section exists +- name: "Ensure section exists {{ line_name_prefix }}" # noqa jinja[spacing] community.windows.win_lineinfile: path: "{{ temp_runner_config.path }}" - regexp: ^(\s*)\[{{ section|regex_escape }}\]$ - line: '{{ " " * (section.split(".")|length -1) }}[{{ section }}]' + regexp: ^(\s*)\[{{ section | regex_escape }}\]$ + line: '{{ " " * (section.split(".") | length -1) }}[{{ section }}]' -- name: (Windows) {{ line_name_prefix }} Modify existing line +- name: "Modify existing line {{ line_name_prefix }}" community.windows.win_lineinfile: path: "{{ temp_runner_config.path }}" insertafter: \s+\[{{ section | regex_escape }}\] regexp: ^(\s*)({{ line | regex_escape }}|{{ line | regex_escape }}) =.* - line: '{{ " " * (section.split(".")|length) }}{{ line }} = {{ gitlab_runner.extra_configs[section][line] | to_json }}' + line: '{{ " " * (section.split(".") | length) }}{{ line }} = {{ gitlab_runner.extra_configs[section][line] | to_json }}' register: modified_config_line when: not '.' in line -- name: (Windows) {{ line_name_prefix }} Modify existing line to_json +- name: "Modify existing line to_json {{ line_name_prefix }}" # noqa jinja[spacing] community.windows.win_lineinfile: path: "{{ temp_runner_config.path }}" insertafter: \s+\[{{ section | regex_escape }}\] diff --git a/tasks/line-config-runner.yml b/tasks/line-config-runner.yml index f1300a9..b780d2a 100644 --- a/tasks/line-config-runner.yml +++ b/tasks/line-config-runner.yml @@ -1,24 +1,24 @@ --- -- name: "{{ line_name_prefix }} Ensure section exists" +- name: "Ensure section exists {{ line_name_prefix }}" # noqa jinja[spacing] ansible.builtin.lineinfile: path: "{{ temp_runner_config.path }}" - regexp: ^(\s*)\[{{ section|regex_escape }}\]$ - line: '{{ " " * (section.split(".")|length -1) }}[{{ section }}]' + regexp: ^(\s*)\[{{ section | regex_escape }}\]$ + line: '{{ " " * (section.split(".") | length -1) }}[{{ section }}]' -- name: "{{ line_name_prefix }} Modify existing line" +- name: "Modify existing line {{ line_name_prefix }}" ansible.builtin.lineinfile: path: "{{ temp_runner_config.path }}" insertafter: \s+\[{{ section | regex_escape }}\] regexp: ^(\s*)({{ line | regex_escape }}|{{ line | regex_escape }}) = - line: '{{ " " * (section.split(".")|length) }}{{ line }} = {{ gitlab_runner.extra_configs[section][line] | to_json }}' + line: '{{ " " * (section.split(".") | length) }}{{ line }} = {{ gitlab_runner.extra_configs[section][line] | to_json }}' register: modified_config_line when: "not '.' in line and not '/' in line" -- name: "{{ line_name_prefix }} Modify existing line to_json" +- name: "Modify existing line to_json {{ line_name_prefix }}" ansible.builtin.lineinfile: path: "{{ temp_runner_config.path }}" insertafter: \s+\[{{ section | regex_escape }}\] regexp: ^(\s*)({{ line | to_json | regex_escape }}|{{ line | regex_escape }}) = - line: '{{ " " * (section.split(".")|length) }}{{ line | to_json }} = {{ gitlab_runner.extra_configs[section][line] | to_json }}' + line: '{{ " " * (section.split(".") | length) }}{{ line | to_json }} = {{ gitlab_runner.extra_configs[section][line] | to_json }}' register: modified_config_line when: "'.' in line or '/' in line" diff --git a/tasks/main-container.yml b/tasks/main-container.yml index 9660ea3..02f53a6 100644 --- a/tasks/main-container.yml +++ b/tasks/main-container.yml @@ -20,7 +20,9 @@ changed_when: '"Updated " in verified_runners.container.Output' check_mode: false -- ansible.builtin.import_tasks: list-configured-runners-container.yml +- name: List configured runners + ansible.builtin.import_tasks: list-configured-runners-container.yml + - name: (Container) Register GitLab Runner ansible.builtin.include_tasks: register-runner-container.yml vars: @@ -37,6 +39,7 @@ - name: (Container) Set global options ansible.builtin.import_tasks: global-setup.yml + - name: (Container) Configure GitLab Runner ansible.builtin.include_tasks: config-runners-container.yml when: gitlab_runner_config_update_mode == 'by_config_toml' diff --git a/tasks/main-unix.yml b/tasks/main-unix.yml index 3b86db1..7164fe1 100644 --- a/tasks/main-unix.yml +++ b/tasks/main-unix.yml @@ -22,7 +22,9 @@ check_mode: false become: "{{ gitlab_runner_system_mode }}" -- ansible.builtin.import_tasks: list-configured-runners-unix.yml +- name: List configured runners + ansible.builtin.import_tasks: list-configured-runners-unix.yml + - name: (Unix) Register GitLab Runner ansible.builtin.include_tasks: register-runner.yml vars: @@ -40,6 +42,7 @@ - name: Set global options (macOS/Debian/RedHat) ansible.builtin.import_tasks: global-setup.yml + - name: (Unix) Configure GitLab Runner ansible.builtin.include_tasks: config-runners.yml when: gitlab_runner_config_update_mode == 'by_config_toml' diff --git a/tasks/main-windows.yml b/tasks/main-windows.yml index fec8ca1..7fb8fb6 100644 --- a/tasks/main-windows.yml +++ b/tasks/main-windows.yml @@ -1,6 +1,7 @@ --- - name: Install GitLab Runner (Windows) ansible.builtin.import_tasks: install-windows.yml + - name: (Windows) Delete runners which were removed in GitLab ansible.windows.win_command: "{{ gitlab_runner_executable }} verify --delete" args: @@ -9,7 +10,9 @@ changed_when: '"Updated " in verified_runners.stderr' check_mode: false -- ansible.builtin.import_tasks: list-configured-runners-windows.yml +- name: List configured runners + ansible.builtin.import_tasks: list-configured-runners-windows.yml + - name: (Windows) Register GitLab Runner ansible.builtin.include_tasks: register-runner-windows.yml vars: diff --git a/tasks/section-config-runner-windows.yml b/tasks/section-config-runner-windows.yml index cf6da05..c031a08 100644 --- a/tasks/section-config-runner-windows.yml +++ b/tasks/section-config-runner-windows.yml @@ -1,7 +1,8 @@ --- -- ansible.builtin.include_tasks: line-config-runner-windows.yml +- name: Config runner + ansible.builtin.include_tasks: line-config-runner-windows.yml vars: - line_name_prefix: "{{ sect_name_prefix }} line:[{{ (line_index|int) + 1 }}/{{ gitlab_runner.extra_configs[section]|list|length }}]: " + line_name_prefix: "{{ sect_name_prefix }} line:[{{ (line_index | int) + 1 }}/{{ gitlab_runner.extra_configs[section] | list | length }}]: " loop: "{{ gitlab_runner.extra_configs[section] | list }}" loop_control: loop_var: line diff --git a/tasks/section-config-runner.yml b/tasks/section-config-runner.yml index f326890..b83f2d2 100644 --- a/tasks/section-config-runner.yml +++ b/tasks/section-config-runner.yml @@ -1,7 +1,8 @@ --- -- ansible.builtin.include_tasks: line-config-runner.yml +- name: Config runner + ansible.builtin.include_tasks: line-config-runner.yml vars: - line_name_prefix: "{{ sect_name_prefix }} line:[{{ (line_index|int) + 1 }}/{{ gitlab_runner.extra_configs[section]|list|length }}]: " + line_name_prefix: "{{ sect_name_prefix }} line:[{{ (line_index | int) + 1 }}/{{ gitlab_runner.extra_configs[section] | list | length }}]: " loop: "{{ gitlab_runner.extra_configs[section] | list }}" loop_control: loop_var: line diff --git a/tasks/unregister-runner-if-not-longer-configured.yml b/tasks/unregister-runner-if-not-longer-configured.yml index 8535ddf..07bbf10 100644 --- a/tasks/unregister-runner-if-not-longer-configured.yml +++ b/tasks/unregister-runner-if-not-longer-configured.yml @@ -12,7 +12,8 @@ var: available_runners_not_longer_configured when: available_runners_not_longer_configured | length > 0 -- ansible.builtin.include_tasks: unregister-runner.yml +- name: Unregister runner + ansible.builtin.include_tasks: unregister-runner.yml loop: "{{ available_runners_not_longer_configured }}" loop_control: loop_var: actual_gitlab_runner_name diff --git a/tasks/update-config-runner-windows.yml b/tasks/update-config-runner-windows.yml index 652e1bc..415c2a7 100644 --- a/tasks/update-config-runner-windows.yml +++ b/tasks/update-config-runner-windows.yml @@ -1,5 +1,5 @@ --- -- name: (Windows) {{ runn_name_prefix }} Set "[[runners]]" section +- name: "Set '[[runners]]' section {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: \n @@ -10,29 +10,29 @@ check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set concurrent limit option +- name: "Set concurrent limit option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*limit =.* - line: " limit = {{ gitlab_runner.concurrent_specific|default(0) }}" + line: " limit = {{ gitlab_runner.concurrent_specific | default(0) }}" state: present insertafter: ^\s*name = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set coordinator URL +- name: "Set coordinator URL {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*url =.* - line: " url = {{ gitlab_runner.url|default(gitlab_runner_coordinator_url) | to_json }}" + line: " url = {{ gitlab_runner.url | default(gitlab_runner_coordinator_url) | to_json }}" state: present insertafter: ^\s*limit = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set clone URL +- name: "Set clone URL {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*clone_url = @@ -44,18 +44,18 @@ notify: restart_gitlab_runner when: gitlab_runner.clone_url is defined -- name: (Windows) {{ runn_name_prefix }} Set environment option +- name: "Set environment option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*environment =.* - line: " environment = {{ gitlab_runner.env_vars|default([]) | to_json }}" + line: " environment = {{ gitlab_runner.env_vars | default([]) | to_json }}" state: present insertafter: ^\s*url = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set pre_get_sources_script +- name: "Set pre_get_sources_script {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pre_get_sources_script = @@ -67,7 +67,7 @@ notify: restart_gitlab_runner when: gitlab_runner.pre_get_sources_script is defined -- name: (Windows) {{ runn_name_prefix }} Set post_get_sources_script +- name: "Set post_get_sources_script {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*post_get_sources_script = @@ -79,7 +79,7 @@ notify: restart_gitlab_runner when: gitlab_runner.post_get_sources_script is defined -- name: (Windows) {{ runn_name_prefix }} Set pre_build_script +- name: "Set pre_build_script {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pre_build_script = @@ -91,7 +91,7 @@ notify: restart_gitlab_runner when: gitlab_runner.pre_build_script is defined -- name: (Windows) {{ runn_name_prefix }} Set post_build_script +- name: "Set post_build_script {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*post_build_script = @@ -103,276 +103,278 @@ notify: restart_gitlab_runner when: gitlab_runner.post_build_script is defined -- name: (Windows) {{ runn_name_prefix }} Set runner executor option +- name: "Set runner executor option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*executor =.* - line: ' executor = {{ gitlab_runner.executor|default("shell") | to_json }}' + line: ' executor = {{ gitlab_runner.executor | default("shell") | to_json }}' state: present insertafter: ^\s*url = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set runner shell option +- name: "Set runner shell option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*shell =.* - line: ' shell = {{ gitlab_runner.shell|default("") | to_json }}' + line: ' shell = {{ gitlab_runner.shell | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.shell is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set output_limit option +- name: "Set output_limit option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*output_limit =.* - line: " output_limit = {{ gitlab_runner.output_limit|default(4096) }}" + line: " output_limit = {{ gitlab_runner.output_limit | default(4096) }}" state: present insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set runner docker image option +- name: "Set runner docker image option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*image =.* - line: ' image = {{ gitlab_runner.docker_image|default("") | to_json }}' + line: ' image = {{ gitlab_runner.docker_image | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.docker_image is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set docker privileged option +- name: "Set docker privileged option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*privileged =.* - line: " privileged = {{ gitlab_runner.docker_privileged|default(false) | lower }}" + line: " privileged = {{ gitlab_runner.docker_privileged | default(false) | lower }}" state: "{{ 'present' if gitlab_runner.docker_privileged is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set docker volumes option +- name: "Set docker volumes option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*volumes =.* - line: " volumes = {{ gitlab_runner.docker_volumes|default([])|to_json }}" + line: " volumes = {{ gitlab_runner.docker_volumes | default([]) | to_json }}" state: "{{ 'present' if gitlab_runner.docker_volumes is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set docker devices option +- name: "Set docker devices option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*devices =.* - line: " devices = {{ gitlab_runner.docker_devices|default([])|to_json }}" + line: " devices = {{ gitlab_runner.docker_devices | default([]) | to_json }}" state: "{{ 'present' if gitlab_runner.docker_devices is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set docker network_mode option +- name: "Set docker network_mode option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*network_mode =.* - line: ' network_mode = {{ gitlab_runner.docker_network_mode|default("bridge") | to_json }}' + line: ' network_mode = {{ gitlab_runner.docker_network_mode | default("bridge") | to_json }}' state: "{{ 'present' if gitlab_runner.docker_network_mode is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache type option +- name: "Set cache type option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Type =.* - line: ' Type = {{ gitlab_runner.cache_type|default("") | to_json }}' + line: ' Type = {{ gitlab_runner.cache_type | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_type is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache path option +- name: "Set cache path option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Path =.* - line: ' Path = {{ gitlab_runner.cache_path|default("") | to_json }}' + line: ' Path = {{ gitlab_runner.cache_path | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_path is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache s3 server address +- name: "Set cache s3 server address {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*ServerAddress =.* - line: ' ServerAddress = {{ gitlab_runner.cache_s3_server_address|default("") | to_json }}' + line: ' ServerAddress = {{ gitlab_runner.cache_s3_server_address | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_server_address is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache s3 access key +- name: "Set cache s3 access key {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccessKey =.* - line: ' AccessKey = {{ gitlab_runner.cache_s3_access_key|default("") | to_json }}' + line: ' AccessKey = {{ gitlab_runner.cache_s3_access_key | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_access_key is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache s3 secret key +- name: "Set cache s3 secret key {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*SecretKey =.* - line: ' SecretKey = {{ gitlab_runner.cache_s3_secret_key|default("") | to_json }}' + line: ' SecretKey = {{ gitlab_runner.cache_s3_secret_key | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_secret_key is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache shared option +- name: "Set cache shared option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Shared =.* - line: ' Shared = {{ gitlab_runner.cache_shared|default("") | lower }}' + line: ' Shared = {{ gitlab_runner.cache_shared | default("") | lower }}' state: "{{ 'present' if gitlab_runner.cache_shared is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache s3 bucket name option +- name: "Set cache s3 bucket name option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketName =.* - line: ' BucketName = {{ gitlab_runner.cache_s3_bucket_name|default("") | to_json }}' + line: ' BucketName = {{ gitlab_runner.cache_s3_bucket_name | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_bucket_name is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache s3 bucket location option +- name: "Set cache s3 bucket location option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketLocation =.* - line: ' BucketLocation = {{ gitlab_runner.cache_s3_bucket_location|default("") | to_json }}' + line: ' BucketLocation = {{ gitlab_runner.cache_s3_bucket_location | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_bucket_location is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache s3 insecure option +- name: "Set cache s3 insecure option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Insecure =.* - line: ' Insecure = {{ gitlab_runner.cache_s3_insecure|default("") | lower }}' + line: ' Insecure = {{ gitlab_runner.cache_s3_insecure | default("") | lower }}' state: "{{ 'present' if gitlab_runner.cache_s3_insecure is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set ssh user option +- name: "Set ssh user option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*user =.* - line: ' user = {{ gitlab_runner.ssh_user|default("") | to_json }}' + line: ' user = {{ gitlab_runner.ssh_user | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.ssh_user is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set ssh host option +- name: "Set ssh host option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*host =.* - line: ' host = {{ gitlab_runner.ssh_host|default("") | to_json }}' + line: ' host = {{ gitlab_runner.ssh_host | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.ssh_host is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set ssh port option +- name: "Set ssh port option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*port =.* - line: ' port = {{ gitlab_runner.ssh_port|default("") | to_json }}' + line: ' port = {{ gitlab_runner.ssh_port | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.ssh_port is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set ssh password option +- name: "Set ssh password option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*password =.* - line: ' password = {{ gitlab_runner.ssh_password|default("") | to_json }}' + line: ' password = {{ gitlab_runner.ssh_password | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.ssh_password is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set ssh identity file option +- name: "Set ssh identity file option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*identity_file =.* - line: ' identity_file = {{ gitlab_runner.ssh_identity_file|default("") | to_json }}' + line: ' identity_file = {{ gitlab_runner.ssh_identity_file | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.ssh_identity_file is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set builds dir file option +- name: "Set builds dir file option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*builds_dir =.* - line: ' builds_dir = {{ gitlab_runner.builds_dir|default("") | to_json }}' + line: ' builds_dir = {{ gitlab_runner.builds_dir | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.builds_dir is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) {{ runn_name_prefix }} Set cache dir file option +- name: "Set cache dir file option {{ runn_name_prefix }}" community.windows.win_lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*cache_dir =.* - line: ' cache_dir = {{ gitlab_runner.cache_dir|default("") | to_json }}' + line: ' cache_dir = {{ gitlab_runner.cache_dir | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_dir is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false check_mode: false notify: restart_gitlab_runner_windows -- name: (Windows) Remove empty lines +- name: "Remove empty lines" ansible.windows.win_shell: (Get-Content {{ temp_runner_config.path }}) | ? {$_.trim() -ne "" } | Set-Content {{ temp_runner_config.path }} -- ansible.builtin.include_tasks: section-config-runner-windows.yml + +- name: "Configure runner" + ansible.builtin.include_tasks: section-config-runner-windows.yml vars: - sect_name_prefix: "{{ runn_name_prefix }} section[{{ (section_index|int) + 1 }}/{{ gitlab_runner.extra_configs|list|length }}]:" - loop: "{{ gitlab_runner.extra_configs|list }}" + sect_name_prefix: "{{ runn_name_prefix }} section[{{ (section_index | int) + 1 }}/{{ gitlab_runner.extra_configs | list | length }}]:" + loop: "{{ gitlab_runner.extra_configs | list }}" loop_control: loop_var: section index_var: section_index diff --git a/tasks/update-config-runner.yml b/tasks/update-config-runner.yml index a2d1d71..0bd4a2a 100644 --- a/tasks/update-config-runner.yml +++ b/tasks/update-config-runner.yml @@ -1,9 +1,9 @@ --- -- name: "{{ runn_name_prefix }} Set concurrent limit option" +- name: "Set concurrent limit option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*limit = - line: " limit = {{ gitlab_runner.concurrent_specific|default(0) }}" + line: " limit = {{ gitlab_runner.concurrent_specific | default(0) }}" state: present insertafter: ^\s*name = backrefs: false @@ -13,11 +13,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set coordinator URL" +- name: "Set coordinator URL {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*url = - line: " url = {{ gitlab_runner.url|default(gitlab_runner_coordinator_url) | to_json }}" + line: " url = {{ gitlab_runner.url | default(gitlab_runner_coordinator_url) | to_json }}" state: present insertafter: ^\s*limit = backrefs: false @@ -27,7 +27,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set clone URL" +- name: "Set clone URL {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*clone_url = @@ -42,11 +42,11 @@ - restart_gitlab_runner_macos when: gitlab_runner.clone_url is defined -- name: "{{ runn_name_prefix }} Set environment option" +- name: "Set environment option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*environment = - line: " environment = {{ gitlab_runner.env_vars|default([]) | to_json }}" + line: " environment = {{ gitlab_runner.env_vars | default([]) | to_json }}" state: present insertafter: ^\s*url = backrefs: false @@ -56,7 +56,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set pre_get_sources_script" +- name: "Set pre_get_sources_script {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pre_get_sources_script = @@ -71,7 +71,7 @@ - restart_gitlab_runner_macos when: gitlab_runner.pre_get_sources_script is defined -- name: "{{ runn_name_prefix }} Set post_get_sources_script" +- name: "Set post_get_sources_script {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*post_get_sources_script = @@ -85,7 +85,7 @@ - restart_gitlab_runner_macos when: gitlab_runner.post_get_sources_script is defined -- name: "{{ runn_name_prefix }} Set pre_build_script" +- name: "Set pre_build_script {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pre_build_script = @@ -100,7 +100,7 @@ - restart_gitlab_runner_macos when: gitlab_runner.pre_build_script is defined -- name: "{{ runn_name_prefix }} Set tls_ca_file" +- name: "Set tls_ca_file {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*tls-ca-file = @@ -115,7 +115,7 @@ - restart_gitlab_runner_macos when: gitlab_runner.tls_ca_file is defined -- name: "{{ runn_name_prefix }} Set post_build_script" +- name: "Set post_build_script {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*post_build_script = @@ -130,11 +130,11 @@ - restart_gitlab_runner_macos when: gitlab_runner.post_build_script is defined -- name: "{{ runn_name_prefix }} Set runner executor option" +- name: "Set runner executor option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*executor = - line: ' executor = {{ gitlab_runner.executor|default("shell") | to_json }}' + line: ' executor = {{ gitlab_runner.executor | default("shell") | to_json }}' state: present insertafter: ^\s*url = backrefs: false @@ -144,11 +144,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set runner shell option" +- name: "Set runner shell option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*shell = - line: ' shell = {{ gitlab_runner.shell|default("") | to_json }}' + line: ' shell = {{ gitlab_runner.shell | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.shell is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false @@ -158,12 +158,12 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set runner executor section" +- name: "Set runner executor section {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" - regexp: ^\s*\[runners\.{{ gitlab_runner.executor|default("shell") }}\] - line: ' [runners.{{ gitlab_runner.executor|replace("docker+machine","machine")|default("shell") }}]' - state: "{{ 'absent' if (gitlab_runner.executor|default('shell')) == 'shell' else 'present' }}" + regexp: ^\s*\[runners\.{{ gitlab_runner.executor | default("shell") }}\] + line: ' [runners.{{ gitlab_runner.executor|replace("docker+machine","machine") | default("shell") }}]' + state: "{{ 'absent' if (gitlab_runner.executor | default('shell')) == 'shell' else 'present' }}" insertafter: ^\s*executor = backrefs: false check_mode: false @@ -172,11 +172,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set output_limit option" +- name: "Set output_limit option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*output_limit = - line: " output_limit = {{ gitlab_runner.output_limit|default(4096) }}" + line: " output_limit = {{ gitlab_runner.output_limit | default(4096) }}" state: present insertafter: ^\s*executor = backrefs: false @@ -187,11 +187,11 @@ - restart_gitlab_runner_macos #### [runners.docker] section #### -- name: "{{ runn_name_prefix }} Set runner docker image option" +- name: "Set runner docker image option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*image = - line: ' image = {{ gitlab_runner.docker_image|default("") | to_json }}' + line: ' image = {{ gitlab_runner.docker_image | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.docker_image is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -201,11 +201,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker helper image option" +- name: "Set docker helper image option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*helper_image = - line: ' helper_image = {{ gitlab_runner.docker_helper_image|default("") | to_json }}' + line: ' helper_image = {{ gitlab_runner.docker_helper_image | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.docker_helper_image is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -215,11 +215,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker privileged option" +- name: "Set docker privileged option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*privileged = - line: " privileged = {{ gitlab_runner.docker_privileged|default(false) | lower }}" + line: " privileged = {{ gitlab_runner.docker_privileged | default(false) | lower }}" state: "{{ 'present' if gitlab_runner.docker_privileged is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -229,11 +229,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker wait_for_services_timeout option" +- name: "Set docker wait_for_services_timeout option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*wait_for_services_timeout = - line: " wait_for_services_timeout = {{ gitlab_runner.docker_wait_for_services_timeout|default(30) }}" + line: " wait_for_services_timeout = {{ gitlab_runner.docker_wait_for_services_timeout | default(30) }}" state: "{{ 'present' if gitlab_runner.docker_wait_for_services_timeout is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -243,11 +243,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker tlsverify option" +- name: "Set docker tlsverify option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*tls_verify = - line: " tls_verify = {{ gitlab_runner.docker_tlsverify|default(false) | lower }}" + line: " tls_verify = {{ gitlab_runner.docker_tlsverify | default(false) | lower }}" state: "{{ 'present' if gitlab_runner.docker_tlsverify is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -257,11 +257,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker shm_size option" +- name: "Set docker shm_size option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*shm_size = - line: " shm_size = {{ gitlab_runner.docker_shm_size|default(false) | lower }}" + line: " shm_size = {{ gitlab_runner.docker_shm_size | default(false) | lower }}" state: "{{ 'present' if gitlab_runner.docker_shm_size is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -271,11 +271,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker disable_cache option" +- name: "Set docker disable_cache option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*disable_cache = - line: " disable_cache = {{ gitlab_runner.docker_disable_cache|default(false) | lower }}" + line: " disable_cache = {{ gitlab_runner.docker_disable_cache | default(false) | lower }}" state: "{{ 'present' if gitlab_runner.docker_disable_cache is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -285,11 +285,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker DNS option" +- name: "Set docker DNS option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*dns = - line: " dns = {{ gitlab_runner.docker_dns|default(false) | to_json }}" + line: " dns = {{ gitlab_runner.docker_dns | default(false) | to_json }}" state: "{{ 'present' if gitlab_runner.docker_dns is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -299,11 +299,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker DNS search option" +- name: "Set docker DNS search option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*dns_search = - line: " dns_search = {{ gitlab_runner.docker_dns_search|default(false) | to_json }}" + line: " dns_search = {{ gitlab_runner.docker_dns_search | default(false) | to_json }}" state: "{{ 'present' if gitlab_runner.docker_dns_search is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -313,11 +313,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker pull_policy option" +- name: "Set docker pull_policy option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pull_policy = - line: " pull_policy = {{ gitlab_runner.docker_pull_policy|default([])|to_json }}" + line: " pull_policy = {{ gitlab_runner.docker_pull_policy | default([])|to_json }}" state: "{{ 'present' if gitlab_runner.docker_pull_policy is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -327,25 +327,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker allowed_pull_policies option" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: ^\s*allowed_pull_policies = - line: " allowed_pull_policies = {{ gitlab_runner.docker_allowed_pull_policies|default([])|to_json }}" - state: "{{ 'present' if gitlab_runner.docker_allowed_pull_policies is defined else 'absent' }}" - insertafter: ^\s*\[runners\.docker\] - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set docker volumes option" +- name: "Set docker volumes option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*volumes = - line: " volumes = {{ gitlab_runner.docker_volumes|default([])|to_json }}" + line: " volumes = {{ gitlab_runner.docker_volumes | default([])|to_json }}" state: "{{ 'present' if gitlab_runner.docker_volumes is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -355,11 +341,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker devices option" +- name: "Set docker devices option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*devices = - line: " devices = {{ gitlab_runner.docker_devices|default([])|to_json }}" + line: " devices = {{ gitlab_runner.docker_devices | default([]) | to_json }}" state: "{{ 'present' if gitlab_runner.docker_devices is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -369,11 +355,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set runner docker network option" +- name: "Set runner docker network option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*network_mode = - line: ' network_mode = {{ gitlab_runner.docker_network_mode|default("bridge") | to_json }}' + line: ' network_mode = {{ gitlab_runner.docker_network_mode | default("bridge") | to_json }}' state: "{{ 'present' if gitlab_runner.docker_network_mode is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -383,11 +369,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set tls-cert-file option" +- name: "Set tls-cert-file option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*tls-cert-file = - line: " tls-cert-file = {{ gitlab_runner.tls_cert_file|default([]) | to_json }}" + line: " tls-cert-file = {{ gitlab_runner.tls_cert_file | default([]) | to_json }}" state: "{{ 'present' if gitlab_runner.tls_cert_file is defined else 'absent' }}" insertafter: ^\s*url = backrefs: false @@ -397,11 +383,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set tls-key-file option" +- name: "Set tls-key-file option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*tls-key-file = - line: " tls-key-file = {{ gitlab_runner.tls_key_file|default([]) | to_json }}" + line: " tls-key-file = {{ gitlab_runner.tls_key_file | default([]) | to_json }}" state: "{{ 'present' if gitlab_runner.tls_key_file is defined else 'absent' }}" insertafter: ^\s*url = backrefs: false @@ -412,7 +398,7 @@ - restart_gitlab_runner_macos #### [[runners.docker.services]] section #### -- name: "{{ runn_name_prefix }} Set additional services" +- name: "Set additional services {{ runn_name_prefix }}" ansible.builtin.blockinfile: dest: "{{ temp_runner_config.path }}" content: "{{ lookup('template', 'config.runners.docker.services.j2') if gitlab_runner.docker_services is defined }}" @@ -426,7 +412,7 @@ - restart_gitlab_runner_macos #### [runners.custom_build_dir] section ##### -- name: "{{ runn_name_prefix }} Set custom_build_dir section" +- name: "Set custom_build_dir section {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.custom_build_dir\] @@ -440,11 +426,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set docker custom_build_dir-enabled option" +- name: "Set docker custom_build_dir-enabled option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*enabled = - line: " enabled = {{ gitlab_runner.custom_build_dir_enabled|default(false) | lower }}" + line: " enabled = {{ gitlab_runner.custom_build_dir_enabled | default(false) | lower }}" state: "{{ 'present' if gitlab_runner.custom_build_dir_enabled is defined else 'absent' }}" insertafter: ^\s*\[runners\.custom_build_dir\] backrefs: false @@ -455,7 +441,7 @@ - restart_gitlab_runner_macos #### [runners.cache] section #### -- name: "{{ runn_name_prefix }} Set cache section" +- name: "Set cache section {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.cache\] @@ -469,7 +455,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache s3 section" +- name: "Set cache s3 section {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.cache\.s3\] @@ -483,7 +469,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache gcs section" +- name: "Set cache gcs section {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.cache\.gcs\] @@ -497,7 +483,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache azure section" +- name: "Set cache azure section {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.cache\.azure\] @@ -511,11 +497,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache type option" +- name: "Set cache type option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Type = - line: ' Type = {{ gitlab_runner.cache_type|default("") | to_json }}' + line: ' Type = {{ gitlab_runner.cache_type | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_type is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\] backrefs: false @@ -525,11 +511,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache path option" +- name: "Set cache path option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Path = - line: ' Path = {{ gitlab_runner.cache_path|default("") | to_json }}' + line: ' Path = {{ gitlab_runner.cache_path | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_path is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\] backrefs: false @@ -539,11 +525,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache shared option" +- name: "Set cache shared option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Shared = - line: ' Shared = {{ gitlab_runner.cache_shared|default("") | lower }}' + line: ' Shared = {{ gitlab_runner.cache_shared | default("") | lower }}' state: "{{ 'present' if gitlab_runner.cache_shared is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\] backrefs: false @@ -554,11 +540,11 @@ - restart_gitlab_runner_macos #### [runners.cache.s3] section #### -- name: "{{ runn_name_prefix }} Set cache s3 server addresss" +- name: "Set cache s3 server addresss {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*ServerAddress = - line: ' ServerAddress = {{ gitlab_runner.cache_s3_server_address|default("") | to_json }}' + line: ' ServerAddress = {{ gitlab_runner.cache_s3_server_address | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_server_address is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false @@ -568,11 +554,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache s3 access key" +- name: "Set cache s3 access key {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccessKey = - line: ' AccessKey = {{ gitlab_runner.cache_s3_access_key|default("") | to_json }}' + line: ' AccessKey = {{ gitlab_runner.cache_s3_access_key | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_access_key is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false @@ -582,11 +568,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache s3 secret key" +- name: "Set cache s3 secret key {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*SecretKey = - line: ' SecretKey = {{ gitlab_runner.cache_s3_secret_key|default("") | to_json }}' + line: ' SecretKey = {{ gitlab_runner.cache_s3_secret_key | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_secret_key is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false @@ -596,11 +582,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache s3 bucket name option" +- name: "Set cache s3 bucket name option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketName = - line: ' BucketName = {{ gitlab_runner.cache_s3_bucket_name|default("") | to_json }}' + line: ' BucketName = {{ gitlab_runner.cache_s3_bucket_name | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_bucket_name is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false @@ -611,11 +597,11 @@ - restart_gitlab_runner_macos when: gitlab_runner.cache_type is defined and gitlab_runner.cache_type == 's3' -- name: "{{ runn_name_prefix }} Set cache s3 bucket location option" +- name: "Set cache s3 bucket location option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketLocation = - line: ' BucketLocation = {{ gitlab_runner.cache_s3_bucket_location|default("") | to_json }}' + line: ' BucketLocation = {{ gitlab_runner.cache_s3_bucket_location | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_bucket_location is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false @@ -625,11 +611,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache s3 insecure option" +- name: "Set cache s3 insecure option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*Insecure = - line: ' Insecure = {{ gitlab_runner.cache_s3_insecure|default("") | lower }}' + line: ' Insecure = {{ gitlab_runner.cache_s3_insecure | default("") | lower }}' state: "{{ 'present' if gitlab_runner.cache_s3_insecure is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false @@ -640,11 +626,11 @@ - restart_gitlab_runner_macos #### [runners.cache.gcs] section #### -- name: "{{ runn_name_prefix }} Set cache gcs bucket name" +- name: "Set cache gcs bucket name {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketName = - line: ' BucketName = {{ gitlab_runner.cache_gcs_bucket_name|default("") | to_json }}' + line: ' BucketName = {{ gitlab_runner.cache_gcs_bucket_name | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_gcs_bucket_name is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.gcs\] backrefs: false @@ -654,11 +640,11 @@ - restart_gitlab_runner_macos when: gitlab_runner.cache_type is defined and gitlab_runner.cache_type == 'gcs' -- name: "{{ runn_name_prefix }} Set cache gcs credentials file" +- name: "Set cache gcs credentials file {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*CredentialsFile = - line: ' CredentialsFile = {{ gitlab_runner.cache_gcs_credentials_file|default("") | to_json }}' + line: ' CredentialsFile = {{ gitlab_runner.cache_gcs_credentials_file | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_gcs_credentials_file is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.gcs\] backrefs: false @@ -668,11 +654,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache gcs access id" +- name: "Set cache gcs access id {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccessID = - line: ' AccessID = {{ gitlab_runner.cache_gcs_access_id|default("") | to_json }}' + line: ' AccessID = {{ gitlab_runner.cache_gcs_access_id | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_gcs_access_id is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.gcs\] backrefs: false @@ -682,11 +668,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache gcs private key" +- name: "Set cache gcs private key {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*PrivateKey = - line: ' PrivateKey = {{ gitlab_runner.cache_gcs_private_key|default("") | to_json }}' + line: ' PrivateKey = {{ gitlab_runner.cache_gcs_private_key | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_gcs_private_key is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.gcs\] backrefs: false @@ -697,11 +683,11 @@ - restart_gitlab_runner_macos #### [runners.cache.azure] section #### -- name: "{{ runn_name_prefix }} Set cache azure account name" +- name: "Set cache azure account name {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccountName = - line: ' AccountName = {{ gitlab_runner.cache_azure_account_name|default("") | to_json }}' + line: ' AccountName = {{ gitlab_runner.cache_azure_account_name | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_azure_account_name is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.azure\] backrefs: false @@ -711,11 +697,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache azure account key" +- name: "Set cache azure account key {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*AccountKey = - line: ' AccountKey = {{ gitlab_runner.cache_azure_account_key|default("") | to_json }}' + line: ' AccountKey = {{ gitlab_runner.cache_azure_account_key | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_azure_account_key is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.azure\] backrefs: false @@ -725,11 +711,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache azure container name" +- name: "Set cache azure container name {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*ContainerName = - line: ' ContainerName = {{ gitlab_runner.cache_azure_container_name|default("") | to_json }}' + line: ' ContainerName = {{ gitlab_runner.cache_azure_container_name | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_azure_container_name is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.azure\] backrefs: false @@ -739,11 +725,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache azure storage domain" +- name: "Set cache azure storage domain {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*StorageDomain = - line: ' StorageDomain = {{ gitlab_runner.cache_azure_storage_domain|default("") | to_json }}' + line: ' StorageDomain = {{ gitlab_runner.cache_azure_storage_domain | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_azure_storage_domain is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.azure\] backrefs: false @@ -754,11 +740,11 @@ - restart_gitlab_runner_macos #### [runners.ssh] section ##### -- name: "{{ runn_name_prefix }} Set ssh user option" +- name: "Set ssh user option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*user = - line: ' user = {{ gitlab_runner.ssh_user|default("") | to_json }}' + line: ' user = {{ gitlab_runner.ssh_user | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.ssh_user is defined else 'absent' }}" insertafter: ^\s*\[runners\.ssh\] backrefs: false @@ -768,11 +754,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set ssh host option" +- name: "Set ssh host option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*host = - line: ' host = {{ gitlab_runner.ssh_host|default("") | to_json }}' + line: ' host = {{ gitlab_runner.ssh_host | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.ssh_host is defined else 'absent' }}" insertafter: ^\s*\[runners\.ssh\] backrefs: false @@ -782,11 +768,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set ssh port option" +- name: "Set ssh port option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*port = - line: ' port = "{{ gitlab_runner.ssh_port|default("") | to_json }}"' + line: ' port = "{{ gitlab_runner.ssh_port | default("") | to_json }}"' state: "{{ 'present' if gitlab_runner.ssh_port is defined else 'absent' }}" insertafter: ^\s*\[runners\.ssh\] backrefs: false @@ -796,11 +782,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set ssh password option" +- name: "Set ssh password option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*password = - line: ' password = {{ gitlab_runner.ssh_password|default("") | to_json }}' + line: ' password = {{ gitlab_runner.ssh_password | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.ssh_password is defined else 'absent' }}" insertafter: ^\s*\[runners\.ssh\] backrefs: false @@ -810,11 +796,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set ssh identity file option" +- name: "Set ssh identity file option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*identity_file = - line: ' identity_file = {{ gitlab_runner.ssh_identity_file|default("") | to_json }}' + line: ' identity_file = {{ gitlab_runner.ssh_identity_file | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.ssh_identity_file is defined else 'absent' }}" insertafter: ^\s*\[runners\.ssh\] backrefs: false @@ -825,7 +811,7 @@ - restart_gitlab_runner_macos #### [runners.virtualbox] section ##### -- name: "{{ runn_name_prefix }} Set virtualbox base name option" +- name: "Set virtualbox base name option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*base_name = @@ -840,7 +826,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set virtualbox base snapshot option" +- name: "Set virtualbox base snapshot option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*base_snapshot = @@ -855,7 +841,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set virtualbox base folder option" +- name: "Set virtualbox base folder option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*base_folder = @@ -870,11 +856,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set virtualbox disable snapshots option" +- name: "Set virtualbox disable snapshots option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*disable_snapshots = - line: " disable_snapshots = {{ gitlab_runner.virtualbox_disable_snapshots|default(false) | to_json }}" + line: " disable_snapshots = {{ gitlab_runner.virtualbox_disable_snapshots | default(false) | to_json }}" state: "{{ 'present' if gitlab_runner.virtualbox_disable_snapshots is defined else 'absent' }}" insertafter: ^\s*\[runners\.virtualbox\] backrefs: false @@ -885,181 +871,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -#### [runners.feature_flags] section ##### -- name: "{{ runn_name_prefix }} Set feature flag options" - blockinfile: - path: "{{ temp_runner_config.path }}" - content: "{{ lookup('template', 'config.runners.feature_flags.j2') if gitlab_runner.feature_flags is defined }}" - state: "{{ 'present' if gitlab_runner.feature_flags is defined else 'absent' }}" - marker: "# {mark} runners.feature_flags" - insertafter: EOF - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -#### [runners.machine] section #### -- name: "{{ runn_name_prefix }} Set machine section" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^\s*\[runners\.machine\]' - line: ' [runners.machine]' - state: "{{ 'present' if gitlab_runner.machine_MachineOptions is defined else 'absent' }}" - insertafter: EOF - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set machine MaxGrowthRate" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^ MaxGrowthRate =' - line: ' MaxGrowthRate = {{ gitlab_runner.machine_MaxGrowthRate|default("") | to_json }}' - state: "{{ 'present' if gitlab_runner.machine_MaxGrowthRate is defined else 'absent' }}" - insertafter: '^\s*\[runners\.machine\]' - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set machine IdleCount" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^ IdleCount =' - line: ' IdleCount = {{ gitlab_runner.machine_IdleCount|default("") | to_json }}' - state: "{{ 'present' if gitlab_runner.machine_IdleCount is defined else 'absent' }}" - insertafter: '^\s*\[runners\.machine\]' - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set machine IdleScaleFactor" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^ IdleScaleFactor =' - line: ' IdleScaleFactor = {{ gitlab_runner.machine_IdleScaleFactor|default("") | to_json }}' - state: "{{ 'present' if gitlab_runner.machine_IdleScaleFactor is defined else 'absent' }}" - insertafter: '^\s*\[runners\.machine\]' - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set machine IdleCountMin" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^ IdleCountMin =' - line: ' IdleCountMin = {{ gitlab_runner.machine_IdleCountMin|default("") | to_json }}' - state: "{{ 'present' if gitlab_runner.machine_IdleCountMin is defined else 'absent' }}" - insertafter: '^\s*\[runners\.machine\]' - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set machine IdleTime" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^ IdleTime =' - line: ' IdleTime = {{ gitlab_runner.machine_IdleTime|default("") | to_json }}' - state: "{{ 'present' if gitlab_runner.machine_IdleTime is defined else 'absent' }}" - insertafter: '^\s*\[runners\.machine\]' - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set machine MaxBuilds" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^ MaxBuilds =' - line: ' MaxBuilds = {{ gitlab_runner.machine_MaxBuilds|default("") | to_json }}' - state: "{{ 'present' if gitlab_runner.machine_MaxBuilds is defined else 'absent' }}" - insertafter: '^\s*\[runners\.machine\]' - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set machine MachineName" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^ MachineName =' - line: ' MachineName = {{ gitlab_runner.machine_MachineName|default("") | to_json }}' - state: "{{ 'present' if gitlab_runner.machine_MachineName is defined else 'absent' }}" - insertafter: '^\s*\[runners\.machine\]' - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set machine MachineDriver" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^ MachineDriver =' - line: ' MachineDriver = {{ gitlab_runner.machine_MachineDriver|default("") | to_json }}' - state: "{{ 'present' if gitlab_runner.machine_MachineDriver is defined else 'absent' }}" - insertafter: '^\s*\[runners\.machine\]' - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set machine MachineOptions" - lineinfile: - dest: "{{ temp_runner_config.path }}" - regexp: '^ MachineOptions =' - line: ' MachineOptions = {{ gitlab_runner.machine_MachineOptions|default("") | to_json }}' - state: "{{ 'present' if gitlab_runner.machine_MachineOptions is defined else 'absent' }}" - insertafter: '^\s*\[runners\.machine\]' - backrefs: false - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -#### [[runners.machine.autoscaling]] section #### - -- name: "{{ runn_name_prefix }} Set additional autoscaling" - blockinfile: - dest: "{{ temp_runner_config.path }}" - content: "{{ lookup('template', 'config.runners.machine.autoscaling.j2') if gitlab_runner.machine_autoscaling is defined }}" - state: "{{ 'present' if gitlab_runner.machine_autoscaling is defined else 'absent' }}" - marker: "# {mark} runners.machine.autoscaling" - insertafter: EOF - check_mode: false - no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - notify: - - restart_gitlab_runner - - restart_gitlab_runner_macos - -- name: "{{ runn_name_prefix }} Set builds dir file option" +- name: "Set builds dir file option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*builds_dir = - line: ' builds_dir = {{ gitlab_runner.builds_dir|default("") | to_json }}' + line: ' builds_dir = {{ gitlab_runner.builds_dir | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.builds_dir is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false @@ -1069,11 +885,11 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Set cache dir file option" +- name: "Set cache dir file option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*cache_dir = - line: ' cache_dir = {{ gitlab_runner.cache_dir|default("") | to_json }}' + line: ' cache_dir = {{ gitlab_runner.cache_dir | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_dir is defined else 'absent' }}" insertafter: ^\s*executor = backrefs: false @@ -1083,12 +899,12 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "{{ runn_name_prefix }} Ensure directory permissions" +- name: "Ensure directory permissions {{ runn_name_prefix }}" ansible.builtin.file: dest: "{{ item }}" state: directory - owner: "{{ gitlab_runner_runtime_owner|default(omit) }}" - group: "{{ gitlab_runner_runtime_group|default(omit) }}" + owner: "{{ gitlab_runner_runtime_owner | default(omit) }}" + group: "{{ gitlab_runner_runtime_group | default(omit) }}" mode: "0770" modification_time: preserve access_time: preserve @@ -1098,7 +914,7 @@ - '{{ gitlab_runner.cache_dir | default("") }}' when: item|length -- name: "{{ runn_name_prefix }} Ensure directory access test" +- name: "Ensure directory access test {{ runn_name_prefix }}" ansible.builtin.command: /usr/bin/test -r {{ item }} loop: - '{{ gitlab_runner.builds_dir | default("") }}' @@ -1106,24 +922,25 @@ when: item|length changed_when: false become: true - become_user: "{{ gitlab_runner_runtime_owner|default(omit) }}" + become_user: "{{ gitlab_runner_runtime_owner | default(omit) }}" register: ensure_directory_access ignore_errors: true -- name: "{{ runn_name_prefix }} Ensure directory access fail on error" +- name: "Ensure directory access fail on error {{ runn_name_prefix }}" ansible.builtin.fail: msg: "Error: user gitlab-runner failed to test access to {{ item.item }}. Check parent folder(s) permissions" loop: "{{ ensure_directory_access.results }}" when: - item.rc is defined and item.rc != 0 -- ansible.builtin.include_tasks: section-config-runner.yml +- name: Config runner + ansible.builtin.include_tasks: section-config-runner.yml vars: - sect_name_prefix: "{{ runn_name_prefix }} section[{{ (section_index|int) + 1 }}/{{ gitlab_runner.extra_configs|list|length }}]:" - loop: "{{ gitlab_runner.extra_configs|list }}" + sect_name_prefix: "{{ runn_name_prefix }} section[{{ (section_index | int) + 1 }}/{{ gitlab_runner.extra_configs | list | length }}]:" + loop: "{{ gitlab_runner.extra_configs | list }}" loop_control: loop_var: section index_var: section_index when: - gitlab_runner.extra_configs is defined - - gitlab_runner.extra_configs|list|length > 0 + - gitlab_runner.extra_configs | list | length > 0 diff --git a/tests/test.yml b/tests/test.yml index b7ced6e..7510a73 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -1,5 +1,6 @@ --- -- hosts: localhost +- name: Prepare + hosts: localhost tasks: - name: Load platform-specific variables ansible.builtin.include_vars: "{{ lookup('first_found', possible_files) }}" @@ -11,22 +12,27 @@ - default.yml paths: - vars + - name: Copy the mock gitlab CI server ansible.builtin.copy: src: mock_gitlab_runner_ci.py dest: ~/mock_gitlab_runner_ci.py + mode: 0644 when: run_mock_server + - name: Ensure mock CI pidfile is absent ansible.builtin.file: path: ~/mock_ci.pid state: absent when: run_mock_server + - name: Start the mock CI ansible.builtin.shell: python ~/mock_gitlab_runner_ci.py ~/mock_ci.pid 6060 >~/mock_ci.log 2>&1 async: 3600 poll: 0 register: mock_server when: run_mock_server + - name: Wait for pidfile to be created ansible.builtin.wait_for: host: 127.0.0.1 @@ -35,17 +41,20 @@ timeout: 30 when: run_mock_server -- hosts: localhost +- name: Run role + hosts: localhost roles: - ansible-gitlab-runner -- hosts: localhost +- name: Cleanup + hosts: localhost tasks: - name: Get pid mock gitlab CI server ansible.builtin.slurp: src: ~/mock_ci.pid register: pidfile_b64 when: run_mock_server + - name: Kill the mock CI ansible.builtin.command: kill {{ pidfile_b64.content | b64decode }} when: run_mock_server From ca8d70b6b28e90bba3610110565804f5aa8566c2 Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 15:50:30 +0000 Subject: [PATCH 09/22] fix: file permissions Signed-off-by: gardar --- tasks/global-setup.yml | 3 ++- tasks/install-container.yml | 1 + tasks/register-runner-windows.yml | 1 + tasks/register-runner.yml | 4 ++-- tasks/systemd-reload.yml | 2 ++ 5 files changed, 8 insertions(+), 3 deletions(-) diff --git a/tasks/global-setup.yml b/tasks/global-setup.yml index 3e57344..011e0cc 100644 --- a/tasks/global-setup.yml +++ b/tasks/global-setup.yml @@ -12,6 +12,7 @@ state: touch modification_time: preserve access_time: preserve + mode: 0600 become: "{{ gitlab_runner_system_mode }}" - name: Set concurrent option @@ -58,7 +59,7 @@ ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^log_format = - line: log_format = "{{ gitlab_runner_log_format|default("runner") }}" + line: log_format = "{{ gitlab_runner_log_format | default("runner") }}" insertbefore: BOF state: present no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" diff --git a/tasks/install-container.yml b/tasks/install-container.yml index b401554..ef0da8e 100644 --- a/tasks/install-container.yml +++ b/tasks/install-container.yml @@ -9,3 +9,4 @@ ansible.builtin.file: state: directory path: "{{ gitlab_runner_container_mount_path }}" + mode: 0755 diff --git a/tasks/register-runner-windows.yml b/tasks/register-runner-windows.yml index 2aef5a0..f85b18f 100644 --- a/tasks/register-runner-windows.yml +++ b/tasks/register-runner-windows.yml @@ -127,6 +127,7 @@ --ssh-password '{{ gitlab_runner.ssh_password | hash("sha1") }}' {% endif %} dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" + mode: 0644 register: runner_config_state - name: Unregister runner diff --git a/tasks/register-runner.yml b/tasks/register-runner.yml index 5646a19..6097794 100644 --- a/tasks/register-runner.yml +++ b/tasks/register-runner.yml @@ -2,8 +2,8 @@ - name: Accept gitlab server self signed cert as valid CA ansible.builtin.shell: | set -o pipefail - openssl s_client -connect {{gitlab_server_ip}}:443 -showcerts /dev/null | - sed -e '/-----BEGIN/,/-----END/!d' | tee {{tls_ca_file}} >/dev/null + openssl s_client -connect {{ gitlab_server_ip }}:443 -showcerts /dev/null | + sed -e '/-----BEGIN/,/-----END/!d' | tee {{ tls_ca_file }} >/dev/null when: force_accept_gitlab_server_self_signed changed_when: true diff --git a/tasks/systemd-reload.yml b/tasks/systemd-reload.yml index 60d637c..cf419c2 100644 --- a/tasks/systemd-reload.yml +++ b/tasks/systemd-reload.yml @@ -15,6 +15,7 @@ content: | [Service] ExecReload=/bin/kill -HUP $MAINPID + mode: 0644 register: gitlab_runner_exec_reload # https://docs.gitlab.com/runner/configuration/init.html#overriding-systemd @@ -26,6 +27,7 @@ [Service] TimeoutStopSec={{ gitlab_runner_timeout_stop_seconds }} KillSignal=SIGQUIT + mode: 0644 when: gitlab_runner_timeout_stop_seconds > 0 register: gitlab_runner_kill_timeout From 28307c7757942e60a24b9161f5f8d0102a06325d Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 15:57:08 +0000 Subject: [PATCH 10/22] fix: changed_when Signed-off-by: gardar --- handlers/main.yml | 1 + tasks/install-macos.yml | 4 ++++ tasks/register-runner.yml | 1 + tasks/unregister-runner.yml | 1 + tasks/update-ca-bundle.yml | 3 +++ tests/test.yml | 2 ++ 6 files changed, 12 insertions(+) diff --git a/handlers/main.yml b/handlers/main.yml index 7621fee..dd1a870 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -13,6 +13,7 @@ ansible.builtin.command: "{{ gitlab_runner_executable }} restart" listen: restart_gitlab_runner_macos become: "{{ gitlab_runner_system_mode }}" + changed_when: true when: ansible_os_family == 'Darwin' and gitlab_runner_macos_start_runner - name: Restart_gitlab_runner_windows diff --git a/tasks/install-macos.yml b/tasks/install-macos.yml index 8691ed5..a59664e 100644 --- a/tasks/install-macos.yml +++ b/tasks/install-macos.yml @@ -53,9 +53,11 @@ - name: (MacOS) Install GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} install" + changed_when: true - name: (MacOS) Start GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} start" + changed_when: true when: gitlab_runner_macos_start_runner - name: (MacOS) UPGRADE GitLab Runner for macOS @@ -65,6 +67,7 @@ block: - name: (MacOS) Stop GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} stop" + changed_when: true - name: (MacOS) Download GitLab Runner ansible.builtin.get_url: @@ -83,3 +86,4 @@ - name: (MacOS) Start GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} start" + changed_when: true diff --git a/tasks/register-runner.yml b/tasks/register-runner.yml index 6097794..7fa5c90 100644 --- a/tasks/register-runner.yml +++ b/tasks/register-runner.yml @@ -198,5 +198,6 @@ when: - actual_gitlab_runner_name not in registered_gitlab_runner_names - gitlab_runner.state | default('present') == 'present' + changed_when: true no_log: true become: "{{ gitlab_runner_system_mode }}" diff --git a/tasks/unregister-runner.yml b/tasks/unregister-runner.yml index 673b6b4..1c42434 100644 --- a/tasks/unregister-runner.yml +++ b/tasks/unregister-runner.yml @@ -26,5 +26,6 @@ - name: Unregister runner ansible.builtin.command: "{{ gitlab_runner_executable }} unregister --name {{ actual_gitlab_runner_name }}" + changed_when: true when: - gitlab_install_target_platform == 'unix' diff --git a/tasks/update-ca-bundle.yml b/tasks/update-ca-bundle.yml index 7e85a9c..cb66135 100644 --- a/tasks/update-ca-bundle.yml +++ b/tasks/update-ca-bundle.yml @@ -14,12 +14,15 @@ - name: Enable dynamic ca configuration on rhel6 ansible.builtin.command: /bin/update-ca-trust enable + changed_when: true when: ansible_os_family == "RedHat" and ansible_distribution_major_version|int == 6 - name: Update trusted ca debian ansible.builtin.command: /usr/sbin/update-ca-certificates + changed_when: true when: ansible_os_family == "Debian" - name: Update trusted ca redhat ansible.builtin.command: /bin/update-ca-trust + changed_when: true when: ansible_os_family == "RedHat" diff --git a/tests/test.yml b/tests/test.yml index 7510a73..394b16c 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -31,6 +31,7 @@ async: 3600 poll: 0 register: mock_server + changed_when: true when: run_mock_server - name: Wait for pidfile to be created @@ -57,4 +58,5 @@ - name: Kill the mock CI ansible.builtin.command: kill {{ pidfile_b64.content | b64decode }} + changed_when: true when: run_mock_server From adf0647e5034c334e94a90bcd98468e30d7270cf Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 16:03:41 +0000 Subject: [PATCH 11/22] fix: jinja2 formatting Signed-off-by: gardar --- tasks/config-runners-container.yml | 2 +- tasks/config-runners-windows.yml | 2 +- tasks/config-runners.yml | 4 ++-- tasks/main.yml | 2 +- tasks/update-config-runner.yml | 8 ++++---- vars/Windows.yml | 2 +- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/tasks/config-runners-container.yml b/tasks/config-runners-container.yml index 954286e..9c5a9f6 100644 --- a/tasks/config-runners-container.yml +++ b/tasks/config-runners-container.yml @@ -18,7 +18,7 @@ - name: Write config section for each runner vars: - conf_name_prefix: "conf[{{ (runner_config_index|int) + 1 }}/{{ runner_configs|length }}]:" + conf_name_prefix: "conf[{{ (runner_config_index | int) + 1 }}/{{ runner_configs | length }}]:" ansible.builtin.include_tasks: config-runner-container.yml loop: "{{ runner_configs }}" loop_control: diff --git a/tasks/config-runners-windows.yml b/tasks/config-runners-windows.yml index 028a57e..9e9435e 100644 --- a/tasks/config-runners-windows.yml +++ b/tasks/config-runners-windows.yml @@ -22,7 +22,7 @@ - name: (Windows) Write config section for each runner vars: - conf_name_prefix: "conf[{{ (runner_config_index|int) + 1 }}/{{ runner_configs|length }}]:" + conf_name_prefix: "conf[{{ (runner_config_index | int) + 1 }}/{{ runner_configs | length }}]:" ansible.builtin.include_tasks: config-runner-windows.yml loop: "{{ runner_configs }}" loop_control: diff --git a/tasks/config-runners.yml b/tasks/config-runners.yml index 1c4a59f..6023387 100644 --- a/tasks/config-runners.yml +++ b/tasks/config-runners.yml @@ -20,7 +20,7 @@ - name: Write config section for each runner vars: - conf_name_prefix: "conf[{{ (runner_config_index|int) + 1 }}/{{ runner_configs|length }}]:" + conf_name_prefix: "conf[{{ (runner_config_index | int) + 1 }}/{{ runner_configs | length }}]:" ansible.builtin.include_tasks: config-runner.yml loop: "{{ runner_configs }}" loop_control: @@ -37,4 +37,4 @@ validate: "{{ gitlab_runner_executable }} verify -c %s" mode: "0600" become: "{{ gitlab_runner_system_mode }}" - diff: "{{ gitlab_runner_show_config_diff|bool }}" + diff: "{{ gitlab_runner_show_config_diff | bool }}" diff --git a/tasks/main.yml b/tasks/main.yml index cfc84ee..92a59b2 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -13,7 +13,7 @@ - name: Validate GitLab Runner configurations ansible.builtin.include_tasks: validate-runner-config.yml vars: - actual_gitlab_runner_name: "{{ gitlab_runner.name|default(ansible_hostname+'-'+gitlab_runner_index|string) }}" + actual_gitlab_runner_name: "{{ gitlab_runner.name | default(ansible_hostname + '-' + gitlab_runner_index | string) }}" loop: "{{ gitlab_runner_runners }}" loop_control: label: "{{ actual_gitlab_runner_name }}" diff --git a/tasks/update-config-runner.yml b/tasks/update-config-runner.yml index 0bd4a2a..8cbe095 100644 --- a/tasks/update-config-runner.yml +++ b/tasks/update-config-runner.yml @@ -162,7 +162,7 @@ ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*\[runners\.{{ gitlab_runner.executor | default("shell") }}\] - line: ' [runners.{{ gitlab_runner.executor|replace("docker+machine","machine") | default("shell") }}]' + line: ' [runners.{{ gitlab_runner.executor | replace("docker+machine", "machine") | default("shell") }}]' state: "{{ 'absent' if (gitlab_runner.executor | default('shell')) == 'shell' else 'present' }}" insertafter: ^\s*executor = backrefs: false @@ -317,7 +317,7 @@ ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*pull_policy = - line: " pull_policy = {{ gitlab_runner.docker_pull_policy | default([])|to_json }}" + line: " pull_policy = {{ gitlab_runner.docker_pull_policy | default([]) | to_json }}" state: "{{ 'present' if gitlab_runner.docker_pull_policy is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -331,7 +331,7 @@ ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*volumes = - line: " volumes = {{ gitlab_runner.docker_volumes | default([])|to_json }}" + line: " volumes = {{ gitlab_runner.docker_volumes | default([]) | to_json }}" state: "{{ 'present' if gitlab_runner.docker_volumes is defined else 'absent' }}" insertafter: ^\s*\[runners\.docker\] backrefs: false @@ -586,7 +586,7 @@ ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*BucketName = - line: ' BucketName = {{ gitlab_runner.cache_s3_bucket_name | default("") | to_json }}' + line: ' BucketName = {{ gitlab_runner.cache_s3_bucket_name | default("") | to_json }}' state: "{{ 'present' if gitlab_runner.cache_s3_bucket_name is defined else 'absent' }}" insertafter: ^\s*\[runners\.cache\.s3\] backrefs: false diff --git a/vars/Windows.yml b/vars/Windows.yml index ad6b85f..fec2df7 100644 --- a/vars/Windows.yml +++ b/vars/Windows.yml @@ -6,4 +6,4 @@ gitlab_runner_install_directory: c:/gitlab-runner/ gitlab_runner_config_file_location: "{{ gitlab_runner_install_directory }}" gitlab_runner_config_file: "{{ gitlab_runner_config_file_location }}/config.toml" # on Windows -gitlab_runner_executable: "{{gitlab_runner_install_directory}}/{{ gitlab_runner_package_name }}.exe" +gitlab_runner_executable: "{{ gitlab_runner_install_directory }}/{{ gitlab_runner_package_name }}.exe" From 875621c43a0b703e7fdfa7580669cbcc2eed20ef Mon Sep 17 00:00:00 2001 From: gardar Date: Tue, 23 Jan 2024 16:18:35 +0000 Subject: [PATCH 12/22] fix: yaml linting Signed-off-by: gardar --- .github/workflows/stale.yml | 6 ++++-- .travis.yml | 8 ++++---- tasks/config-runner.yml | 2 +- tasks/global-setup.yml | 2 +- tasks/install-container.yml | 2 +- tasks/install-macos.yml | 4 ++-- tasks/install-windows.yml | 4 ++-- tasks/register-runner-container.yml | 2 +- tasks/register-runner-windows.yml | 2 +- tasks/register-runner.yml | 2 +- tasks/systemd-reload.yml | 4 ++-- tests/test.yml | 2 +- vars/Darwin.yml | 3 ++- 13 files changed, 23 insertions(+), 20 deletions(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index a82969d..9422080 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -16,9 +16,11 @@ jobs: steps: - uses: actions/stale@v8 with: - stale-issue-message: Seems this message did not get a lot of love. This does not mean it was not seen but time wise might not have made it to proper attention. + stale-issue-message: Seems this message did not get a lot of love. + This does not mean it was not seen but time wise might not have made it to proper attention. This is just the clean up action ;) - stale-pr-message: Although PRs are appreciated, if it sits for too long nothing happens. Can always update and do again :) This is just the automation talking + stale-pr-message: Although PRs are appreciated, if it sits for too long nothing happens. Can always update and do again :) + This is just the automation talking days-before-issue-stale: 30 days-before-pr-stale: 45 days-before-issue-close: 5 diff --git a/.travis.yml b/.travis.yml index 1989d34..c937781 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,7 +17,7 @@ jobs: # Check ansible version - ansible --version # Create ansible.cfg with correct roles_path - #- printf '[defaults]\nroles_path=../' > ansible.cfg + # - printf '[defaults]\nroles_path=../' > ansible.cfg - "{ echo '[defaults]'; echo 'roles_path = ../'; } > ansible.cfg" script: # Basic role syntax check @@ -30,7 +30,7 @@ jobs: - os: osx osx_image: xcode10.3 # See https://github.com/travis-ci/travis-ci/issues/2312#issuecomment-422830059 - #language: python + # language: python language: generic install: # Install ansible @@ -59,7 +59,7 @@ jobs: - cd ../../ - wsl ansible-playbook test.yml -i inventory --syntax-check # Running tests - - wsl ansible-playbook test.yml -i inventory --extra-vars 'ansible_user=ansible ansible_password=Ans1ble_User! ansible_connection=winrm ansible_winrm_server_cert_validation=ignore - ansible_ssh_port=5986' + - wsl ansible-playbook test.yml -i inventory --extra-vars 'ansible_user=ansible ansible_password=Ans1ble_User! + ansible_connection=winrm ansible_winrm_server_cert_validation=ignore ansible_ssh_port=5986' notifications: webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/tasks/config-runner.yml b/tasks/config-runner.yml index 934257b..08fb1a9 100644 --- a/tasks/config-runner.yml +++ b/tasks/config-runner.yml @@ -12,7 +12,7 @@ ansible.builtin.copy: dest: "{{ temp_runner_config.path }}" content: "{{ runner_config }}" - mode: 0644 + mode: "0644" check_mode: false changed_when: false no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" diff --git a/tasks/global-setup.yml b/tasks/global-setup.yml index 011e0cc..fcf9544 100644 --- a/tasks/global-setup.yml +++ b/tasks/global-setup.yml @@ -12,7 +12,7 @@ state: touch modification_time: preserve access_time: preserve - mode: 0600 + mode: "0600" become: "{{ gitlab_runner_system_mode }}" - name: Set concurrent option diff --git a/tasks/install-container.yml b/tasks/install-container.yml index ef0da8e..49be48d 100644 --- a/tasks/install-container.yml +++ b/tasks/install-container.yml @@ -9,4 +9,4 @@ ansible.builtin.file: state: directory path: "{{ gitlab_runner_container_mount_path }}" - mode: 0755 + mode: "0755" diff --git a/tasks/install-macos.yml b/tasks/install-macos.yml index a59664e..76df415 100644 --- a/tasks/install-macos.yml +++ b/tasks/install-macos.yml @@ -30,12 +30,12 @@ ansible.builtin.file: path: /usr/local/var/log state: directory - mode: 0755 + mode: "0755" owner: "{{ ansible_user_id | string }}" - name: (MacOS) Precreate directory {{ gitlab_runner_directory }} ansible.builtin.file: - mode: "755" + mode: "0755" owner: root path: "{{ gitlab_runner_directory }}" state: directory diff --git a/tasks/install-windows.yml b/tasks/install-windows.yml index c2cb394..a043caa 100644 --- a/tasks/install-windows.yml +++ b/tasks/install-windows.yml @@ -42,8 +42,8 @@ when: (gitlab_runner_windows_service_user | length == 0) or (gitlab_runner_windows_service_password | length == 0) - name: (Windows) Install GitLab Runner - ansible.windows.win_command: '{{ gitlab_runner_executable }} install --user "{{ gitlab_runner_windows_service_user }}" --password "{{ gitlab_runner_windows_service_password - }}"' + ansible.windows.win_command: '{{ gitlab_runner_executable }} install --user "{{ gitlab_runner_windows_service_user }}" --password + "{{ gitlab_runner_windows_service_password }}"' args: chdir: "{{ gitlab_runner_config_file_location }}" when: diff --git a/tasks/register-runner-container.yml b/tasks/register-runner-container.yml index 2f6532a..d01e001 100644 --- a/tasks/register-runner-container.yml +++ b/tasks/register-runner-container.yml @@ -128,7 +128,7 @@ --ssh-password '{{ gitlab_runner.ssh_password | hash("sha1") }}' {% endif %} dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" - mode: 0644 + mode: "0644" register: runner_config_state - name: Unregister runner diff --git a/tasks/register-runner-windows.yml b/tasks/register-runner-windows.yml index f85b18f..5c387dd 100644 --- a/tasks/register-runner-windows.yml +++ b/tasks/register-runner-windows.yml @@ -127,7 +127,7 @@ --ssh-password '{{ gitlab_runner.ssh_password | hash("sha1") }}' {% endif %} dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" - mode: 0644 + mode: "0644" register: runner_config_state - name: Unregister runner diff --git a/tasks/register-runner.yml b/tasks/register-runner.yml index 7fa5c90..2f98310 100644 --- a/tasks/register-runner.yml +++ b/tasks/register-runner.yml @@ -167,7 +167,7 @@ --ssh-password '{{ gitlab_runner.ssh_password | hash("sha1") }}' {% endif %} dest: "{{ gitlab_runner_config_file_location }}/last-runner-config-{{ actual_gitlab_runner_name }}" - mode: 0644 + mode: "0644" register: runner_config_state - name: Unregister runner diff --git a/tasks/systemd-reload.yml b/tasks/systemd-reload.yml index cf419c2..84a76b8 100644 --- a/tasks/systemd-reload.yml +++ b/tasks/systemd-reload.yml @@ -15,7 +15,7 @@ content: | [Service] ExecReload=/bin/kill -HUP $MAINPID - mode: 0644 + mode: "0644" register: gitlab_runner_exec_reload # https://docs.gitlab.com/runner/configuration/init.html#overriding-systemd @@ -27,7 +27,7 @@ [Service] TimeoutStopSec={{ gitlab_runner_timeout_stop_seconds }} KillSignal=SIGQUIT - mode: 0644 + mode: "0644" when: gitlab_runner_timeout_stop_seconds > 0 register: gitlab_runner_kill_timeout diff --git a/tests/test.yml b/tests/test.yml index 394b16c..47ec366 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -17,7 +17,7 @@ ansible.builtin.copy: src: mock_gitlab_runner_ci.py dest: ~/mock_gitlab_runner_ci.py - mode: 0644 + mode: "0644" when: run_mock_server - name: Ensure mock CI pidfile is absent diff --git a/vars/Darwin.yml b/vars/Darwin.yml index 05d4aaf..b18934d 100644 --- a/vars/Darwin.yml +++ b/vars/Darwin.yml @@ -2,7 +2,8 @@ gitlab_runner_arch: "{{ (ansible_machine == 'arm64') | ternary('arm64', 'amd64') }}" -gitlab_runner_download_url: https://gitlab-runner-downloads.s3.amazonaws.com/{{ gitlab_runner_wanted_tag }}/binaries/gitlab-runner-darwin-{{ gitlab_runner_arch }} +gitlab_runner_download_url: + "https://gitlab-runner-downloads.s3.amazonaws.com/{{ gitlab_runner_wanted_tag }}/binaries/gitlab-runner-darwin-{{ gitlab_runner_arch }}" gitlab_runner_directory: /usr/local/bin gitlab_runner_executable: "{{ gitlab_runner_directory }}/{{ gitlab_runner_package_name }}" From a3c9c34c83db10d77f614b80e97a07631a7af12c Mon Sep 17 00:00:00 2001 From: gardar Date: Thu, 25 Apr 2024 13:07:22 +0000 Subject: [PATCH 13/22] fix: lint rebase Signed-off-by: gardar --- tasks/global-setup-windows.yml | 6 +- tasks/global-setup.yml | 10 +-- tasks/update-config-runner.yml | 155 +++++++++++++++++++++++++++++++++ vars/Windows.yml | 2 +- 4 files changed, 164 insertions(+), 9 deletions(-) diff --git a/tasks/global-setup-windows.yml b/tasks/global-setup-windows.yml index 5691859..b7491de 100644 --- a/tasks/global-setup-windows.yml +++ b/tasks/global-setup-windows.yml @@ -24,7 +24,7 @@ - restart_gitlab_runner_windows - name: (Windows) Set check_interval option - win_lineinfile: + community.windows.win_lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^check_interval =.* line: check_interval = {{ gitlab_runner_check_interval }} @@ -43,7 +43,7 @@ line: listen_address = "{{ gitlab_runner_listen_address }}" insertafter: \s*concurrent.* state: present - when: gitlab_runner_listen_address | length > 0 # Ensure value is set + when: gitlab_runner_listen_address | length > 0 # Ensure value is set notify: - restart_gitlab_runner - restart_gitlab_runner_windows @@ -55,7 +55,7 @@ line: sentry_dsn = "{{ gitlab_runner_sentry_dsn }}" insertafter: \s*concurrent.* state: present - when: gitlab_runner_sentry_dsn | length > 0 # Ensure value is set + when: gitlab_runner_sentry_dsn | length > 0 # Ensure value is set notify: - restart_gitlab_runner - restart_gitlab_runner_macos diff --git a/tasks/global-setup.yml b/tasks/global-setup.yml index fcf9544..0ed1ee7 100644 --- a/tasks/global-setup.yml +++ b/tasks/global-setup.yml @@ -29,7 +29,7 @@ - restart_gitlab_runner_macos - name: Set check_interval option - lineinfile: + ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^check_interval = line: check_interval = {{ gitlab_runner_check_interval }} @@ -49,7 +49,7 @@ insertafter: \s*concurrent.* state: present no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - when: gitlab_runner_listen_address | length > 0 + when: gitlab_runner_listen_address | length > 0 become: "{{ gitlab_runner_system_mode }}" notify: - restart_gitlab_runner @@ -63,14 +63,14 @@ insertbefore: BOF state: present no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - when: gitlab_runner_log_format is defined + when: gitlab_runner_log_format is defined become: "{{ gitlab_runner_system_mode }}" notify: - restart_gitlab_runner - restart_gitlab_runner_macos - name: Add log_level to config - lineinfile: + ansible.builtin.lineinfile: dest: "{{ gitlab_runner_config_file }}" regexp: ^log_level = line: log_level = "{{ gitlab_runner_log_level }}" @@ -91,7 +91,7 @@ insertafter: \s*concurrent.* state: present no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" - when: gitlab_runner_sentry_dsn | length > 0 + when: gitlab_runner_sentry_dsn | length > 0 become: "{{ gitlab_runner_system_mode }}" notify: - restart_gitlab_runner diff --git a/tasks/update-config-runner.yml b/tasks/update-config-runner.yml index 8cbe095..5e7a016 100644 --- a/tasks/update-config-runner.yml +++ b/tasks/update-config-runner.yml @@ -872,6 +872,161 @@ - restart_gitlab_runner_macos - name: "Set builds dir file option {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^\s*\[runners\.machine\]' + line: ' [runners.machine]' + state: present + insertafter: EOF + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set machine MaxGrowthRate option {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^ MaxGrowthRate =' + line: ' MaxGrowthRate = {{ gitlab_runner.machine_MaxGrowthRate | default("") | to_json }}' + state: "{{ 'present' if gitlab_runner.machine_MaxGrowthRate is defined else 'absent' }}" + insertafter: '^\s*\[runners\.machine\]' + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set machine IdleCount option {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^ IdleCount =' + line: ' IdleCount = {{ gitlab_runner.machine_IdleCount | default("") | to_json }}' + state: "{{ 'present' if gitlab_runner.machine_IdleCount is defined else 'absent' }}" + insertafter: '^\s*\[runners\.machine\]' + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set machine IdleScaleFactor option {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^ IdleScaleFactor =' + line: ' IdleScaleFactor = {{ gitlab_runner.machine_IdleScaleFactor | default("") | to_json }}' + state: "{{ 'present' if gitlab_runner.machine_IdleScaleFactor is defined else 'absent' }}" + insertafter: '^\s*\[runners\.machine\]' + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set machine IdleCountMin option {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^ IdleCountMin =' + line: ' IdleCountMin = {{ gitlab_runner.machine_IdleCountMin | default("") | to_json }}' + state: "{{ 'present' if gitlab_runner.machine_IdleCountMin is defined else 'absent' }}" + insertafter: '^\s*\[runners\.machine\]' + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set machine IdleTime option {{ runn_name_prefix }} " + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^ IdleTime =' + line: ' IdleTime = {{ gitlab_runner.machine_IdleTime | default("") | to_json }}' + state: "{{ 'present' if gitlab_runner.machine_IdleTime is defined else 'absent' }}" + insertafter: '^\s*\[runners\.machine\]' + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set machine MaxBuilds {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^ MaxBuilds =' + line: ' MaxBuilds = {{ gitlab_runner.machine_MaxBuilds | default("") | to_json }}' + state: "{{ 'present' if gitlab_runner.machine_MaxBuilds is defined else 'absent' }}" + insertafter: '^\s*\[runners\.machine\]' + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set machine MachineName option {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^ MachineName =' + line: ' MachineName = {{ gitlab_runner.machine_MachineName | default("") | to_json }}' + state: "{{ 'present' if gitlab_runner.machine_MachineName is defined else 'absent' }}" + insertafter: '^\s*\[runners\.machine\]' + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set machine MachineDriver {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^ MachineDriver =' + line: ' MachineDriver = {{ gitlab_runner.machine_MachineDriver | default("") | to_json }}' + state: "{{ 'present' if gitlab_runner.machine_MachineDriver is defined else 'absent' }}" + insertafter: '^\s*\[runners\.machine\]' + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set machine MachineOptions option {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: '^ MachineOptions =' + line: ' MachineOptions = {{ gitlab_runner.machine_MachineOptions | default("") | to_json }}' + state: "{{ 'present' if gitlab_runner.machine_MachineOptions is defined else 'absent' }}" + insertafter: '^\s*\[runners\.machine\]' + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +#### [[runners.machine.autoscaling]] section #### + +- name: "Set additional autoscaling option {{ runn_name_prefix }}" + ansible.builtin.blockinfile: + dest: "{{ temp_runner_config.path }}" + content: "{{ lookup('template', 'config.runners.machine.autoscaling.j2') if gitlab_runner.machine_autoscaling is defined }}" + state: "{{ 'present' if gitlab_runner.machine_autoscaling is defined else 'absent' }}" + marker: "# {mark} runners.machine.autoscaling" + insertafter: EOF + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +- name: "Set builds dir file option option {{ runn_name_prefix }} " ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*builds_dir = diff --git a/vars/Windows.yml b/vars/Windows.yml index fec2df7..bfda3fc 100644 --- a/vars/Windows.yml +++ b/vars/Windows.yml @@ -4,6 +4,6 @@ gitlab_runner_download_url: https://gitlab-runner-downloads.s3.amazonaws.com/{{ gitlab_runner_install_directory: c:/gitlab-runner/ gitlab_runner_config_file_location: "{{ gitlab_runner_install_directory }}" -gitlab_runner_config_file: "{{ gitlab_runner_config_file_location }}/config.toml" # on Windows +gitlab_runner_config_file: "{{ gitlab_runner_config_file_location }}/config.toml" # on Windows gitlab_runner_executable: "{{ gitlab_runner_install_directory }}/{{ gitlab_runner_package_name }}.exe" From d664db6902095e2a917280bb80f5d4baacbbc322 Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Mon, 12 Aug 2024 22:25:34 +0200 Subject: [PATCH 14/22] fix: yaml[colons] --- tasks/update-config-runner.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/update-config-runner.yml b/tasks/update-config-runner.yml index 5e7a016..63fd4f4 100644 --- a/tasks/update-config-runner.yml +++ b/tasks/update-config-runner.yml @@ -885,7 +885,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "Set machine MaxGrowthRate option {{ runn_name_prefix }}" +- name: "Set machine MaxGrowthRate option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: '^ MaxGrowthRate =' @@ -899,7 +899,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "Set machine IdleCount option {{ runn_name_prefix }}" +- name: "Set machine IdleCount option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: '^ IdleCount =' @@ -1013,7 +1013,7 @@ #### [[runners.machine.autoscaling]] section #### -- name: "Set additional autoscaling option {{ runn_name_prefix }}" +- name: "Set additional autoscaling option {{ runn_name_prefix }}" ansible.builtin.blockinfile: dest: "{{ temp_runner_config.path }}" content: "{{ lookup('template', 'config.runners.machine.autoscaling.j2') if gitlab_runner.machine_autoscaling is defined }}" From 75b8c2fccf5a62f7614e68c95095017fd076ce7e Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Mon, 12 Aug 2024 22:37:20 +0200 Subject: [PATCH 15/22] fix: jinja[spacing] --- tasks/line-config-runner-windows.yml | 8 ++++---- tasks/line-config-runner.yml | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/tasks/line-config-runner-windows.yml b/tasks/line-config-runner-windows.yml index bb773bd..90682de 100644 --- a/tasks/line-config-runner-windows.yml +++ b/tasks/line-config-runner-windows.yml @@ -1,9 +1,9 @@ --- -- name: "Ensure section exists {{ line_name_prefix }}" # noqa jinja[spacing] +- name: "Ensure section exists {{ line_name_prefix }}" community.windows.win_lineinfile: path: "{{ temp_runner_config.path }}" regexp: ^(\s*)\[{{ section | regex_escape }}\]$ - line: '{{ " " * (section.split(".") | length -1) }}[{{ section }}]' + line: '{{ " " * (section.split(".") | length - 1) }}[{{ section }}]' - name: "Modify existing line {{ line_name_prefix }}" community.windows.win_lineinfile: @@ -14,11 +14,11 @@ register: modified_config_line when: not '.' in line -- name: "Modify existing line to_json {{ line_name_prefix }}" # noqa jinja[spacing] +- name: "Modify existing line to_json {{ line_name_prefix }}" community.windows.win_lineinfile: path: "{{ temp_runner_config.path }}" insertafter: \s+\[{{ section | regex_escape }}\] regexp: ^(\s*)({{ line | to_json | regex_escape }}|{{ line | regex_escape }}) =.* - line: '{{ " " * (section.split(".")|length) }}{{ line | to_json }} = {{ gitlab_runner.extra_configs[section][line] | to_json }}' + line: '{{ " " * (section.split(".") | length) }}{{ line | to_json }} = {{ gitlab_runner.extra_configs[section][line] | to_json }}' register: modified_config_line when: "'.' in line" diff --git a/tasks/line-config-runner.yml b/tasks/line-config-runner.yml index b780d2a..f298522 100644 --- a/tasks/line-config-runner.yml +++ b/tasks/line-config-runner.yml @@ -1,9 +1,9 @@ --- -- name: "Ensure section exists {{ line_name_prefix }}" # noqa jinja[spacing] +- name: "Ensure section exists {{ line_name_prefix }}" ansible.builtin.lineinfile: path: "{{ temp_runner_config.path }}" regexp: ^(\s*)\[{{ section | regex_escape }}\]$ - line: '{{ " " * (section.split(".") | length -1) }}[{{ section }}]' + line: '{{ " " * (section.split(".") | length - 1) }}[{{ section }}]' - name: "Modify existing line {{ line_name_prefix }}" ansible.builtin.lineinfile: From 3e52040b5d473b0ee731cc26f08ed4b520cbe744 Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Mon, 12 Aug 2024 22:58:44 +0200 Subject: [PATCH 16/22] ansible-lint: ignore role-name --- .ansible-lint | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .ansible-lint diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..c60f78e --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,4 @@ +--- +profile: production +warn_list: + - role-name # until role name is fixed on galaxy https://github.com/riemers/ansible-gitlab-runner/pull/312 From 602ffc4aabaca2dd4540df59ed9d429c5a9ad82c Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Mon, 12 Aug 2024 22:59:04 +0200 Subject: [PATCH 17/22] remove unessesary 'changed_when' --- handlers/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/handlers/main.yml b/handlers/main.yml index dd1a870..7621fee 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -13,7 +13,6 @@ ansible.builtin.command: "{{ gitlab_runner_executable }} restart" listen: restart_gitlab_runner_macos become: "{{ gitlab_runner_system_mode }}" - changed_when: true when: ansible_os_family == 'Darwin' and gitlab_runner_macos_start_runner - name: Restart_gitlab_runner_windows From 31ea28964e2f36b33b0e4ab3cb845066d2dc56f0 Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Mon, 12 Aug 2024 23:36:24 +0200 Subject: [PATCH 18/22] ansible-lint: ignore no-changed-when --- .ansible-lint | 1 + 1 file changed, 1 insertion(+) diff --git a/.ansible-lint b/.ansible-lint index c60f78e..6dbfaea 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -2,3 +2,4 @@ profile: production warn_list: - role-name # until role name is fixed on galaxy https://github.com/riemers/ansible-gitlab-runner/pull/312 + - no-changed-when # TODO in future From 6077f5321ea2fad9154dd1784ffca991062fcc97 Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Mon, 12 Aug 2024 23:35:51 +0200 Subject: [PATCH 19/22] reduce changes --- tasks/install-macos.yml | 10 ++++---- tasks/main-windows.yml | 1 + tasks/register-runner-container.yml | 24 +++++++++++++------ tasks/register-runner-windows.yml | 24 +++++++++++++------ tasks/register-runner.yml | 31 ++++++++++++++++-------- tasks/unregister-runner.yml | 1 - tasks/update-config-runner.yml | 37 +++++++++++++++++++++++++---- tests/test.yml | 7 ------ 8 files changed, 93 insertions(+), 42 deletions(-) diff --git a/tasks/install-macos.yml b/tasks/install-macos.yml index 76df415..d8bf060 100644 --- a/tasks/install-macos.yml +++ b/tasks/install-macos.yml @@ -24,9 +24,9 @@ - name: (MacOS) Precreate necessary directories for arm64 architecture when: gitlab_runner_arch == 'arm64' - become: true block: - name: (MacOS) Precreate gitlab-runner log directory + become: true ansible.builtin.file: path: /usr/local/var/log state: directory @@ -34,6 +34,7 @@ owner: "{{ ansible_user_id | string }}" - name: (MacOS) Precreate directory {{ gitlab_runner_directory }} + become: true ansible.builtin.file: mode: "0755" owner: root @@ -53,11 +54,9 @@ - name: (MacOS) Install GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} install" - changed_when: true - name: (MacOS) Start GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} start" - changed_when: true when: gitlab_runner_macos_start_runner - name: (MacOS) UPGRADE GitLab Runner for macOS @@ -67,14 +66,14 @@ block: - name: (MacOS) Stop GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} stop" - changed_when: true - name: (MacOS) Download GitLab Runner + become: true ansible.builtin.get_url: url: "{{ gitlab_runner_download_url }}" dest: "{{ gitlab_runner_executable }}" force: true - become: true + mode: "0744" - name: (MacOS) Setting Permissions for gitlab-runner executable ansible.builtin.file: @@ -86,4 +85,3 @@ - name: (MacOS) Start GitLab Runner ansible.builtin.command: "{{ gitlab_runner_executable }} start" - changed_when: true diff --git a/tasks/main-windows.yml b/tasks/main-windows.yml index 7fb8fb6..f838568 100644 --- a/tasks/main-windows.yml +++ b/tasks/main-windows.yml @@ -29,6 +29,7 @@ - name: (Windows) Set global options ansible.builtin.import_tasks: global-setup-windows.yml + - name: (Windows) Configure GitLab Runner ansible.builtin.include_tasks: config-runners-windows.yml when: gitlab_runner_config_update_mode == 'by_config_toml' diff --git a/tasks/register-runner-container.yml b/tasks/register-runner-container.yml index d01e001..0e462a0 100644 --- a/tasks/register-runner-container.yml +++ b/tasks/register-runner-container.yml @@ -3,23 +3,25 @@ ansible.builtin.set_fact: register_runner_cmd: >- register - --non-interactive - --url '{{ gitlab_runner.url | default(gitlab_runner_coordinator_url) }}' - --description '{{ actual_gitlab_runner_name }}' + {% if gitlab_runner_registration_token_type != "authentication-token" %} + --locked='{{ gitlab_runner.locked | default(false) }}' --tag-list '{{ gitlab_runner.tags | default([]) | join(",") }}' - {% if gitlab_runner.clone_url | default(false) %} - --clone-url "{{ gitlab_runner.clone_url }}" - {% endif %} {% if gitlab_runner.run_untagged | default(true) %} --run-untagged {% endif %} {% if gitlab_runner.protected | default(false) %} --access-level="ref_protected" {% endif %} + {% endif %} + --non-interactive + --url '{{ gitlab_runner.url | default(gitlab_runner_coordinator_url) }}' + --description '{{ actual_gitlab_runner_name }}' + {% if gitlab_runner.clone_url | default(false) %} + --clone-url "{{ gitlab_runner.clone_url }}" + {% endif %} --executor '{{ gitlab_runner.executor | default("shell") }}' --limit '{{ gitlab_runner.concurrent_specific | default(0) }}' --output-limit '{{ gitlab_runner.output_limit | default(4096) }}' - --locked='{{ gitlab_runner.locked | default(false) }}' {% for env_var in gitlab_runner.env_vars | default([]) %} --env '{{ env_var }}' {% endfor %} @@ -114,7 +116,11 @@ ansible.builtin.copy: content: > {{ register_runner_cmd }} + {% if gitlab_runner_registration_token_type == "authentication-token" %} + --token '{{ gitlab_runner.token | hash("sha1") }}' + {% else %} --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) | hash("sha1") }}' + {% endif %} {% if gitlab_runner.cache_s3_secret_key is defined %} --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key | hash("sha1") }}' {% endif %} @@ -146,7 +152,11 @@ image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}" command: > {{ register_runner_cmd }} + {% if gitlab_runner_registration_token_type == "authentication-token" %} + --token '{{ gitlab_runner.token }}' + {% else %} --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) }}' + {% endif %} {% if gitlab_runner.cache_s3_secret_key is defined %} --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key }}' {% endif %} diff --git a/tasks/register-runner-windows.yml b/tasks/register-runner-windows.yml index 5c387dd..919f5e5 100644 --- a/tasks/register-runner-windows.yml +++ b/tasks/register-runner-windows.yml @@ -3,26 +3,28 @@ ansible.builtin.set_fact: register_runner_cmd: >- {{ gitlab_runner_executable }} register - --non-interactive - --url '{{ gitlab_runner.url | default(gitlab_runner_coordinator_url) }}' - --description '{{ actual_gitlab_runner_name }}' + {% if gitlab_runner_registration_token_type != "authentication-token" %} + --locked='{{ gitlab_runner.locked | default(false) }}' --tag-list '{{ gitlab_runner.tags | default([]) | join(",") }}' - {% if gitlab_runner.clone_url | default(false) %} - --clone-url "{{ gitlab_runner.clone_url }}" - {% endif %} {% if gitlab_runner.run_untagged | default(true) %} --run-untagged {% endif %} {% if gitlab_runner.protected | default(false) %} --access-level="ref_protected" {% endif %} + {% endif %} + --non-interactive + --url '{{ gitlab_runner.url | default(gitlab_runner_coordinator_url) }}' + --description '{{ actual_gitlab_runner_name }}' + {% if gitlab_runner.clone_url | default(false) %} + --clone-url "{{ gitlab_runner.clone_url }}" + {% endif %} --executor '{{ gitlab_runner.executor | default("shell") }}' {% if gitlab_runner.shell is defined %} --shell '{{ gitlab_runner.shell }}' {% endif %} --limit '{{ gitlab_runner.concurrent_specific | default(0) }}' --output-limit '{{ gitlab_runner.output_limit | default(4096) }}' - --locked='{{ gitlab_runner.locked | default(false) }}' {% for env_var in gitlab_runner.env_vars | default([]) %} --env '{{ env_var }}' {% endfor %} @@ -113,7 +115,11 @@ ansible.builtin.copy: content: >- {{ register_runner_cmd }} + {% if gitlab_runner_registration_token_type == "authentication-token" %} + --token '{{ gitlab_runner.token | hash("sha1") }}' + {% else %} --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) | hash("sha1") }}' + {% endif %} {% if gitlab_runner.cache_s3_secret_key is defined %} --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key | hash("sha1") }}' {% endif %} @@ -142,7 +148,11 @@ - name: (Windows) Register runner to GitLab ansible.windows.win_shell: >- {{ register_runner_cmd }} + {% if gitlab_runner_registration_token_type == "authentication-token" %} + --token '{{ gitlab_runner.token }}' + {% else %} --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) }}' + {% endif %} {% if gitlab_runner.cache_s3_secret_key is defined %} --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key }}' {% endif %} diff --git a/tasks/register-runner.yml b/tasks/register-runner.yml index 2f98310..3782666 100644 --- a/tasks/register-runner.yml +++ b/tasks/register-runner.yml @@ -5,7 +5,6 @@ openssl s_client -connect {{ gitlab_server_ip }}:443 -showcerts /dev/null | sed -e '/-----BEGIN/,/-----END/!d' | tee {{ tls_ca_file }} >/dev/null when: force_accept_gitlab_server_self_signed - changed_when: true - name: Update CA bundle with self signe cert of the gitlab server ansible.builtin.import_tasks: update-ca-bundle.yml @@ -15,26 +14,28 @@ ansible.builtin.set_fact: register_runner_cmd: >- {{ gitlab_runner_executable }} register - --non-interactive - --url '{{ gitlab_runner.url | default(gitlab_runner_coordinator_url) }}' - --name '{{ actual_gitlab_runner_name }}' + {% if gitlab_runner_registration_token_type != "authentication-token" %} + --locked='{{ gitlab_runner.locked | default(false) }}' --tag-list '{{ gitlab_runner.tags | default([]) | join(",") }}' - {% if gitlab_runner.clone_url | default(false) %} - --clone-url "{{ gitlab_runner.clone_url }}" - {% endif %} {% if gitlab_runner.run_untagged | default(true) %} --run-untagged {% endif %} {% if gitlab_runner.protected | default(false) %} --access-level="ref_protected" {% endif %} + {% endif %} + --non-interactive + --url '{{ gitlab_runner.url | default(gitlab_runner_coordinator_url) }}' + --name '{{ actual_gitlab_runner_name }}' + {% if gitlab_runner.clone_url | default(false) %} + --clone-url "{{ gitlab_runner.clone_url }}" + {% endif %} --executor '{{ gitlab_runner.executor | default("shell") }}' {% if gitlab_runner.shell is defined %} --shell '{{ gitlab_runner.shell }}' {% endif %} --limit '{{ gitlab_runner.concurrent_specific | default(0) }}' --output-limit '{{ gitlab_runner.output_limit | default(4096) }}' - --locked='{{ gitlab_runner.locked | default(false) }}' {% for env_var in gitlab_runner.env_vars | default([]) %} --env '{{ env_var }}' {% endfor %} @@ -69,6 +70,9 @@ {% if gitlab_runner.docker_oom_kill_disable | default(false) %} --docker-oom-kill-disable '{{ gitlab_runner.docker_oom_kill_disable | default("false") }}' {% endif %} + {% for policy in gitlab_runner.docker_allowed_pull_policies | default([]) %} + --docker-allowed-pull-policies "{{ policy }}" + {% endfor %} {% for policy in gitlab_runner.docker_pull_policy | default([]) %} --docker-pull-policy "{{ policy }}" {% endfor %} @@ -153,7 +157,11 @@ ansible.builtin.copy: content: > {{ register_runner_cmd }} + {% if gitlab_runner_registration_token_type == "authentication-token" %} + --token '{{ gitlab_runner.token | hash("sha1") }}' + {% else %} --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) | hash("sha1") }}' + {% endif %} {% if gitlab_runner.cache_s3_secret_key is defined %} --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key | hash("sha1") }}' {% endif %} @@ -182,7 +190,11 @@ - name: Register runner to GitLab ansible.builtin.command: > {{ register_runner_cmd }} + {% if gitlab_runner_registration_token_type == "authentication-token" %} + --token '{{ gitlab_runner.token }}' + {% else %} --registration-token '{{ gitlab_runner.token | default(gitlab_runner_registration_token) }}' + {% endif %} {% if gitlab_runner.cache_s3_secret_key is defined %} --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key }}' {% endif %} @@ -198,6 +210,5 @@ when: - actual_gitlab_runner_name not in registered_gitlab_runner_names - gitlab_runner.state | default('present') == 'present' - changed_when: true - no_log: true + no_log: "{{ gitlab_runner_no_log_secrets | default(true) }}" become: "{{ gitlab_runner_system_mode }}" diff --git a/tasks/unregister-runner.yml b/tasks/unregister-runner.yml index 1c42434..673b6b4 100644 --- a/tasks/unregister-runner.yml +++ b/tasks/unregister-runner.yml @@ -26,6 +26,5 @@ - name: Unregister runner ansible.builtin.command: "{{ gitlab_runner_executable }} unregister --name {{ actual_gitlab_runner_name }}" - changed_when: true when: - gitlab_install_target_platform == 'unix' diff --git a/tasks/update-config-runner.yml b/tasks/update-config-runner.yml index 63fd4f4..529ed02 100644 --- a/tasks/update-config-runner.yml +++ b/tasks/update-config-runner.yml @@ -327,6 +327,20 @@ - restart_gitlab_runner - restart_gitlab_runner_macos +- name: "Set docker allowed_pull_policies option {{ runn_name_prefix }}" + ansible.builtin.lineinfile: + dest: "{{ temp_runner_config.path }}" + regexp: ^\s*allowed_pull_policies = + line: " allowed_pull_policies = {{ gitlab_runner.docker_allowed_pull_policies | default([]) | to_json }}" + state: "{{ 'present' if gitlab_runner.docker_allowed_pull_policies is defined else 'absent' }}" + insertafter: ^\s*\[runners\.docker\] + backrefs: false + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + - name: "Set docker volumes option {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" @@ -871,12 +885,27 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "Set builds dir file option {{ runn_name_prefix }}" +#### [runners.feature_flags] section ##### +- name: "Set feature flag options {{ runn_name_prefix }}" + ansible.builtin.blockinfile: + path: "{{ temp_runner_config.path }}" + content: "{{ lookup('template', 'config.runners.feature_flags.j2') if gitlab_runner.feature_flags is defined }}" + state: "{{ 'present' if gitlab_runner.feature_flags is defined else 'absent' }}" + marker: "# {mark} runners.feature_flags" + insertafter: EOF + check_mode: false + no_log: "{{ gitlab_runner_no_log_secrets | default(omit) }}" + notify: + - restart_gitlab_runner + - restart_gitlab_runner_macos + +#### [runners.machine] section #### +- name: "Set machine section {{ runn_name_prefix }}" ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: '^\s*\[runners\.machine\]' line: ' [runners.machine]' - state: present + state: "{{ 'present' if gitlab_runner.machine_MachineOptions is defined else 'absent' }}" insertafter: EOF backrefs: false check_mode: false @@ -1026,7 +1055,7 @@ - restart_gitlab_runner - restart_gitlab_runner_macos -- name: "Set builds dir file option option {{ runn_name_prefix }} " +- name: "Set builds dir file option {{ runn_name_prefix }} " ansible.builtin.lineinfile: dest: "{{ temp_runner_config.path }}" regexp: ^\s*builds_dir = @@ -1070,7 +1099,7 @@ when: item|length - name: "Ensure directory access test {{ runn_name_prefix }}" - ansible.builtin.command: /usr/bin/test -r {{ item }} + ansible.builtin.command: test -r {{ item }} loop: - '{{ gitlab_runner.builds_dir | default("") }}' - '{{ gitlab_runner.cache_dir | default("") }}' diff --git a/tests/test.yml b/tests/test.yml index 47ec366..4573973 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -12,28 +12,23 @@ - default.yml paths: - vars - - name: Copy the mock gitlab CI server ansible.builtin.copy: src: mock_gitlab_runner_ci.py dest: ~/mock_gitlab_runner_ci.py mode: "0644" when: run_mock_server - - name: Ensure mock CI pidfile is absent ansible.builtin.file: path: ~/mock_ci.pid state: absent when: run_mock_server - - name: Start the mock CI ansible.builtin.shell: python ~/mock_gitlab_runner_ci.py ~/mock_ci.pid 6060 >~/mock_ci.log 2>&1 async: 3600 poll: 0 register: mock_server - changed_when: true when: run_mock_server - - name: Wait for pidfile to be created ansible.builtin.wait_for: host: 127.0.0.1 @@ -55,8 +50,6 @@ src: ~/mock_ci.pid register: pidfile_b64 when: run_mock_server - - name: Kill the mock CI ansible.builtin.command: kill {{ pidfile_b64.content | b64decode }} - changed_when: true when: run_mock_server From 807efc7dbda151249771f26960e3373944d5a072 Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Tue, 13 Aug 2024 00:26:42 +0200 Subject: [PATCH 20/22] use dnf instead of yum --- tasks/update-ca-bundle.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/update-ca-bundle.yml b/tasks/update-ca-bundle.yml index cb66135..368d9b9 100644 --- a/tasks/update-ca-bundle.yml +++ b/tasks/update-ca-bundle.yml @@ -1,6 +1,6 @@ --- - name: Install ca package on rhel systems - ansible.builtin.yum: + ansible.builtin.dnf: name: ca-certificates state: present when: ansible_os_family == "RedHat" From ec243c1f862712bedcf8e90db51251227fe42ffa Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Tue, 13 Aug 2024 00:30:49 +0200 Subject: [PATCH 21/22] fix test --- tests/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test.yml b/tests/test.yml index 4573973..c18ea6d 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -40,7 +40,7 @@ - name: Run role hosts: localhost roles: - - ansible-gitlab-runner + - riemers.gitlab-runner - name: Cleanup hosts: localhost From 8f76a7352b8fae4d9f1db6355e1ec3c48b6372e2 Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Tue, 13 Aug 2024 20:51:59 +0200 Subject: [PATCH 22/22] remove dependencies from meta/main.yml due to requirements.yml --- meta/main.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/meta/main.yml b/meta/main.yml index 4aebabf..0cea91a 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -25,5 +25,3 @@ galaxy_info: - gitlab - runner - ci - -dependencies: []