Run a GitLab Runner on your Swarm
version: '3.4' | |
secrets: | |
# Find your registration token at: "Your project" > "Settings" > "CI/CD" > "Runners settings" > "Specific Runners" (look for registration token) | |
# Register it as `GITLAB_REGISTRATION_TOKEN`: `docker secret create GITLAB_REGISTRATION_TOKEN YOUR_REGISTRATION_TOKEN` | |
GITLAB_REGISTRATION_TOKEN: | |
external: true | |
# Find your personal access token at: "Your user account" > "Settings" > "Access Tokens" > "Create personal access token" (for api) | |
# Register it as `GITLAB_PERSONAL_ACCESS_TOKEN`: `docker secret create GITLAB_PERSONAL_ACCESS_TOKEN <YOUR ACCESS TOKEN>` | |
GITLAB_PERSONAL_ACCESS_TOKEN: | |
external: true | |
services: | |
# Gitlab Runner - https://gitlab.com/gitlab-org/gitlab-runner | |
runner: | |
image: gitlab/gitlab-runner:latest | |
environment: | |
- CONCURRENT=8 | |
- REGISTER_LOCKED=1 | |
- REGISTER_NON_INTERACTIVE=1 | |
- RUNNER_EXECUTOR=docker | |
- DOCKER_IMAGE=docker | |
- DOCKER_VOLUMES=/var/run/docker.sock:/var/run/docker.sock | |
- RUNNER_NAME=docker | |
- API_URL=https://gitlab.com/api/v4 | |
- CI_SERVER_URL=https://gitlab.com/ci | |
entrypoint: "bash" | |
secrets: | |
- GITLAB_REGISTRATION_TOKEN | |
command: | | |
-c ' | |
set -e | |
printf "Setting configuration...\\n" | |
export REGISTRATION_TOKEN="$$(cat /run/secrets/GITLAB_REGISTRATION_TOKEN)" | |
sed -i "s/^concurrent = .*/concurrent = $${CONCURRENT}/" /etc/gitlab-runner/config.toml | |
printf "\\n" | |
printf "Registering runner...\\n" | |
gitlab-runner register --non-interactive | |
printf "\\n" | |
printf "List runners...\\n" | |
gitlab-runner list | |
printf "\\n" | |
printf "Running runner...\\n" | |
gitlab-runner run --user=gitlab-runner --working-directory=/home/gitlab-runner --metrics-server=:9252 | |
' | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock | |
deploy: | |
mode: global | |
placement: | |
constraints: | |
- node.role == manager | |
labels: | |
- "traefik.enable=false" | |
healthcheck: | |
test: ["CMD-SHELL", "gitlab-runner verify --name docker 2>&1 | grep --quiet \"is alive\""] | |
start_period: 10s | |
interval: 10s | |
timeout: 10s | |
retries: 10 | |
# Gitlab Manager to unregister GitLab Runners | |
manager: | |
image: alpine:latest | |
environment: | |
- API_URL=https://gitlab.com/api/v4 | |
- CI_SERVER_URL=https://gitlab.com/ci | |
secrets: | |
- GITLAB_PERSONAL_ACCESS_TOKEN | |
entrypoint: sh | |
command: | | |
-c ' | |
set -e | |
printf "Installing dependencies...\\n" | |
apk --no-cache add curl jq | |
printf "\\n" | |
export PERSONAL_ACCESS_TOKEN="$$(cat /run/secrets/GITLAB_PERSONAL_ACCESS_TOKEN)" | |
while true; do | |
printf "Checking runners...\\n" | |
curl -sS --header "PRIVATE-TOKEN: $${PERSONAL_ACCESS_TOKEN}" "$${API_URL}/runners?per_page=100" | \ | |
jq -c ".[] | select(false==.is_shared) | select(\"online\"==.status) | .id" | \ | |
while read RUNNER_ID; do | |
printf "Runner $${RUNNER_ID} is online\\n" | |
done | |
curl -sS --header "PRIVATE-TOKEN: $${PERSONAL_ACCESS_TOKEN}" "$${API_URL}/runners?per_page=100" | \ | |
jq -c ".[] | select(false==.is_shared) | select(\"online\"!=.status) | .id" | \ | |
while read RUNNER_ID; do | |
printf "Deleting runner $${RUNNER_ID}...\\n" | |
curl -sS --request DELETE --header "PRIVATE-TOKEN: $${PERSONAL_ACCESS_TOKEN}" "$${API_URL}/runners/$${RUNNER_ID}" | |
done | |
printf "All offline runners deleted\\n" | |
printf "Waiting for 24 hours...\\n" | |
sleep 24h | |
done | |
printf "\\n" | |
' | |
deploy: | |
labels: | |
- "traefik.enable=false" | |
healthcheck: | |
test: ["CMD-SHELL", "command -v curl"] | |
start_period: 10s | |
interval: 10s | |
timeout: 10s | |
retries: 10 | |
# Gitlab Runner Docker Cleanup - https://gitlab.com/gitlab-org/gitlab-runner-docker-cleanup | |
cleaner: | |
image: quay.io/gitlab/gitlab-runner-docker-cleanup | |
environment: | |
- CHECK_PATH=/data | |
- LOW_FREE_SPACE=10G | |
- EXPECTED_FREE_SPACE=20G | |
- LOW_FREE_FILES_COUNT=1048576 | |
- EXPECTED_FREE_FILES_COUNT=2097152 | |
- USE_DF=1 | |
- CHECK_INTERVAL=10s | |
- RETRY_INTERVAL=30s | |
- DEFAULT_TTL=60m | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock | |
- /data:/data | |
deploy: | |
restart_policy: | |
condition: any | |
labels: | |
- "traefik.enable=false" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment