-
-
Save Nimelrian/27ab0a06d55164a82cb566ae273a2370 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
image: docker.nexus.company.lan/company/gitlab-ci/docker-with-ca:19.03.14-dind | |
variables: | |
DOCKER_DRIVER: overlay2 | |
GIT_SSL_NO_VERIFY: "true" | |
DOCKER_HOST: "tcp://docker:2376" | |
DOCKER_TLS_CERTDIR: "/certs" | |
DOCKER_TLS_VERIFY: "1" | |
DOCKER_CERT_PATH: "/certs/client" | |
stages: | |
- PreBuild | |
- Build | |
- Deploy | |
services: | |
- docker:19.03.12-dind | |
checkNexusCertificateValidation: | |
tags: | |
- ci-debug | |
stage: PreBuild | |
script: | |
- "apk update && apk add curl && rm -rf /var/cache/apk/*" | |
- "curl https://docker.nexus.company.lan" | |
checkDockerDaemonConnection: | |
tags: | |
- ci-debug | |
stage: PreBuild | |
script: | |
- "docker version" | |
build: | |
tags: | |
- ci-debug | |
stage: Build | |
dependencies: [ ] | |
script: | |
- "echo $DOCKER_REGISTRY_PASSWORD | docker login -u $DOCKER_REGISTRY_USER --password-stdin docker.nexus.company.lan" | |
- "docker run docker/whalesay cowsay Hello from Gitlab CI" | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Running with gitlab-runner 13.10.0 (54944146) | |
on server11-4-debian xpamXaUK | |
Preparing the "docker" executor | |
Using Docker executor with image docker.nexus.company.lan/company/gitlab-ci/docker-with-ca:19.03.14-dind ... | |
Starting service docker:19.03.12-dind ... | |
Pulling docker image docker:19.03.12-dind ... | |
Using docker image sha256:66dc2d45749a48592f4348fb3d567bdd65c9dbd5402a413b6d169619e32f6bd2 for docker:19.03.12-dind with digest docker@sha256:674f1f40ff7c8ac14f5d8b6b28d8fb1f182647ff75304d018003f1e21a0d8771 ... | |
Waiting for services to be up and running... | |
Authenticating with credentials from /root/.docker/config.json | |
Pulling docker image docker.nexus.company.lan/company/gitlab-ci/docker-with-ca:19.03.14-dind ... | |
Using docker image sha256:f7ae6bea506b17ec9d4a9f204b07a65181045c292d66c656a180d14f828adda6 for docker.nexus.company.lan/company/gitlab-ci/docker-with-ca:19.03.14-dind with digest docker.nexus.company.lan/company/gitlab-ci/docker-with-ca@sha256:71e7279cdbb4a1fa402e5c9a3e9e32922369dd208040cb1105bf666af9cab607 ... | |
Preparing environment | |
00:01 | |
Updating CA certificates... | |
WARNING: ca-certificates.crt does not contain exactly one certificate or CRL: skipping | |
Running on runner-xpamxauk-project-71-concurrent-0 via server11-4... | |
Getting source from Git repository | |
00:03 | |
Updating CA certificates... | |
WARNING: ca-certificates.crt does not contain exactly one certificate or CRL: skipping | |
Fetching changes with git depth set to 50... | |
Reinitialized existing Git repository in /builds/skappen/docker-ci-integration/.git/ | |
Checking out 0bcf10a1 as master... | |
Skipping Git submodules setup | |
Executing "step_script" stage of the job script | |
00:01 | |
Using docker image sha256:f7ae6bea506b17ec9d4a9f204b07a65181045c292d66c656a180d14f828adda6 for docker.nexus.company.lan/company/gitlab-ci/docker-with-ca:19.03.14-dind with digest docker.nexus.company.lan/company/gitlab-ci/docker-with-ca@sha256:71e7279cdbb4a1fa402e5c9a3e9e32922369dd208040cb1105bf666af9cab607 ... | |
$ echo $DOCKER_REGISTRY_PASSWORD | docker login -u $DOCKER_REGISTRY_USER --password-stdin docker.nexus.company.lan | |
Error response from daemon: Get https://docker.nexus.company.lan/v2/: x509: certificate signed by unknown authority | |
Cleaning up file based variables | |
00:02 | |
Updating CA certificates... | |
WARNING: ca-certificates.crt does not contain exactly one certificate or CRL: skipping | |
ERROR: Job failed: exit code 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM docker:19.03.14-dind | |
RUN apk update && apk add \ | |
ca-certificates \ | |
&& rm -rf /var/cache/apk/* | |
COPY /certs/company*.crt /usr/local/share/ca-certificates/ | |
RUN update-ca-certificates --fresh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[[runners]] | |
name = "Shared Runner" | |
url = "https://git.company.lan/" | |
token = "TOKEN" | |
executor = "docker" | |
[runners.custom_build_dir] | |
[runners.docker] | |
tls_verify = false | |
image = "docker:19.03.12" | |
privileged = true | |
disable_entrypoint_overwrite = false | |
oom_kill_disable = false | |
disable_cache = false | |
volumes = [ | |
"/certs/client", | |
"/cache", | |
"/usr/local/share/ca-certificates/company+Internal+CA.crt:/etc/gitlab-runner/certs/ca.crt:ro" | |
] | |
pre-build-script = """ | |
apk update > /dev/null | |
apk add ca-certificates > /dev/null | |
rm -rf /var/cache/apk/* | |
cp /etc/gitlab-runner/certs/ca.crt /usr/local/share/ca-certificates/ca.crt | |
update-ca-certificates --fresh > /dev/null | |
""" | |
shm_size = 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment