Skip to content

Instantly share code, notes, and snippets.

@jkeam

jkeam/setup-gitlab-with-rancher-and-ocp.md

Last active March 3, 2023 02:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jkeam/fc4370b87db33f4e99da5658dcfab33b to your computer and use it in GitHub Desktop.
Save jkeam/fc4370b87db33f4e99da5658dcfab33b to your computer and use it in GitHub Desktop.
Download ZIP
Setup for Demo for GitLab with Rancher and OpenShift runners
Raw
setup-gitlab-with-rancher-and-ocp.md

Setup for Demo for GitLab with Rancher and OpenShift runners

Git Repo

The code for this project is here git@github.com:jkeam/spring-petclinic-pac.git and the file we should be using is .gitlab-ci-kube.yml so in the repo that's in GitLab, make sure to blow away the original .gitlab-ci.yml and rename .gitlab-ci-kube.yml to .gitlab-ci.yml.

GitLab Variables

Something like below:

    REGISTRY_ORG: jkeam
    REGISTRY_USERNAME: jkeam+demo
    REGISTRY_PASSWORD: GvqA3orrMw9NWlZ6d0BOYutWXwDbPGOr5O+hWqBeXkVZmq9okSrIaJuAikmxwbjv
    CONTEXT: openshift/rancher
    KUBECONFIG: /tmp/.kube/config
    KUBE_CONFIG: tsD5zL45nxrKgw+RYbsKsqCO3vYWkyWsi+N0fcZTAFAaAAAAiQzGUffDI+0qHIB4noj/OLx6nPzYLHKn/TPN1samnO/PfLNHOhOpkcNHkwpCIhOZpkt+J1LoeK87utxFtdw12hD/WCQdpro4phuSuMpX7BwzmN1uTz+l7LdKQMM2CLdBS/EMCR1xPuNQJ/DHH/dyQhLcEpQXbk5vg3s1OKLLSti5CRtlNxBddKWrHwPWF2iWZXcKmQp3CPMWd1csT7QOdaw3vKqcrAbk/E20w1loW3x0pP3c6DUo8nIN5+ALkqnVeDZiMs4yNpkVz6980uHzcOw1uOvvvbsj91oksxAeuU71DRpWcbSplBZBuFfsa12z/veU/Zv93LpHnzHok9f7L55uFnxvkhhAyiDbEMQvKejWMo/T8YD+7kX6Elo3mkQcAJKcDyyF7vrZYWHvJvOuoxaGdaYIrJEWW68JClPekUM36/D3RDhblqDulsVoj5S8IgpojGGEzOKOeiSTBX6CbJhJBRh5G4yz+lgNSXs1CFSHVegeA0eKEJ0q7nOZ6Hz2tFw8O2+BiS2OAQUHeC3zih2Cky8fiK8C2ff4ZL1veDYaz7QsSJ2ewPtk7yR4zJMo0ZULw9oYM0oJOBIdCb02lBUxpE7ZpcnEQnFA44LSWavInPb9kljBCjh85BeeiHxEQRv2Fa7vmAkmTYDMl7wZTePCTgzKKResOPzduq/BBmO6aGsHSkyV/g9GiyjhOf1x8BzMp3+ATbBnYE/Y+TJdHx5gbzx/OEYWpAsUS3iZnT9Lcn0CCaTGdp37RFib6sl99XdhNmu0d9cr4uxtph6ike6ka8qTXjYJS+Yff1izYWPCn/kg5AqtxIWsiytXO6KT8lhi7cpNPIGfKbeyIXbmliLW9qD4lkqZ6cy/fplsMkAr/nrENw4H04/b0+nCjEiwjCsz6S1+epoaEoBDV5rWCig0Ak3XH13r9389TTlT+7Nnq0uoNCMRu5AVgqzeMQYRsygkHZcEoRhUAJN5B2CQQqTF4e3PWuajs3eEE8LSB/FUvQpxOurlZtFuikXgziKAHEOU7HUbccMJ9kdTGmPXRdUxJWf3NHc0yCk+km4te1DqdRX9g5H6KxBgWojfPWLKnP/lCWWkq4FBl3Kv5ZZKSP1INUMe6GRV25042SkWoHNsF/prsdY83NHvbLfeNkxcBFlq7T2CAGmjWbYhuXZX+oWjsnFl6gr2tvfLOsewEF7GEzXzW994XFoPdX2LpcfEp+Fa4KQ3tvBPTrGZ

The KUBE_CONFIG is found by doing something like:

    cat ~/.kube/config | base64

Privileged

The pods doing the building need privileged access as well as the ability to become privileged.

OpenShift

    oc adm policy add-scc-to-user anyuid -z gitlab-runner-sa -n gitlab

Rancher

In the gitlab namespace, find and delete this PSP global-restricted-psp.

@jkeam
Copy link
Author

jkeam commented Mar 3, 2023

Could follow up with a demo on OCP Pipeline git@github.com:jkeam/openshift-cicd-demo.git

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment