mzwierzchlewski/config.template.toml

## config.template.toml
[[runners]]
  [runners.docker]
    links = ["runner-cache:minio"]
  [runners.cache]
    Type = "s3"
    Shared = true
    [runners.cache.s3]
      AccessKey = "minio"
      SecretKey = "minio123"
      BucketName = "runner"
      Insecure = true
      ServerAddress = "minio:9000"

## docker-compose.yml
version: "3.9"

services:
  minio:
    build:
      context: .
      dockerfile: minio.Dockerfile
    container_name: runner-cache
    ports:
      - "9000:9000"
      - "9001:9001"
    volumes:
      - minio_data:/data
    environment:
      MINIO_ROOT_USER: minio
      MINIO_ROOT_PASSWORD: minio123
    command: server --console-address ":9001" /data
    network_mode: bridge

  runner:
    build:
      context: .
      dockerfile: runner.Dockerfile
    image: runner
    container_name: runner
    environment:
      - GITLAB_TOKEN=<INSERT GITLAB TOKEN HERE>
      - CONCURRENT_JOBS=2
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - runner_config:/etc/gitlab-runner
    restart: always
    depends_on:
      - minio

  portainer:
    image: portainer/portainer-ce:latest
    container_name: portainer
    ports:
      - "8000:8000"
      - "9443:9443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - portainer_data:/data
    restart: always

volumes:
  portainer_data:
  runner_config:
  minio_data:

## entrypoint
#!/bin/bash

# gitlab-runner data directory
DATA_DIR="/etc/gitlab-runner"
CONFIG_FILE=${CONFIG_FILE:-$DATA_DIR/config.toml}
# custom certificate authority path
CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-$DATA_DIR/certs/ca.crt}
LOCAL_CA_PATH="/usr/local/share/ca-certificates/ca.crt"

update_ca() {
  echo "Updating CA certificates..."
  cp "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}"
  update-ca-certificates --fresh >/dev/null
}

if [ -f "${CA_CERTIFICATES_PATH}" ]; then
  # update the ca if the custom ca is different than the current
  cmp --silent "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" || update_ca
fi

# register runner
gitlab-runner register \
  --template-config /tmp/config.template.toml \
  --non-interactive \
  --executor "docker" \
  --docker-image mcr.microsoft.com/dotnet/sdk:5.0 \
  --url "https://gitlab.com/" \
  --registration-token "${GITLAB_TOKEN}" \
  --run-untagged="true" \
  --locked="false" \
  --access-level="not_protected"

sed -i "s/concurrent.*/concurrent = ${CONCURRENT_JOBS}/" ${DATA_DIR}/config.toml

# start runner
gitlab-runner run --user=gitlab-runner --working-directory=/home/gitlab-runner

# unregister runner
gitlab-runner unregister --all-runners

## minio.Dockerfile
FROM minio/minio:latest
RUN mkdir -p /data/runner

## runner.Dockerfile
FROM gitlab/gitlab-runner:alpine
COPY ./config.template.toml /tmp/config.template.toml
COPY --chmod=0777 entrypoint /entrypoint
	[[runners]]
	[runners.docker]
	links = ["runner-cache:minio"]
	[runners.cache]
	Type = "s3"
	Shared = true
	[runners.cache.s3]
	AccessKey = "minio"
	SecretKey = "minio123"
	BucketName = "runner"
	Insecure = true
	ServerAddress = "minio:9000"
	version: "3.9"

	services:
	minio:
	build:
	context: .
	dockerfile: minio.Dockerfile
	container_name: runner-cache
	ports:
	- "9000:9000"
	- "9001:9001"
	volumes:
	- minio_data:/data
	environment:
	MINIO_ROOT_USER: minio
	MINIO_ROOT_PASSWORD: minio123
	command: server --console-address ":9001" /data
	network_mode: bridge

	runner:
	build:
	context: .
	dockerfile: runner.Dockerfile
	image: runner
	container_name: runner
	environment:
	- GITLAB_TOKEN=<INSERT GITLAB TOKEN HERE>
	- CONCURRENT_JOBS=2
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock
	- runner_config:/etc/gitlab-runner
	restart: always
	depends_on:
	- minio

	portainer:
	image: portainer/portainer-ce:latest
	container_name: portainer
	ports:
	- "8000:8000"
	- "9443:9443"
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock
	- portainer_data:/data
	restart: always

	volumes:
	portainer_data:
	runner_config:
	minio_data:
	#!/bin/bash

	# gitlab-runner data directory
	DATA_DIR="/etc/gitlab-runner"
	CONFIG_FILE=${CONFIG_FILE:-$DATA_DIR/config.toml}
	# custom certificate authority path
	CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-$DATA_DIR/certs/ca.crt}
	LOCAL_CA_PATH="/usr/local/share/ca-certificates/ca.crt"

	update_ca() {
	echo "Updating CA certificates..."
	cp "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}"
	update-ca-certificates --fresh >/dev/null
	}

	if [ -f "${CA_CERTIFICATES_PATH}" ]; then
	# update the ca if the custom ca is different than the current
	cmp --silent "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" \|\| update_ca
	fi

	# register runner
	gitlab-runner register \
	--template-config /tmp/config.template.toml \
	--non-interactive \
	--executor "docker" \
	--docker-image mcr.microsoft.com/dotnet/sdk:5.0 \
	--url "https://gitlab.com/" \
	--registration-token "${GITLAB_TOKEN}" \
	--run-untagged="true" \
	--locked="false" \
	--access-level="not_protected"

	sed -i "s/concurrent.*/concurrent = ${CONCURRENT_JOBS}/" ${DATA_DIR}/config.toml

	# start runner
	gitlab-runner run --user=gitlab-runner --working-directory=/home/gitlab-runner

	# unregister runner
	gitlab-runner unregister --all-runners
	FROM gitlab/gitlab-runner:alpine
	COPY ./config.template.toml /tmp/config.template.toml
	COPY --chmod=0777 entrypoint /entrypoint