Skip to content

adds support for adding additional containers, volumes and volumeMounts

Christopher Bohlen requested to merge christopher.bohlen/gitlab-runner:add-support-for-extra-containers-and-volumes into main

What does this MR do?

It implements support for adding additional containers, volumes and volumeMounts to the gitlab-runner deployment manifest. These can be supplied via new Helm variables extraContainers, extraVolumes and extraVolumeMounts.

extraContainers and extraVolumes are new additions to the pod, extraVolumeMounts are added to the gitlab-runner existing container.

Why was this MR needed?

It enables users of this Helm chart to customize their gitlab-runner deployment according to their specific requirements (e.g. to add a Docker-In-Docker sidecar to provide access to a Docker daemon for gitlab-runners running on Kubernetes clusters with containerd).

What's the best way to test this MR?

  1. edit values.yaml and add values for extraContainers, extraVolumes and extraVolumeMounts, e.g.:
extraContainers: |
  - name: docker
    image: docker:20.10-dind
    securityContext:
      privileged: true
    volumeMounts:
      - mountPath: /var/run/
        name: dind-socket
    lifecycle:
      postStart:
        exec:
          command: [ "sh", "-c", "until docker info; do sleep 1; done;" ]

extraVolumes: |
  - emptyDir: {}
    name: dind-socket

extraVolumeMounts: |
  - mountPath: /var/run/
    name: dind-socket

  1. execute helm template . -f values.yaml

  2. verify that the rendered deployment manifest contains the additional container, volume and volumeMount as configured above:

# Source: gitlab-runner/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: RELEASE-NAME-gitlab-runner
  labels:
    app: RELEASE-NAME-gitlab-runner
    chart: gitlab-runner-0.31.0-beta
    release: "RELEASE-NAME"
    heritage: "Helm"
spec:
  replicas: 1
  selector:
    matchLabels:
      app: RELEASE-NAME-gitlab-runner
  template:
    metadata:
      labels:
        app: RELEASE-NAME-gitlab-runner
        chart: gitlab-runner-0.31.0-beta
        release: "RELEASE-NAME"
        heritage: "Helm"
      annotations:
        checksum/configmap: cf77d1666761e46f100c38997a91a2eebef8ad1f1a79bded7bbe3605732e8cf0
        checksum/secrets: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
        prometheus.io/scrape: 'true'
        prometheus.io/port: '9252'
    spec:
      securityContext:
        runAsUser: 100
        fsGroup: 65533
      terminationGracePeriodSeconds: 3600
      initContainers:
      - name: configure
        command: ['sh', '/configmaps/configure']
        image: gitlab/gitlab-runner:alpine-bleeding
        imagePullPolicy: "IfNotPresent"
        securityContext:
          allowPrivilegeEscalation: false
        env:
        - name: CI_SERVER_URL
          value:
        - name: CLONE_URL
          value: ""
        - name: RUNNER_EXECUTOR
          value: "kubernetes"
        - name: REGISTER_LOCKED
          value: "true"
        - name: RUNNER_TAG_LIST
          value: ""
        volumeMounts:
        - name: runner-secrets
          mountPath: /secrets
          readOnly: false
        - name: configmaps
          mountPath: /configmaps
          readOnly: true
        - name: init-runner-secrets
          mountPath: /init-secrets
          readOnly: true
        resources:
          {}
      serviceAccountName: ""
      containers:
      - name: RELEASE-NAME-gitlab-runner
        image: gitlab/gitlab-runner:alpine-bleeding
        imagePullPolicy: "IfNotPresent"
        securityContext:
          allowPrivilegeEscalation: false
        command: ["/bin/bash", "/configmaps/entrypoint"]
        env:
        - name: CI_SERVER_URL
          value:
        - name: CLONE_URL
          value: ""
        - name: RUNNER_EXECUTOR
          value: "kubernetes"
        - name: REGISTER_LOCKED
          value: "true"
        - name: RUNNER_TAG_LIST
          value: ""
        livenessProbe:
          exec:
            command: ["/bin/bash", "/configmaps/check-live"]
          initialDelaySeconds: 60
          timeoutSeconds: 1
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        readinessProbe:
          exec:
            command: ["/usr/bin/pgrep","gitlab.*runner"]
          initialDelaySeconds: 10
          timeoutSeconds: 1
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        ports:
        - name: metrics
          containerPort: 9252
        volumeMounts:
        - name: runner-secrets
          mountPath: /secrets
        - name: etc-gitlab-runner
          mountPath: /home/gitlab-runner/.gitlab-runner
        - name: configmaps
          mountPath: /configmaps
        - mountPath: /var/run/
          name: dind-socket
        resources:
          {}
      - name: docker
        image: docker:20.10-dind
        securityContext:
          privileged: true
        volumeMounts:
          - mountPath: /var/run/
            name: dind-socket
        lifecycle:
          postStart:
            exec:
              command: [ "sh", "-c", "until docker info; do sleep 1; done;" ]
      volumes:
      - name: runner-secrets
        emptyDir:
          medium: "Memory"
      - name: etc-gitlab-runner
        emptyDir:
          medium: "Memory"
      - name: init-runner-secrets
        projected:
          sources:
            - secret:
                name: "RELEASE-NAME-gitlab-runner"
                items:
                  - key: runner-registration-token
                    path: runner-registration-token
                  - key: runner-token
                    path: runner-token
      - name: configmaps
        configMap:
          name: RELEASE-NAME-gitlab-runner
      - emptyDir: {}
        name: dind-socket

What are the relevant issue numbers?

Merge request reports