Skip to content

chore(gitlab-runner): add support to avoid mounting any key from the token K8s secret

Juan Ramón Sixto Anello requested to merge jotasixto/gitlab-runner:feature/conditional-k8ssecret-keys into main

What does this MR do?

With these changes, we add support to the helm chart to override the mounting of any token key in the items of the secret volume of the deployment.

Why was this MR needed?

When we use secrets stored in external services like AWS Parameter Store, it is not possible to define secrets with empty string values, and this causes a problem in the case where only the runner registration token needs to be defined, leaving no possible solution. For example, the option to define a string with a blank space for the runner token case causes the runner not to start.

What's the best way to test this MR?

If you want to observe the new behavior, you can define the option to not include one of the secret keys from the values.yml in the following way:

  • the runner token key is not added to the secret:
runners:
  secret:
    name: gitlab-runner
    disableRunnerTokenSecretKey: true
  • the runner registration token key is not added to the secret:
runners:
  secret:
    name: gitlab-runner
    disableRunnerRegistrationTokenSecretKey: true

What are the relevant issue numbers?

These changes are proposed to solve issue #456 (closed) .

Merge request reports