WIP: add docker+custom executor
What does this MR do?
Adds a docker+custom executor that uses the custom executor to start an environment, and then run the job using the docker executor on that environment.
This is a WIP/proof of concept.
Why was this MR needed?
The docker-machine executor is getting deprecated. The custom executor could be used as a replacement, but currently it requires reimplementing the docker executor's functionality inside shell scripts, which is an unnecessary duplication of functionality and makes it harder to switch from the docker executor when you need to run privileged docker containers in CI in a secure way.
What's the best way to test this MR?
You have to register and configure a new runner. Here's an example configuration:
[[runners]]
name = "docker-custom-test"
url = "https://gitlab.com/"
token = ""
executor = "docker+custom"
environment = ["DOCKER_TLS_CERTDIR=/certs"]
[runners.custom_build_dir]
[runners.docker]
image = "alpine"
privileged = true
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/certs/client", "/cache"]
shm_size = 0
[runners.custom]
prepare_exec = "prepare.sh"
run_exec = "run_docker.sh"
cleanup_exec = "cleanup.sh"
The difference compared to the custom executor is that run_exec
is only called once (during the prepare stage, after config_exec
and prepare_exec
) and needs to return a json (similar to config_exec
) with the docker credentials, like this:
cat << EOS
{
"host": "tcp://$VM_IP:2376",
"tls_cert_path": "$certDir",
"tls_verify": true
}
EOS
What are the relevant issue numbers?
#4338 (closed) (combining the docker and custom executor was suggested here: #4338 (comment 200993317))