@FRidh @misuzu Is there an option to define additional options? E.g. some things are missing:

• S3 cache
• Pull policy
• Session server
• Sentry DSN

@FRidh @misuzu Is there an option to define additional options? E.g. some things are missing:

• S3 cache
• Pull policy
• Session server
• Sentry DSN

Yes, there is registrationFlags.
Session server and Sentry DSN should be easy to add to module, in the meantime you can add them manually to /var/lib/gitlab-runner/.gitlab-runner/config.toml.

@misuzu Thanks for the fast response. I can't really add anything manually, as this is an automated setup. Will the remaining complex options like s3 cache and session server also be added soon?

@misuzu Thanks for the fast response. I can't really add anything manually, as this is an automated setup. Will the remaining complex options like s3 cache and session server also be added soon?

You can configure cache using registrationFlags:

   --cache-type value                                           Select caching method [$CACHE_TYPE]
   --cache-path value                                           Name of the path to prepend to the cache URL [$CACHE_PATH]
   --cache-shared                                               Enable cache sharing between runners. [$CACHE_SHARED]
   --cache-s3-server-address value                              A host:port to the used S3-compatible server [$CACHE_S3_SERVER_ADDRESS]
   --cache-s3-access-key value                                  S3 Access Key [$CACHE_S3_ACCESS_KEY]
   --cache-s3-secret-key value                                  S3 Secret Key [$CACHE_S3_SECRET_KEY]
   --cache-s3-bucket-name value                                 Name of the bucket where cache will be stored [$CACHE_S3_BUCKET_NAME]
   --cache-s3-bucket-location value                             Name of S3 region [$CACHE_S3_BUCKET_LOCATION]
   --cache-s3-insecure                                          Use insecure mode (without https) [$CACHE_S3_INSECURE]

I can try adding other global options.

@max-wittig please take a look at #86946
See https://discourse.nixos.org/t/call-for-testing-gitlab-runner-module/6765 for how to quickly test it.

@misuzu I've tested it now with this MR, but I'm just getting the old gitlab-runner (12.4.1). Is there any way to specify the latest runner. I've seen the package option but I'm not sure how to bump something there. Should already be at pkgs.gitlab-runner

@misuzu I've tested it now with this MR, but I'm just getting the old gitlab-runner (12.4.1). Is there any way to specify the latest runner. I've seen the package option but I'm not sure how to bump something there. Should already be at pkgs.gitlab-runner

12.4.1 is in 19.09. You can upgrade to 20.03 or unstable for newer version.

@misuzu I just noticed that, but ran into another problem. Every 2nd deployment or so, the config.toml stays empty:

gitlab-runner is happy with an empty config, but I'm not 😄

the config.toml stays empty

Please share your config.

@misuzu Thanks for all the help!

services.gitlab-runner = {
    enable = true;
    checkInterval = 15;
    package = latestPkgs.gitlab-runner;
    #concurrent = ${vars.concurrent};
    services = {
      docker-images = {
        registrationFlags = [
          "--cache-type"
          "s3"
          "--cache-shared"
          "--cache-s3-server-address"
          "s3.amazonaws.com"
          "--cache-s3-access-key"
          "${vars.s3_access_key}"
          "--cache-s3-secret-key"
          "${vars.s3_secret_key}"
          "--cache-s3-bucket-name"
          "some-aws-bucket"
          "--cache-s3-bucket-location"
          "eu-central-1"
          "--docker-pull-policy"
          "always"
        ];
        registrationConfigFile = pkgs.writeText "gitlab-runner-nix-registration" ''
          CI_SERVER_URL=https://gitlab-url/
          REGISTRATION_TOKEN=${vars.token}
        '';
        #dockerAllowedImages = "vars.docker_whitelist}";
        dockerImage = "some-registry.com:some-image:stable";
        dockerVolumes = [
          "/mnt/projects/sstate-cache:/home/projects/sstate-cache:rw"
        ];
        executor = "docker";
        maximumTimeout = 86400;
        dockerDisableCache = true;
        environmentVariables = {
          CONCURRENCY_LEVEL = vars.concurrent;
        };
        #tagList = ["${vars.tags}"];
      };
    };
  };

@max-wittig this config is working fine on my server. Please check the logs: journalctl -u gitlab-runner.service.

No errors in the journal. Looks good, but doesn't work.

No errors in the journal. Looks good, but doesn't work.

Please share a full log: start journalctl -f -u gitlab-runner.service and in different console run systemctl restart gitlab-runner.service

Doesn't change anything, as it's the registration part that writes this empty config file that doesn't work, not the runner start part.

Doesn't change anything, as it's the registration part that writes this empty config file that doesn't work, not the runner start part.

That's exactly what i want to see, there is no logs from gitlab-runner-configure in your screenshot.

Ah I guess I had some registration parameter wrong. Can we implement some sort of error for this? Like fail the nixos switch if this happens?

Ah I guess I had some registration parameter wrong. Can we implement some sort of error for this? Like fail the nixos switch if this happens?

Maybe. I have to understand what happened to do that.

I think the registration failed. I had this message: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/2862

@misuzu Thanks again for the great work you did here and sorry for my stupid questions 😉

@misuzu The registration error from the runner actually looks like this:

@misuzu Thanks again for the great work you did here and sorry for my stupid questions

Don't worry. Thanks for testing!

@misuzu The registration error from the runner actually looks like this:

I have updated pull request, now this should fail on activation.

Ah nice! Thanks. One more thing. The name of the runner cannot be overriden currently, right? Could that be configurable, too? 😄

Ah nice! Thanks. One more thing. The name of the runner cannot be overriden currently, right? Could that be configurable, too?

You can use something else instead of docker-images for prefix but suffix is needed to check if runner must be re-registered when configuration is changed.

Ah I see. Thanks

This should have been mentioned in the release notes.