Gitlab-runner does not get deployed correctly after adding additional lines to the configuration

[michaelmell]

Intro

First of all thank you for making this great Ansible role! Unfortunately, I ran into the issue described below. I have spent quite a considerable time looking into the code of the role, but have not been able to resolve it. I hope that you can help me.

I am having trouble to setup a Docker-in-Docker configuration using the Ansible Gitlab-runner role, where one configuration works for the first configuration (below; which does not contain all needed settings), but fails for a very similar one (second example below, which contains all needed settings). Please see the section Error description for details. Thank you in advance.

Info about the environment

Ansible version:

$ ansible --version
ansible [core 2.15.8]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/micha/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/micha/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.6 (main, Oct  8 2023, 05:06:43) [GCC 13.2.0] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

Gitlab-runner role version:

---
roles:
  # install role to deploy Gitlab runners:
  # https://galaxy.ansible.com/ui/standalone/roles/riemers/gitlab-runner
  - name: riemers.gitlab-runner
    version: "v2.0.3"

Playbook

- name: Install Gitlab runners
  become: true
  hosts: cicd01
  vars_files:
    - vars/gitlab_runners.yml
  roles:
    - riemers.gitlab-runner

Content of vars/gitlab_runners.yml is shown in the following section

Error description

This is the working configuration, which correctly adds the Docker runner and configures it in the config.toml file:

gitlab_runner_container_install: true
gitlab_runner_container_image: gitlab/gitlab-runner
gitlab_runner_container_tag: v16.9.1
gitlab_runner_container_name: gitlab-runner
# config-directory that is mounted into the container and store the config.toml
gitlab_runner_container_mount_path: "/etc/gitlab-runner"

gitlab_runner_runners:
- name: "gitlab_runner_1"
    description: "Project: gitlab-runner-dind-tutorial"
    state: present
    url: "{{ gitlab_url }}"
    token: "{{ gitlab_prj_token__gitlab_runner_dind_tutorial }}"
    executor: docker
    docker_image: "docker:stable"
    # docker_privileged: true
    # docker_tlsverify: true
    # docker_volumes:
    #   - "/certs/client"
    #   - "/cache"

This is the corresponding config.toml file that is create:

concurrent = 2
check_interval = 0
shutdown_timeout = 0

[session_server]
session_timeout = 1800

[[runners]]
name = "gitlab_runner_1"
limit = 0
output_limit = 4096
url = "[MY_SECRET_GITLAB_URL]"
environment = []
id = 172
token = "[MY_SECRET_TOKEN]"
token_obtained_at = 2024-03-27T10:52:29Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "docker"
[runners.cache]
    MaxUploadedArchiveSize = 0
[runners.docker]
    image = "docker:stable"
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    network_mtu = 0

This is the failing configuration, where I uncommented lines at the bottom. This causes the Ansible role to fail:

gitlab_runner_container_install: true
gitlab_runner_container_image: gitlab/gitlab-runner
gitlab_runner_container_tag: v16.9.1
gitlab_runner_container_name: gitlab-runner
# config-directory that is mounted into the container and store the config.toml
gitlab_runner_container_mount_path: "/etc/gitlab-runner"

gitlab_runner_runners:
- name: "gitlab_runner_1"
    description: "Project: gitlab-runner-dind-tutorial"
    state: present
    url: "{{ gitlab_url }}"
    token: "{{ gitlab_prj_token__gitlab_runner_dind_tutorial }}"
    executor: docker
    docker_image: "docker:stable"
    docker_privileged: true
    docker_tlsverify: true
    docker_volumes:
    - "/certs/client"
    - "/cache"

It will not create a working config.toml and also not register the runner with the Gitlab instance. This is the failing config.toml file that is produced by this configuration (yes, it only contains this single line):

session_timeout = 1800

Notably, I can run the first example first, then uncomment the lines (like in the second configuration) and this will correctly update the previously created runner. This is the config.toml file after updating it as just described (this works as expected with my Docker-in-Docker pipeline):

concurrent = 2
check_interval = 0
shutdown_timeout = 0

[session_server]
session_timeout = 1800

[[runners]]
name = "gitlab_runner_1"
limit = 0
output_limit = 4096
url = "[MY_SECRET_GITLAB_URL]"
environment = []
id = 172
token = "[MY_SECRET_TOKEN]"
token_obtained_at = 2024-03-27T10:52:29Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "docker"
[runners.cache]
    MaxUploadedArchiveSize = 0
[runners.docker]
    volumes = ["/certs/client", "/cache"]
    tls_verify = true
    privileged = true
    image = "docker:stable"
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    network_mtu = 0

Note:

Before rerunning the examples above, I reset the Gitlab runner host using this script and also remove the runner manually from the Gitlab instance:

#! /bin/bash

docker stop gitlab-runner && docker rm gitlab-runner
rm /etc/gitlab-runner/config.toml
rm /etc/gitlab-runner/.runner_system_id

This reliably works for the first example and reliably fails for the second example.

[github-actions[bot]]

Seems this message did not get a lot of love. This does not mean it was not seen but time wise might not have made it to proper attention. This is just the clean up action ;)