无法从数据库获取gitlab跑步者注册令牌 [英] Unable to get gitlab runners registration token from database

问题描述

我正在尝试使用ansible完全部署我的gitlab cicd堆栈，并自动注册运行器.

I'm trying to completely deploy my gitlab cicd stack with ansible and automatically register runners.

我在剧本中使用以下任务来获取注册令牌，并将其存储在事实中以供跑步者进一步注册，正如我在几本教程中看到的那样，我们可以从gitlab数据库中获取注册令牌.

I use the below task in my playbook to get registration token and store it in facts for my runners further registration, as I saw in several tutorial that we can get the registration token from gitlab database.

烦人的剧本任务:

- name: Extract Runner Registration Token directly from Gitlab DB
    become: true
    become_user: gitlab-psql
    vars:
        ansible_ssh_pipelining: true
        query: "SELECT runners_registration_token FROM application_settings ORDER BY id DESC LIMIT 1"
        psql_exec: "/opt/gitlab/embedded/bin/psql"
        gitlab_db_name: "gitlabhq_production"
    shell: '{{ psql_exec }} -h /var/opt/gitlab/postgresql/ -d {{ gitlab_db_name }} -t -A -c "{{ query }}"'
    register: gitlab_runner_registration_token_result

但是此任务不会找回任何注册令牌(获取空字符串)，原因是 application_settings 中不存在 runners_registration_token 列>表格.但是，存在 runners_registration_token_encrypted 列，但返回的 runners_registration_token_encrypted 字符串被 runner-register api拒绝.

But this task doesn't get back any registration token (get an empty string) cause the runners_registration_token column does not exist in the application_settings table. However the runners_registration_token_encrypted column exists, but the runners_registration_token_encrypted string returned is rejected by runner-register api.

因此，我必须从gitlab gui中复制跑步者注册令牌(在 admin/runners 中)，将其硬编码在剧本中，然后再次运行该剧本以成功注册堆栈.

Thus I have to copy runners registration token from the gitlab gui (in admin/runners), hardcode it in the playbook and run the playbook again to succeed registration stack.

有人可以解释gitlab将其跑步者注册令牌存储在GUI中的位置(我注意到重启gitlab服务器后它是相同的，它没有变化)?对于自动跑步者非交互式注册，最终是否不可能自动化gitlab跑步者注册令牌检索?你们对实现此目标的正确方法有任何想法吗?

Can someone explain where gitlab stores its runners registration token displayed in the GUI (I noticed it's same after rebooting the gitlab server, it doesn't change)? Is it definitively impossible to automate gitlab runners registration token retrieval for automatic runners non-interactive registration? Do you guys have any idea about the right way to achieve this please?

推荐答案

也许在应用程序服务器上使用rails控制台?将以下内容放入shell或命令中，在gitlab应用程序服务器上运行它并捕获输出:

Maybe use the rails console on the application Server? Put the following in a shell or command, run it on the gitlab application server and catch the output:

gitlab-rails runner -e production "puts Gitlab::CurrentSettings.current_application_settings.runners_registration_token"

因此，使用Ansible这样的东西:

So with Ansible something like this:

- name: Extract Runner Registration Token directly from Gitlab Rails console
    become: true
    shell: 'gitlab-rails runner -e production "puts Gitlab::CurrentSettings.current_application_settings.runners_registration_token"'
    register: gitlab_runner_registration_token_result

这篇关于无法从数据库获取gitlab跑步者注册令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！