无法从数据库中获取 gitlab runners 注册令牌 [英] Unable to get gitlab runners registration token from database

问题描述

我正在尝试使用 ansible 完全部署我的 gitlab cicd 堆栈并自动注册跑步者.

I'm trying to completely deploy my gitlab cicd stack with ansible and automatically register runners.

我在我的剧本中使用以下任务来获取注册令牌并将其存储在事实中以供我的跑步者进一步注册，正如我在几个教程中看到的那样，我们可以从 gitlab 数据库中获取注册令牌.

I use the below task in my playbook to get registration token and store it in facts for my runners further registration, as I saw in several tutorial that we can get the registration token from gitlab database.

ansible playbook 任务:

The ansible playbook task :

- name: Extract Runner Registration Token directly from Gitlab DB
    become: true
    become_user: gitlab-psql
    vars:
        ansible_ssh_pipelining: true
        query: "SELECT runners_registration_token FROM application_settings ORDER BY id DESC LIMIT 1"
        psql_exec: "/opt/gitlab/embedded/bin/psql"
        gitlab_db_name: "gitlabhq_production"
    shell: '{{ psql_exec }} -h /var/opt/gitlab/postgresql/ -d {{ gitlab_db_name }} -t -A -c "{{ query }}"'
    register: gitlab_runner_registration_token_result

但此任务不会取回任何注册令牌(获取空字符串)，因为application_settings 列中不存在runners_registration_token 列> 桌子.但是 runners_registration_token_encrypted 列存在，但返回的 runners_registration_token_encrypted 字符串被 runner-register api 拒绝.

But this task doesn't get back any registration token (get an empty string) cause the runners_registration_token column does not exist in the application_settings table. However the runners_registration_token_encrypted column exists, but the runners_registration_token_encrypted string returned is rejected by runner-register api.

因此，我必须从 gitlab gui(在 admin/runners 中)复制跑步者注册令牌，在剧本中对其进行硬编码，然后再次运行剧本以成功注册堆栈.

Thus I have to copy runners registration token from the gitlab gui (in admin/runners), hardcode it in the playbook and run the playbook again to succeed registration stack.

有人能解释一下 gitlab 将其运行者注册令牌存储在 GUI 中的位置吗(我注意到在重新启动 gitlab 服务器后它是一样的，它没有改变)?是否绝对不可能为自动跑步者非交互式注册自动化 gitlab 跑步者注册令牌检索?你们对实现这一目标的正确方法有什么想法吗?

Can someone explain where gitlab stores its runners registration token displayed in the GUI (I noticed it's same after rebooting the gitlab server, it doesn't change)? Is it definitively impossible to automate gitlab runners registration token retrieval for automatic runners non-interactive registration? Do you guys have any idea about the right way to achieve this please?

推荐答案

也许在应用服务器上使用 rails 控制台?将以下内容放入 shell 或命令中，在 gitlab 应用服务器上运行并捕获输出:

Maybe use the rails console on the application Server? Put the following in a shell or command, run it on the gitlab application server and catch the output:

gitlab-rails runner -e production "puts Gitlab::CurrentSettings.current_application_settings.runners_registration_token"

所以使用 Ansible 是这样的:

So with Ansible something like this:

- name: Extract Runner Registration Token directly from Gitlab Rails console
    become: true
    shell: 'gitlab-rails runner -e production "puts Gitlab::CurrentSettings.current_application_settings.runners_registration_token"'
    register: gitlab_runner_registration_token_result

这篇关于无法从数据库中获取 gitlab runners 注册令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！