summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMayra Cabrera <mcabrera@gitlab.com>2018-03-06 08:26:50 +0000
committerKamil TrzciƄski <ayufan@ayufan.eu>2018-03-06 08:26:50 +0000
commit7237ed59ac90148945efebf9624949c80c1298a4 (patch)
treef90e1dc83cb22117aa50bef46664c17d69edfa5c
parent2e87923dcb1cf7984690f5b5fdfc61bddfba923e (diff)
downloadgitlab-ce-7237ed59ac90148945efebf9624949c80c1298a4.tar.gz
Resolve "Enable privileged mode for Runner installed on Kubernetes"
-rw-r--r--app/models/clusters/applications/runner.rb5
-rw-r--r--changelogs/unreleased/43793-enable-privileged-mode-for-runner.yml5
-rw-r--r--db/migrate/20180305144721_add_privileged_to_runner.rb18
-rw-r--r--db/schema.rb3
-rw-r--r--spec/models/clusters/applications/runner_spec.rb30
-rw-r--r--vendor/runner/values.yaml2
6 files changed, 58 insertions, 5 deletions
diff --git a/app/models/clusters/applications/runner.rb b/app/models/clusters/applications/runner.rb
index 7adf1663c35..16efe90fa27 100644
--- a/app/models/clusters/applications/runner.rb
+++ b/app/models/clusters/applications/runner.rb
@@ -56,12 +56,13 @@ module Clusters
def specification
{
"gitlabUrl" => gitlab_url,
- "runnerToken" => ensure_runner.token
+ "runnerToken" => ensure_runner.token,
+ "runners" => { "privileged" => privileged }
}
end
def content_values
- specification.merge(YAML.load_file(chart_values_file))
+ YAML.load_file(chart_values_file).deep_merge!(specification)
end
end
end
diff --git a/changelogs/unreleased/43793-enable-privileged-mode-for-runner.yml b/changelogs/unreleased/43793-enable-privileged-mode-for-runner.yml
new file mode 100644
index 00000000000..08109632e8e
--- /dev/null
+++ b/changelogs/unreleased/43793-enable-privileged-mode-for-runner.yml
@@ -0,0 +1,5 @@
+---
+title: Enable privileged mode for GitLab Runner
+merge_request: 17528
+author:
+type: added
diff --git a/db/migrate/20180305144721_add_privileged_to_runner.rb b/db/migrate/20180305144721_add_privileged_to_runner.rb
new file mode 100644
index 00000000000..32e73dba8d5
--- /dev/null
+++ b/db/migrate/20180305144721_add_privileged_to_runner.rb
@@ -0,0 +1,18 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddPrivilegedToRunner < ActiveRecord::Migration
+ include Gitlab::Database::MigrationHelpers
+
+ DOWNTIME = false
+
+ disable_ddl_transaction!
+
+ def up
+ add_column_with_default :clusters_applications_runners, :privileged, :boolean, default: true, allow_null: false
+ end
+
+ def down
+ remove_column :clusters_applications_runners, :privileged
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 9e117440ed2..e28a7560d00 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20180304204842) do
+ActiveRecord::Schema.define(version: 20180305144721) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
@@ -603,6 +603,7 @@ ActiveRecord::Schema.define(version: 20180304204842) do
t.datetime_with_timezone "updated_at", null: false
t.string "version", null: false
t.text "status_reason"
+ t.boolean "privileged", default: true, null: false
end
add_index "clusters_applications_runners", ["cluster_id"], name: "index_clusters_applications_runners_on_cluster_id", unique: true, using: :btree
diff --git a/spec/models/clusters/applications/runner_spec.rb b/spec/models/clusters/applications/runner_spec.rb
index 612a3c8e413..a574779e39d 100644
--- a/spec/models/clusters/applications/runner_spec.rb
+++ b/spec/models/clusters/applications/runner_spec.rb
@@ -34,6 +34,8 @@ describe Clusters::Applications::Runner do
is_expected.to include('checkInterval')
is_expected.to include('rbac')
is_expected.to include('runners')
+ is_expected.to include('privileged: true')
+ is_expected.to include('image: ubuntu:16.04')
is_expected.to include('resources')
is_expected.to include("runnerToken: #{ci_runner.token}")
is_expected.to include("gitlabUrl: #{Gitlab::Routing.url_helpers.root_url}")
@@ -65,5 +67,33 @@ describe Clusters::Applications::Runner do
expect(gitlab_runner.runner).not_to be_nil
end
end
+
+ context 'with duplicated values on vendor/runner/values.yaml' do
+ let(:values) do
+ {
+ "concurrent" => 4,
+ "checkInterval" => 3,
+ "rbac" => {
+ "create" => false
+ },
+ "clusterWideAccess" => false,
+ "runners" => {
+ "privileged" => false,
+ "image" => "ubuntu:16.04",
+ "builds" => {},
+ "services" => {},
+ "helpers" => {}
+ }
+ }
+ end
+
+ before do
+ allow(gitlab_runner).to receive(:chart_values).and_return(values)
+ end
+
+ it 'should overwrite values.yaml' do
+ is_expected.to include("privileged: #{gitlab_runner.privileged}")
+ end
+ end
end
end
diff --git a/vendor/runner/values.yaml b/vendor/runner/values.yaml
index b7e2e24acaf..e5f95152ac7 100644
--- a/vendor/runner/values.yaml
+++ b/vendor/runner/values.yaml
@@ -15,10 +15,8 @@ rbac:
clusterWideAccess: false
## Configuration for the Pods that that the runner launches for each new job
-##
runners:
image: ubuntu:16.04
- privileged: false
builds: {}
services: {}
helpers: {}