diff --git a/ansible/playbooks/role-rocky-gitlab-runner.yml b/ansible/playbooks/role-rocky-gitlab-runner.yml new file mode 100644 index 0000000..18cd8b6 --- /dev/null +++ b/ansible/playbooks/role-rocky-gitlab-runner.yml @@ -0,0 +1,48 @@ +--- +# Creates a Gitlab runner and registers it w/ tags +- name: Install and Provision Gitlab Runner + hosts: gitlab_runners + become: true + vars_files: + - vars/common.yml + - vars/gitlab_runner.yml + - vars/vaults/encpass.yml + + # This is to try to avoid the handler issue in pre/post tasks + handlers: + - import_tasks: handlers/main.yml + + pre_tasks: + - name: Check if ansible cannot be run here + stat: + path: /etc/no-ansible + register: no_ansible + + - name: Verify if we can run ansible + assert: + that: + - "not no_ansible.stat.exists" + success_msg: "We are able to run on this node" + fail_msg: "/etc/no-ansible exists - skipping un on this node" + + - name: Install SELinux packages + package: + name: python3-policycoreutils.noarch + state: present + + tasks: + - name: Install and configure runner + import_tasks: tasks/gitlab-runner.yml + + roles: + - role: riemers.gitlab-runner + state: present + + post_tasks: + - name: Touching run file that ansible has ran here + file: + path: /var/log/ansible.run + state: touch + mode: '0644' + owner: root + group: root diff --git a/ansible/playbooks/tasks/gitlab-runner.yml b/ansible/playbooks/tasks/gitlab-runner.yml new file mode 100644 index 0000000..19b18bd --- /dev/null +++ b/ansible/playbooks/tasks/gitlab-runner.yml @@ -0,0 +1,30 @@ +# included tasks from role-rocky-gitlab-runner +--- +- name: Download and install gitlab runner rpm + block: + - name: Install gitlab gpg key + ansible.builtin.rpm_key: + state: present + key: https://packages.gitlab.com/runner/gitlab-runner/gpgkey/runner-gitlab-runner-366915F31B487241.pub.gpg + fingerprint: "3018 3AC2 C4E2 3A40 9EFB E705 9CE4 5ABC 8807 21D4" + + - name: Download gitlab runner RPM + get_url: + url: "https://packages.gitlab.com/runner/gitlab-runner/packages/el/8/gitlab-runner-13.10.0-1.x86_64.rpm/download.rpm" + checksum: "sha256:3baa809dced03e9fbec615b378c85d0224306ca270ef5cb9ed64de982857ea5d" + dest: /tmp/gitlab-runner.rpm + register: download_rpm + + - name: Install downloaded RPM + dnf: + name: /tmp/gitlab-runner.rpm + when: download_rpm.changed != 0 + when: do_install == 'true' + become: true + +- name: Create gitlab-runner user + become: yes + user: + name: gitlab-runner + shell: /bin/bash + system: yes diff --git a/ansible/playbooks/vars/gitlab_runner.yml b/ansible/playbooks/vars/gitlab_runner.yml new file mode 100644 index 0000000..7e57b37 --- /dev/null +++ b/ansible/playbooks/vars/gitlab_runner.yml @@ -0,0 +1,9 @@ +--- +gitlab_runner_coordinator_url: https://git.rockylinux.org +gitlab_runner_registration_token: "{{ _reg_token }}" +gitlab_runner_runners: + - name: "{{ ansible_fqdn }}" + executor: shell + tags: [] + +gitlab_runner_timeout_stop_seconds: 60