· 5 years ago · May 11, 2020, 01:34 PM
1## GitLab Runner Image
2##
3## By default it's using gitlab/gitlab-runner:alpine-v{VERSION}
4## where {VERSION} is taken from Chart.yaml from appVersion field
5##
6## ref: https://hub.docker.com/r/gitlab/gitlab-runner/tags/
7##
8# image: gitlab/gitlab-runner:alpine-v11.6.0
9
10## Specify a imagePullPolicy
11## 'Always' if imageTag is 'latest', else set to 'IfNotPresent'
12## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
13##
14imagePullPolicy: IfNotPresent
15
16## The GitLab Server URL (with protocol) that want to register the runner against
17## ref: https://docs.gitlab.com/runner/commands/README.html#gitlab-runner-register
18##
19gitlabUrl: https://gitlab.com/
20
21## The Registration Token for adding new Runners to the GitLab Server. This must
22## be retrieved from your GitLab Instance.
23## ref: https://docs.gitlab.com/ce/ci/runners/README.html
24##
25runnerRegistrationToken: "kzpjEGo3zw5JF57assD1"
26
27## The Runner Token for adding new Runners to the GitLab Server. This must
28## be retrieved from your GitLab Instance. It is token of already registered runner.
29## ref: (we don't yet have docs for that, but we want to use existing token)
30##
31# runnerToken: ""
32#
33## Unregister all runners before termination
34##
35## Updating the runner's chart version or configuration will cause the runner container
36## to be terminated and created again. This may cause your Gitlab instance to reference
37## non-existant runners. Un-registering the runner before termination mitigates this issue.
38## ref: https://docs.gitlab.com/runner/commands/README.html#gitlab-runner-unregister
39##
40unregisterRunners: true
41
42## When stopping the runner, give it time to wait for its jobs to terminate.
43##
44## Updating the runner's chart version or configuration will cause the runner container
45## to be terminated with a graceful stop request. terminationGracePeriodSeconds
46## instructs Kubernetes to wait long enough for the runner pod to terminate gracefully.
47## ref: https://docs.gitlab.com/runner/commands/#signals
48terminationGracePeriodSeconds: 3600
49
50## Set the certsSecretName in order to pass custom certficates for GitLab Runner to use
51## Provide resource name for a Kubernetes Secret Object in the same namespace,
52## this is used to populate the /home/gitlab-runner/.gitlab-runner/certs/ directory
53## ref: https://docs.gitlab.com/runner/configuration/tls-self-signed.html#supported-options-for-self-signed-certificates
54##
55# certsSecretName:
56
57## Configure the maximum number of concurrent jobs
58## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section
59##
60concurrent: 10
61
62## Defines in seconds how often to check GitLab for a new builds
63## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section
64##
65checkInterval: 30
66
67## Configure GitLab Runner's logging level. Available values are: debug, info, warn, error, fatal, panic
68## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section
69##
70# logLevel:
71
72## Configure GitLab Runner's logging format. Available values are: runner, text, json
73## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section
74##
75# logFormat:
76
77## For RBAC support:
78rbac:
79 create: false
80 ## Define specific rbac permissions.
81 # resources: ["pods", "pods/exec", "secrets"]
82 # verbs: ["get", "list", "watch", "create", "patch", "delete"]
83
84 ## Run the gitlab-bastion container with the ability to deploy/manage containers of jobs
85 ## cluster-wide or only within namespace
86 clusterWideAccess: false
87
88 ## Use the following Kubernetes Service Account name if RBAC is disabled in this Helm chart (see rbac.create)
89 ##
90 # serviceAccountName: default
91
92 ## Specify annotations for Service Accounts, useful for annotations such as eks.amazonaws.com/role-arn
93 ##
94 ## ref: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
95 ##
96 # serviceAccountAnnotations: {}
97
98## Configure integrated Prometheus metrics exporter
99## ref: https://docs.gitlab.com/runner/monitoring/#configuration-of-the-metrics-http-server
100metrics:
101 enabled: true
102
103## Configuration for the Pods that that the runner launches for each new job
104##
105runners:
106 ## Default container image to use for builds when none is specified
107 ##
108 image: ubuntu:18.04
109
110 ## Specify one or more imagePullSecrets
111 ##
112 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
113 ##
114 # imagePullSecrets: []
115
116 ## Specify the image pull policy: never, if-not-present, always. The cluster default will be used if not set.
117 ##
118 # imagePullPolicy: ""
119
120 ## Defines number of concurrent requests for new job from GitLab
121 ## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-section
122 ##
123 # requestConcurrency: 1
124
125 ## Specify whether the runner should be locked to a specific project: true, false. Defaults to true.
126 ##
127 # locked: true
128
129 ## Specify the tags associated with the runner. Comma-separated list of tags.
130 ##
131 ## ref: https://docs.gitlab.com/ce/ci/runners/#using-tags
132 ##
133 # tags: ""
134
135 ## Specify if jobs without tags should be run.
136 ## If not specified, Runner will default to true if no tags were specified. In other case it will
137 ## default to false.
138 ##
139 ## ref: https://docs.gitlab.com/ce/ci/runners/#allowing-runners-with-tags-to-pick-jobs-without-tags
140 ##
141 # runUntagged: true
142
143 ## Specify whether the runner should only run protected branches.
144 ## Defaults to False.
145 ##
146 ## ref: https://docs.gitlab.com/ee/ci/runners/#protected-runners
147 ##
148 # protected: true
149
150 ## Run all containers with the privileged flag enabled
151 ## This will allow the docker:dind image to run if you need to run Docker
152 ## commands. Please read the docs before turning this on:
153 ## ref: https://docs.gitlab.com/runner/executors/kubernetes.html#using-docker-dind
154 ##
155 privileged: false
156
157 ## The name of the secret containing runner-token and runner-registration-token
158 # secret: gitlab-runner
159
160 ## Namespace to run Kubernetes jobs in (defaults to the same namespace of this release)
161 ##
162 # namespace:
163
164 ## The amount of time, in seconds, that needs to pass before the runner will
165 ## timeout attempting to connect to the container it has just created.
166 ## ref: https://docs.gitlab.com/runner/executors/kubernetes.html
167 pollTimeout: 180
168
169 ## Set maximum build log size in kilobytes, by default set to 4096 (4MB)
170 ## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-section
171 outputLimit: 4096
172
173 ## Distributed runners caching
174 ## ref: https://gitlab.com/gitlab-org/gitlab-runner/blob/master/docs/configuration/autoscale.md#distributed-runners-caching
175 ##
176 ## If you want to use s3 based distributing caching:
177 ## First of all you need to uncomment General settings and S3 settings sections.
178 ##
179 ## Create a secret 's3access' containing 'accesskey' & 'secretkey'
180 ## ref: https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/
181 ##
182 ## $ kubectl create secret generic s3access \
183 ## --from-literal=accesskey="YourAccessKey" \
184 ## --from-literal=secretkey="YourSecretKey"
185 ## ref: https://kubernetes.io/docs/concepts/configuration/secret/
186 ##
187 ## If you want to use gcs based distributing caching:
188 ## First of all you need to uncomment General settings and GCS settings sections.
189 ##
190 ## Access using credentials file:
191 ## Create a secret 'google-application-credentials' containing your application credentials file.
192 ## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runnerscachegcs-section
193 ## You could configure
194 ## $ kubectl create secret generic google-application-credentials \
195 ## --from-file=gcs-application-credentials-file=./path-to-your-google-application-credentials-file.json
196 ## ref: https://kubernetes.io/docs/concepts/configuration/secret/
197 ##
198 ## Access using access-id and private-key:
199 ## Create a secret 'gcsaccess' containing 'gcs-access-id' & 'gcs-private-key'.
200 ## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-cache-gcs-section
201 ## You could configure
202 ## $ kubectl create secret generic gcsaccess \
203 ## --from-literal=gcs-access-id="YourAccessID" \
204 ## --from-literal=gcs-private-key="YourPrivateKey"
205 ## ref: https://kubernetes.io/docs/concepts/configuration/secret/
206 cache: {}
207 ## General settings
208 # cacheType: s3
209 # cachePath: "gitlab_runner"
210 # cacheShared: true
211
212 ## S3 settings
213 # s3ServerAddress: s3.amazonaws.com
214 # s3BucketName:
215 # s3BucketLocation:
216 # s3CacheInsecure: false
217 # secretName: s3access
218
219 ## GCS settings
220 # gcsBucketName:
221 ## Use this line for access using access-id and private-key
222 # secretName: gcsaccess
223 ## Use this line for access using google-application-credentials file
224 # secretName: google-application-credentials
225
226 ## Build Container specific configuration
227 ##
228 builds:
229 # cpuLimit: 200m
230 # cpuLimitOverwriteMaxAllowed: 400m
231 # memoryLimit: 256Mi
232 # memoryLimitOverwriteMaxAllowed: 512Mi
233 # cpuRequests: 100m
234 # cpuRequestsOverwriteMaxAllowed: 200m
235 # memoryRequests: 128Mi
236 # memoryRequestsOverwriteMaxAllowed: 256Mi
237 cpuRequests: 100m
238 memoryRequests: 128Mi
239
240 ## Service Container specific configuration
241 ##
242 services:
243 # cpuLimit: 200m
244 # memoryLimit: 256Mi
245 # cpuRequests: 100m
246 # memoryRequests: 128Mi
247 cpuRequests: 100m
248 memoryRequests: 128Mi
249
250 ## Helper Container specific configuration
251 ##
252 helpers:
253 # cpuLimit: 200m
254 # memoryLimit: 256Mi
255 # cpuRequests: 100m
256 # memoryRequests: 128Mi
257 # image: gitlab/gitlab-runner-helper:x86_64-latest
258 cpuRequests: 100m
259 memoryRequests: 128Mi
260
261 ## Service Account to be used for runners
262 ##
263 # serviceAccountName:
264
265 ## If Gitlab is not reachable through $CI_SERVER_URL
266 ##
267 # cloneUrl:
268
269 ## Specify node labels for CI job pods assignment
270 ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
271 ##
272 # nodeSelector: {}
273
274 ## Specify node tolerations for CI job pods assignment
275 ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
276 ##
277 # nodeTolerations: {}
278
279 ## Specify pod labels for CI job pods
280 ##
281 # podLabels: {}
282
283 ## Specify annotations for job pods, useful for annotations such as iam.amazonaws.com/role
284 # podAnnotations: {}
285
286 ## Configure environment variables that will be injected to the pods that are created while
287 ## the build is running. These variables are passed as parameters, i.e. `--env "NAME=VALUE"`,
288 ## to `gitlab-runner register` command.
289 ##
290 ## Note that `envVars` (see below) are only present in the runner pod, not the pods that are
291 ## created for each build.
292 ##
293 ## ref: https://docs.gitlab.com/runner/commands/#gitlab-runner-register
294 ##
295 # env:
296 # NAME: VALUE
297
298
299## Configure securitycontext
300## ref: http://kubernetes.io/docs/user-guide/security-context/
301##
302securityContext:
303 fsGroup: 65533
304 runAsUser: 100
305
306
307## Configure resource requests and limits
308## ref: http://kubernetes.io/docs/user-guide/compute-resources/
309##
310resources: {}
311 # limits:
312 # memory: 256Mi
313 # cpu: 200m
314 # requests:
315 # memory: 128Mi
316 # cpu: 100m
317
318## Affinity for pod assignment
319## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
320##
321affinity: {}
322
323## Node labels for pod assignment
324## Ref: https://kubernetes.io/docs/user-guide/node-selection/
325##
326nodeSelector: {}
327 # Example: The gitlab runner manager should not run on spot instances so you can assign
328 # them to the regular worker nodes only.
329 # node-role.kubernetes.io/worker: "true"
330
331## List of node taints to tolerate (requires Kubernetes >= 1.6)
332## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
333##
334tolerations: []
335 # Example: Regular worker nodes may have a taint, thus you need to tolerate the taint
336 # when you assign the gitlab runner manager with nodeSelector or affinity to the nodes.
337 # - key: "node-role.kubernetes.io/worker"
338 # operator: "Exists"
339
340## Configure environment variables that will be present when the registration command runs
341## This provides further control over the registration process and the config.toml file
342## ref: `gitlab-runner register --help`
343## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html
344##
345# envVars:
346# - name: RUNNER_EXECUTOR
347# value: kubernetes
348
349## list of hosts and IPs that will be injected into the pod's hosts file
350hostAliases: []
351 # Example:
352 # - ip: "127.0.0.1"
353 # hostnames:
354 # - "foo.local"
355 # - "bar.local"
356 # - ip: "10.1.2.3"
357 # hostnames:
358 # - "foo.remote"
359 # - "bar.remote"
360
361## Annotations to be added to manager pod
362##
363podAnnotations: {}
364 # Example:
365 # iam.amazonaws.com/role: <my_role_arn>
366
367## Labels to be added to manager pod
368##
369podLabels: {}
370 # Example:
371 # owner.team: <my_cool_team>
372
373## HPA support for custom metrics:
374## This section enables runners to autoscale based on defined custom metrics.
375## In order to use this functionality, Need to enable a custom metrics API server by
376## implementing "custom.metrics.k8s.io" using supported third party adapter
377## Example: https://github.com/directxman12/k8s-prometheus-adapter
378##
379#hpa: {}
380 # minReplicas: 1
381 # maxReplicas: 10
382 # metrics:
383 # - type: Pods
384 # pods:
385 # metricName: gitlab_runner_jobs
386 # targetAverageValue: 400m