From 7e73762fc5fa10d999716080f5de8fc1db70412c Mon Sep 17 00:00:00 2001 From: Lee Briggs Date: Thu, 13 Oct 2016 10:48:09 -0700 Subject: [PATCH 1/2] Adding centos dockerfile for gitlab-runner --- dockerfiles/centos/Dockerfile | 22 ++++++++++++++++++++++ dockerfiles/centos/README.md | 1 + dockerfiles/centos/entrypoint | 22 ++++++++++++++++++++++ 3 files changed, 45 insertions(+) create mode 100644 dockerfiles/centos/Dockerfile create mode 100644 dockerfiles/centos/README.md create mode 100755 dockerfiles/centos/entrypoint diff --git a/dockerfiles/centos/Dockerfile b/dockerfiles/centos/Dockerfile new file mode 100644 index 00000000..742770c3 --- /dev/null +++ b/dockerfiles/centos/Dockerfile @@ -0,0 +1,22 @@ +FROM centos:7 + +ADD https://github.com/Yelp/dumb-init/releases/download/v1.2.0/dumb-init_1.2.0_amd64 /usr/bin/dumb-init +RUN chmod +x /usr/bin/dumb-init + +RUN yum update -y && \ + yum install -y ca-certificates wget vim nano git + +RUN curl -s https://packages.gitlab.com/install/repositories/runner/gitlab-ci-multi-runner/script.rpm.sh | bash && \ + yum install -y gitlab-ci-multi-runner && \ + wget https://github.com/docker/machine/releases/download/v0.8.2/docker-machine-Linux-x86_64 -O /usr/bin/docker-machine && \ + chmod +x /usr/bin/docker-machine && \ + mkdir -p /etc/gitlab-runner/certs && \ + chmod -R 700 /etc/gitlab-runner + + +ADD entrypoint / +RUN chmod +x /entrypoint + +VOLUME ["/etc/gitlab-runner", "/home/gitlab-runner"] +ENTRYPOINT ["/usr/bin/dumb-init", "/entrypoint"] +CMD ["run", "--user=gitlab-runner", "--working-directory=/home/gitlab-runner"] diff --git a/dockerfiles/centos/README.md b/dockerfiles/centos/README.md new file mode 100644 index 00000000..6bc9db6f --- /dev/null +++ b/dockerfiles/centos/README.md @@ -0,0 +1 @@ +`gitlab/gitlab-runner:latest` is image that can be used to run GitLab Runner in container. diff --git a/dockerfiles/centos/entrypoint b/dockerfiles/centos/entrypoint new file mode 100755 index 00000000..7ec8189f --- /dev/null +++ b/dockerfiles/centos/entrypoint @@ -0,0 +1,22 @@ +#!/bin/bash + +# gitlab-ci-multi-runner data directory +DATA_DIR="/etc/gitlab-runner" +CONFIG_FILE=${CONFIG_FILE:-$DATA_DIR/config.toml} +# custom certificate authority path +CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-$DATA_DIR/certs/ca.crt} +LOCAL_CA_PATH="/etc/ssl/certs/ca-bundle.crt" + +update_ca() { + echo "Updating CA certificates..." + cp "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" + update-ca-certificates --fresh >/dev/null +} + +if [ -f "${CA_CERTIFICATES_PATH}" ]; then + # update the ca if the custom ca is different than the current + cmp --silent "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" || update_ca +fi + +# launch gitlab-ci-multi-runner passing all arguments +exec gitlab-ci-multi-runner "$@" From f0f3605311c13b22e4037c3f63aef4da86b0051f Mon Sep 17 00:00:00 2001 From: Lee Briggs Date: Mon, 21 Nov 2016 15:54:21 +0000 Subject: [PATCH 2/2] Better cert support --- dockerfiles/centos/Dockerfile | 4 ++++ dockerfiles/centos/entrypoint | 2 ++ 2 files changed, 6 insertions(+) diff --git a/dockerfiles/centos/Dockerfile b/dockerfiles/centos/Dockerfile index 742770c3..591c6c18 100644 --- a/dockerfiles/centos/Dockerfile +++ b/dockerfiles/centos/Dockerfile @@ -17,6 +17,10 @@ RUN curl -s https://packages.gitlab.com/install/repositories/runner/gitlab-ci-mu ADD entrypoint / RUN chmod +x /entrypoint +# Update certs +RUN /usr/bin/update-ca-trust enable +RUN /usr/bin/update-ca-trust + VOLUME ["/etc/gitlab-runner", "/home/gitlab-runner"] ENTRYPOINT ["/usr/bin/dumb-init", "/entrypoint"] CMD ["run", "--user=gitlab-runner", "--working-directory=/home/gitlab-runner"] diff --git a/dockerfiles/centos/entrypoint b/dockerfiles/centos/entrypoint index 7ec8189f..a8ef61b3 100755 --- a/dockerfiles/centos/entrypoint +++ b/dockerfiles/centos/entrypoint @@ -10,6 +10,8 @@ LOCAL_CA_PATH="/etc/ssl/certs/ca-bundle.crt" update_ca() { echo "Updating CA certificates..." cp "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" + /usr/bin/update-ca-trust enable > /dev/null + /usr/bin/update-ca-trust > /dev/bull update-ca-certificates --fresh >/dev/null }