用于AWS CDK的Gitlab Runner JSII构造库
cdk-gitlab-runner的Python项目详细描述
欢迎来到cdk-gitlab-runner
此存储库模板可帮助您通过aws CDK one line在您的aws帐户上创建gitlab runner。在
注意
默认值将帮助您生成以下服务:
- 在
专有网络
- 公用子网(2)
- 在
EC2(1 T3微型)
在
在开始之前,您需要在您的gitlab project
或gitlab group
中使用gitlab runner令牌
组内
“组”>;“设置”>;“CI/CD”
组内
“项目”>;“设置”>;“CI/CD”>;“运行程序”
使用
在$GITLABTOKEN
中替换gitlab runner令牌
实例类型
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826fromcdk_gitlab_runnerimportGitlabContainerRunner# If want change instance type to t3.large .GitlabContainerRunner(self,"runner-instance",gitlabtoken="$GITLABTOKEN",ec2type="t3.large")# OR# Just create a gitlab runner , by default instance type is t3.micro .fromcdk_gitlab_runnerimportGitlabContainerRunnerGitlabContainerRunner(self,"runner-instance",gitlabtoken="$GITLABTOKEN")
Gitlab服务器自定义Url。
如果你想改变你想要的标签名称。在
^{pr2}$标签
如果你想改变你想要的标签名称。在
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826# If you want change what you want tag name .fromcdk_gitlab_runnerimportGitlabContainerRunnerGitlabContainerRunner(self,"runner-instance-change-tag",gitlabtoken="$GITLABTOKEN",tags=["aa","bb","cc"])
IAM政策
如果要添加runner其他IAM策略,如s3 readonly access。在
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826# If you want add runner other IAM Policy like s3-readonly-access.fromcdk_gitlab_runnerimportGitlabContainerRunnerfromaws_cdk.aws_iamimportManagedPolicyrunner=GitlabContainerRunner(self,"runner-instance-add-policy",gitlabtoken="$GITLABTOKEN",tags=["aa","bb","cc"])runner.runner_role.add_managed_policy(ManagedPolicy.from_aws_managed_policy_name("AmazonS3ReadOnlyAccess"))
安全组
如果要添加流道其他SG入口。在
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826# If you want add runner other SG Ingress .fromcdk_gitlab_runnerimportGitlabContainerRunnerfromaws_cdk.aws_ec2importPort,Peerrunner=GitlabContainerRunner(self,"runner-add-SG-ingress",gitlabtoken="GITLABTOKEN",tags=["aa","bb","cc"])# you can add ingress in your runner SG .runner.default_runner_sG.connections.allow_from(Peer.ipv4("0.0.0.0/0"),Port.tcp(80))
使用自有专有网络
2020/06/27 , you can use your self exist VPC or new VPC , but please check your
vpc public Subnet
Auto-assign public IPv4 address must be Yes ,orvpc private Subnet
route table associatednat gateway
.
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826fromcdk_gitlab_runnerimportGitlabContainerRunnerfromaws_cdk.aws_ec2importPort,Peer,Vpc,SubnetTypefromaws_cdk.aws_iamimportManagedPolicynewvpc=Vpc(stack,"VPC",cidr="10.1.0.0/16",max_azs=2,subnet_configuration=[SubnetConfiguration(cidr_mask=26,name="RunnerVPC",subnet_type=SubnetType.PUBLIC)],nat_gateways=0)runner=GitlabContainerRunner(self,"testing",gitlabtoken="$GITLABTOKEN",ec2type="t3.small",selfvpc=newvpc)
利用你的自我存在角色
2020/06/27 , you can use your self exist role assign to runner
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826fromcdk_gitlab_runnerimportGitlabContainerRunnerfromaws_cdk.aws_ec2importPort,Peerfromaws_cdk.aws_iamimportManagedPolicy,Role,ServicePrincipalrole=Role(self,"runner-role",assumed_by=ServicePrincipal("ec2.amazonaws.com"),description="For Gitlab EC2 Runner Test Role",role_name="TestRole")runner=GitlabContainerRunner(stack,"testing",gitlabtoken="$GITLAB_TOKEN",ec2iamrole=role)runner.runner_role.add_managed_policy(ManagedPolicy.from_aws_managed_policy_name("AmazonS3ReadOnlyAccess"))
自定义Gitlab Runner EBS szie
2020/08/22 , you can change you want ebs size.
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826fromcdk_gitlab_runnerimportGitlabContainerRunnerGitlabContainerRunner(stack,"testing",gitlabtoken="$GITLAB_TOKEN",ebs_size=50)
使用AutoScalingGroup
2020/11/25 , you can set the number of runners.
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826fromcdk_gitlab_runnerimportGitlabRunnerAutoscalingGitlabRunnerAutoscaling(stack,"testing",gitlab_token="$GITLAB_TOKEN",min_capacity=2,max_capacity=2)
支持Spotfleet Gitlab Runner
2020/08/27 , you can use spotfleet instance be your gitlab runner, after create spotfleet instance will auto output instance id .thank @pahud again ~~~
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826fromcdk_gitlab_runnerimportGitlabContainerRunner,BlockDurationrunner=GitlabContainerRunner(stack,"testing",gitlabtoken="GITLAB_TOKEN",ec2type="t3.large",block_duration=BlockDuration.ONE_HOUR,spot_fleet=True)# configure the expiration after 1 hoursrunner.expire_after(Duration.hours(1))
2020/11/19, you setting job runtime bind host volumes. see more https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runnersdocker-section
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826fromcdk_gitlab_runnerimportGitlabContainerRunner,BlockDurationrunner=GitlabContainerRunner(stack,"testing",gitlabtoken="GITLAB_TOKEN",ec2type="t3.large",docker_volumes=[{"host_path":"/tmp/cahce","container_path":"/tmp/cahce"}])
2020/11/19, support runner auto unregister runner when cdk app destroy.
注意
{1美元^1}
About change instance type
这在(包括)之前
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826fromaws_cdk.aws_ec2importInstanceType,InstanceClass,InstanceSizefromcdk_gitlab_runnerimportGitlabContainerRunner# If want change instance type to t3.large .GitlabContainerRunner(self,"runner-instance",gitlabtoken="$GITLABTOKEN",ec2type=InstanceType.of(InstanceClass.T3,InstanceSize.LARGE))
这是
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826fromcdk_gitlab_runnerimportGitlabContainerRunner# If want change instance type to t3.large .GitlabContainerRunner(self,"runner-instance",gitlabtoken="$GITLABTOKEN",ec2type="t3.large")
等待大约6分钟,如果成功,您将看到您的跑步者在该页面
您可以使用标记gitlab
,runner
,awscdk
,
示例gitlab-ci.yaml
dockerjob:image:docker:18.09-dindvariables:tags:-runner-awscdk-gitlabvariables:DOCKER_TLS_CERTDIR:""before_script:-docker infoscript:-docker info;-echo 'test 123';-echo 'hello world 1228'
如果您想调试,可以转到aws控制台
In your runner region !!!
AWS系统管理器>会话管理器>启动会话
单击您的runner
,然后单击start session
在浏览器控制台中输入bash
# become to root sudo -i # list runner container . root# docker ps -a # modify gitlab-runner/config.toml root# cd /home/ec2-user/.gitlab-runner/ && ls config.toml
:鼓掌:支持者
- 项目
标签: