Commit 7237ed59 authored by Mayra Cabrera's avatar Mayra Cabrera Committed by Kamil Trzciński

Resolve "Enable privileged mode for Runner installed on Kubernetes"

parent 2e87923d
......@@ -56,12 +56,13 @@ module Clusters
def specification
{
"gitlabUrl" => gitlab_url,
"runnerToken" => ensure_runner.token
"runnerToken" => ensure_runner.token,
"runners" => { "privileged" => privileged }
}
end
def content_values
specification.merge(YAML.load_file(chart_values_file))
YAML.load_file(chart_values_file).deep_merge!(specification)
end
end
end
......
---
title: Enable privileged mode for GitLab Runner
merge_request: 17528
author:
type: added
# See http://doc.gitlab.com/ce/development/migration_style_guide.html
# for more information on how to write migrations for GitLab.
class AddPrivilegedToRunner < ActiveRecord::Migration
include Gitlab::Database::MigrationHelpers
DOWNTIME = false
disable_ddl_transaction!
def up
add_column_with_default :clusters_applications_runners, :privileged, :boolean, default: true, allow_null: false
end
def down
remove_column :clusters_applications_runners, :privileged
end
end
......@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20180304204842) do
ActiveRecord::Schema.define(version: 20180305144721) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
......@@ -603,6 +603,7 @@ ActiveRecord::Schema.define(version: 20180304204842) do
t.datetime_with_timezone "updated_at", null: false
t.string "version", null: false
t.text "status_reason"
t.boolean "privileged", default: true, null: false
end
add_index "clusters_applications_runners", ["cluster_id"], name: "index_clusters_applications_runners_on_cluster_id", unique: true, using: :btree
......
......@@ -34,6 +34,8 @@ describe Clusters::Applications::Runner do
is_expected.to include('checkInterval')
is_expected.to include('rbac')
is_expected.to include('runners')
is_expected.to include('privileged: true')
is_expected.to include('image: ubuntu:16.04')
is_expected.to include('resources')
is_expected.to include("runnerToken: #{ci_runner.token}")
is_expected.to include("gitlabUrl: #{Gitlab::Routing.url_helpers.root_url}")
......@@ -65,5 +67,33 @@ describe Clusters::Applications::Runner do
expect(gitlab_runner.runner).not_to be_nil
end
end
context 'with duplicated values on vendor/runner/values.yaml' do
let(:values) do
{
"concurrent" => 4,
"checkInterval" => 3,
"rbac" => {
"create" => false
},
"clusterWideAccess" => false,
"runners" => {
"privileged" => false,
"image" => "ubuntu:16.04",
"builds" => {},
"services" => {},
"helpers" => {}
}
}
end
before do
allow(gitlab_runner).to receive(:chart_values).and_return(values)
end
it 'should overwrite values.yaml' do
is_expected.to include("privileged: #{gitlab_runner.privileged}")
end
end
end
end
......@@ -15,10 +15,8 @@ rbac:
clusterWideAccess: false
## Configuration for the Pods that that the runner launches for each new job
##
runners:
image: ubuntu:16.04
privileged: false
builds: {}
services: {}
helpers: {}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment