Adding a new gitlab-runner configuration

How to create a new gitlab-runner configuration and attach it to the correct projects


A new gitlab-runner needs to be attached to a project.


  1. Verify that the deployment-all checkout works correctly including access to AWS and Beaker: --role poweruser
    echo "$BEAKER_CKI_TEAM_AUTOMATION_SSH_PRIVATE_KEY" | sed 's/\r//' | ssh-add -
    gitlab-runner-config/ configurations diff
  2. (Optional) Reserve a new Beaker machine for an adhoc Beaker-based gitlab-runner for architecture ARCH (x86_64, s390x, ppc64le, aarch64) by running

    podman run --rm -it \
        -e BEAKER_URL \
        -e CGROUPS=v1 \
        -v .:/code \
        -w /code \ \
        bash -c \
        'pip install --no-deps git+ &&
        ./ ARCH'

    Add the host name of the machine to ansible/inventory/beaker.yml, and configure it as a gitlab-runner via

    PLAYBOOK_NAME=gitlab-runner-config \
        ./ \
        --limit HOSTNAME
  3. If a completely new gitlab-runner deployment is needed, set it up and add it to

    • Beaker machine: ansible/inventory/beaker.yml, all.hosts.children.gitlab_runner.hosts
    • Other machine: gitlab-runner-config/, RUNNER_HOSTS
    • Kubernetes: gitlab-runner-config/, CONTEXTS

    Also add it to gitlab-runner-config/runners.yml.j2 in runner_deployments.

  4. If a new configuration template is needed, add it to gitlab-runner-config/runners.yml.j2 in runner_templates.

  5. Instantiate the template in the correct runner deployment via the runner_configurations variable. If a new configuration is created, make sure it is attached to the correct GitLab projects via runner_registrations.

  6. Run gitlab-runner-config/ registrations diff and check that the new runner configurations are reported and do not have a token assigned.

  7. Run gitlab-runner-config/ registrations apply --create-missing and add the new tokens to the secrets via ./ secrets.yml GITLAB_RUNNER_TOKENS.

  8. Deploy the new configurations via gitlab-runner-config/ configurations apply.

  9. For non-Kubernetes gitlab-runner instances, restart the gitlab-runner service to enable the monitoring endpoint of gitlab-runner via

    ssh HOSTNAME sudo systemctl restart gitlab-runner
Last modified October 14, 2022: Retrieve container images from (0d94653)