Pre-Registered GitLab Runner in a Container

How to run GitLab Runner in a Docker container using a registration token stored in an environment variable.
GitLab
Docker
Published

23 Mar 2022 12:00

In a previous post I described a recipe for setting up GitLab Runner using a Docker container. With that setup it was possible to register multiple runners on a single container. However, each runner needed to be registered manually. This setup makes complete sense if the container will be around for a while. But what if you’re spinning up a GitLab Runner container for only a short duration? In this case it might be preferable to have the container pre-configured (or at least easily configured) to provide a runner to a specific project or group. Setting that up is the goal of this post.

Registration Token

To register a runner we’re going to need a token. The token comes from the project (or group) settings.

Find registration token in GitLab project or group settings.

Find registration token in GitLab project or group settings.

Docker Image

Derive a new Docker image from gitlab/gitlab-runner.

FROM gitlab/gitlab-runner:v14.7.0

RUN apt-get update && \
    apt-get install -y docker.io

COPY gitlab-runner-register.sh .
RUN chmod u+x gitlab-runner-register.sh

ENTRYPOINT ["./gitlab-runner-register.sh"]

The entrypoint for the image is a script, gitlab-runner-register.sh.

Registration Script

The registration script will register the runner using the token specified via the TOKEN environment variable.

#!/bin/bash

if [ -z "$TOKEN" ]
then
  echo "Please provide a registration token."
  exit 1
fi

# Initiate the GitLab Runner process.
#
gitlab-runner run --user=gitlab-runner --working-directory=/home/gitlab-runner &

# Register a runner.
#
gitlab-runner register \
  --non-interactive \
  --executor "docker" \
  --docker-image alpine:latest \
  --url "https://gitlab.com/" \
  --registration-token "$TOKEN" \
  --description "gitlab-runner-baked" \
  --run-untagged="true" \
  --locked="false" \
  --access-level="not_protected"
  
# Launch Docker daemon (this will also keep container running).
dockerd

Build Image & Launch Container

Build the image.

docker build -t gitlab-runner-baked .

Create a container, specifying the token as an environment variable.

docker run --privileged -e "TOKEN=GR13489419yi-LLr6ZD-2r2BCfdDS" gitlab-runner-baked

Test

Once the container is running you should see that the runner is available in the project settings.

List of available runners.

List of available runners.

Here’s a simple GitLab CI configuration for testing purposes.

image: alpine:3.14

stages:
  - build

build:
  stage: build
  script:
    - echo "Welcome to my build!"

And this is what we see in the pipeline logs.

Pipeline logs showing that job succeeded.

Pipeline logs showing that job succeeded.

Conclusion

This setup makes it possible to spin up a pre-registered GitLab Runner in a container. In principle this should also work on ECS using the Fargate serverless compute engine, however, you’d need to ensure that the task definition provides adequate resources.