A Gitlab Runner JSII construct lib for AWS CDK
Project description
Welcome to cdk-gitlab-runner
This repository template helps you create gitlab runner on your aws account via AWS CDK one line.
Note
Default will help you generate below services:
-
VPC
- Public Subnet (2)
-
EC2 (1 T3.micro)
Before start you need gitlab runner token in your gitlab project
or gitlab group
In Group
Group > Settings > CI/CD
In Group
Project > Settings > CI/CD > Runners
Usage
Replace your gitlab runner token in $GITLABTOKEN
Instance Type
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
from cdk_gitlab_runner import GitlabContainerRunner
# If want change instance type to t3.large .
GitlabContainerRunner(self, "runner-instance", gitlabtoken="$GITLABTOKEN", ec2type="t3.large")
# OR
# Just create a gitlab runner , by default instance type is t3.micro .
from cdk_gitlab_runner import GitlabContainerRunner
GitlabContainerRunner(self, "runner-instance", gitlabtoken="$GITLABTOKEN")
Gitlab Server Customize Url .
If you want change what you want tag name .
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
# If you want change what your self Gitlab Server Url .
from cdk_gitlab_runner import GitlabContainerRunner
GitlabContainerRunner(self, "runner-instance-change-tag", gitlabtoken="$GITLABTOKEN", gitlaburl="https://gitlab.my.com/")
Tags
If you want change what you want tag name .
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
# If you want change what you want tag name .
from cdk_gitlab_runner import GitlabContainerRunner
GitlabContainerRunner(self, "runner-instance-change-tag", gitlabtoken="$GITLABTOKEN", tag1="aa", tag2="bb", tag3="cc")
IAM Policy
If you want add runner other IAM Policy like s3-readonly-access.
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
# If you want add runner other IAM Policy like s3-readonly-access.
from cdk_gitlab_runner import GitlabContainerRunner
from aws_cdk.aws_iam import ManagedPolicy
runner = GitlabContainerRunner(self, "runner-instance-add-policy", gitlabtoken="$GITLABTOKEN", tag1="aa", tag2="bb", tag3="cc")
runner.runner_role.add_managed_policy(ManagedPolicy.from_aws_managed_policy_name("AmazonS3ReadOnlyAccess"))
Security Group
If you want add runner other SG Ingress .
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
# If you want add runner other SG Ingress .
from cdk_gitlab_runner import GitlabContainerRunner
from aws_cdk.aws_ec2 import Port, Peer
runner = GitlabContainerRunner(self, "runner-add-SG-ingress", gitlabtoken="GITLABTOKEN", tag1="aa", tag2="bb", tag3="cc")
# you can add ingress in your runner SG .
runner.runne_ec2.connections.allow_from(Peer.ipv4("0.0.0.0/0"), Port.tcp(80))
Use self VPC
2020/06/27 , you can use your self exist VPC or new VPC , but please check your
vpc public Subnet
Auto-assign public IPv4 address must be Yes ,orvpc private Subnet
route table associatednat gateway
.
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
from cdk_gitlab_runner import GitlabContainerRunner
from aws_cdk.aws_ec2 import Port, Peer, Vpc, SubnetType
from aws_cdk.aws_iam import ManagedPolicy
newvpc = Vpc(stack, "VPC",
cidr="10.1.0.0/16",
max_azs=2,
subnet_configuration=[SubnetConfiguration(
cidr_mask=26,
name="RunnerVPC",
subnet_type=SubnetType.PUBLIC
)],
nat_gateways=0
)
runner = GitlabContainerRunner(self, "testing", gitlabtoken="$GITLABTOKEN", ec2type="t3.small", selfvpc=newvpc)
Use your self exist role
2020/06/27 , you can use your self exist role assign to runner
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
from cdk_gitlab_runner import GitlabContainerRunner
from aws_cdk.aws_ec2 import Port, Peer
from aws_cdk.aws_iam import ManagedPolicy, Role, ServicePrincipal
role = Role(self, "runner-role",
assumed_by=ServicePrincipal("ec2.amazonaws.com"),
description="For Gitlab EC2 Runner Test Role",
role_name="TestRole"
)
runner = GitlabContainerRunner(stack, "testing", gitlabtoken="$GITLAB_TOKEN", ec2iamrole=role)
runner.runner_role.add_managed_policy(ManagedPolicy.from_aws_managed_policy_name("AmazonS3ReadOnlyAccess"))
Note
vs
About change instance type
This is before ( included )
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
from aws_cdk.aws_ec2 import InstanceType, InstanceClass, InstanceSize
from cdk_gitlab_runner import GitlabContainerRunner
# If want change instance type to t3.large .
GitlabContainerRunner(self, "runner-instance", gitlabtoken="$GITLABTOKEN", ec2type=InstanceType.of(InstanceClass.T3, InstanceSize.LARGE))
This is
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
from cdk_gitlab_runner import GitlabContainerRunner
# If want change instance type to t3.large .
GitlabContainerRunner(self, "runner-instance", gitlabtoken="$GITLABTOKEN", ec2type="t3.large")
Wait about 6 mins , If success you will see your runner in that page .
you can use tag gitlab
, runner
, awscdk
,
Example gitlab-ci.yaml
dockerjob:
image: docker:18.09-dind
variables:
tags:
- runner
- awscdk
- gitlab
variables:
DOCKER_TLS_CERTDIR: ""
before_script:
- docker info
script:
- docker info;
- echo 'test 123';
- echo 'hello world 1228'
If your want to debug you can go to aws console
In your runner region !!!
AWS Systems Manager > Session Manager > Start a session
click your runner
and click start session
in the brower console in put bash
# become to root
sudo -i
# list runner container .
root# docker ps -a
# modify gitlab-runner/config.toml
root# cd /home/ec2-user/.gitlab-runner/ && ls
config.toml
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for cdk_gitlab_runner-1.53.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | c798354a29fd33f3ea61d3cb70e5f753470b0b3edc69f534790d0aedf0bb2c30 |
|
MD5 | 226fb970d6c3f0c12274c10405d80eb5 |
|
BLAKE2b-256 | 56395a5e76aca9f18ce7019414c0ac6a4338de4c53117ab33cb653d57e077538 |