Gitlab-Runner:从主服务器克隆的权限被拒绝
[英]Gitlab-Runner: Permission denied on cloning from master
问题描述
I was looking for a method to implement a CI/CD pipeline within my projects.
我正在寻找一种在我的项目中实现 CI/CD 管道的方法。 I decided to use Gitlab with its gitlab-runner technology.我决定使用 Gitlab 及其 gitlab-runner 技术。 I tried to use it through docker containers but, after more than 100 attempts, I decided to install it on the machine.我尝试通过 docker 容器使用它,但经过 100 多次尝试,我决定将它安装在机器上。
I followed the official Gitlab guide step by step.我按照官方Gitlab 指南一步一步来。 Everything is working perfectly;一切正常; I run the register, fill all the fields correctly and I go on to write the.gitlab-ci.yml:我运行寄存器,正确填写所有字段,然后我在 go 上编写.gitlab-ci.yml:
image: docker:latest
services:
- docker:18.09.9-dind
stages:
- deploy
step-deploy-prod:
stage: deploy
only:
- master
script:
- docker-compose up -d --build
when: always
environment: master
As you can imagine when looking at the yml file, when some operation is performed on the master, the pipeline starts and executes a docker-compose up --build -d (the project in question is a PHP application with a SQL database deployed through a compose).正如您在查看 yml 文件时可以想象的那样,当在 master 上执行一些操作时,管道启动并执行 docker-compose up --build -d(有问题的项目是 PHP 应用程序,其中 Z9778840A01004B30C982ZA 数据库通过部署 acompose )。
First run: Absolutely perfect;第一次运行:绝对完美; the pipeline starts, the build is executed correctly and is correctly put in online管道启动,构建正确执行并正确上线
Second and following 140 runs: That's the nightmare.第二次和之后的 140 次跑步:那是噩梦。 Over 140 builds failed for the same reason;由于同样的原因,超过 140 个构建失败; when cloning the repository, the runner doesn't seem to have write permissions on his home directory (/home/gitlab-runner/builds/...).克隆存储库时,运行者似乎没有对他的主目录(/home/gitlab-runner/builds/...)的写权限。
If I manually delete the nested folder inside builds/ the runner works, but only for one run, then same situation.如果我手动删除 builds/ runner 中的嵌套文件夹,但只运行一次,那么情况相同。
I tried to:我尝试过了:
- run chown gitlab-runner:gitlab-runner on its home directory (also as pre_clone_script in the TOML file);在其主目录上运行 chown gitlab-runner:gitlab-runner(也作为 TOML 文件中的 pre_clone_script );
- add gitlab-runner to the sudoers group;将 gitlab-runner 添加到 sudoers 组;
- I added gitlab-runner to the docker group;我将 gitlab-runner 添加到 docker 组;
- a series of file permissions operations, then chmod 777, chgrp with the runner group and more.一系列文件权限操作,然后 chmod 777,chgrp 与 runner 组等等。
1 个解决方案
解决方案1
0 2021-03-25 13:51:06
You always should not forget to stop your containers with after_script section.你总是不应该忘记用after_script部分停止你的容器。
But in your case, you can use GIT_STRATEGY to clear repository before your job.但在您的情况下,您可以在工作之前使用GIT_STRATEGY清除存储库。
variables:
GIT_STRATEGY: none
Your yml file with this fix带有此修复程序的 yml 文件
image: docker:latest
services:
- docker:18.09.9-dind
stages:
- deploy
step-deploy-prod:
stage: deploy
only:
- master
script:
- docker-compose up -d --build
when: always
environment: master
variables:
GIT_STRATEGY: none
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.