-
-
Notifications
You must be signed in to change notification settings - Fork 329
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove the support for register the runner outside the module #186
Comments
A major version bump that throws out a bunch of deprecated stuff would be great |
fully agree, feel free to create a PR |
Ok, here we go. I will remove everything marked as deprecated. Let's clean up the stuff. |
@npalm Anything else I can remove which is not marked as deprectated? |
@npalm As we always have to store the token somewhere: Which option should be removed (you are referring in your first post)? EDIT: I guess you point to gitlab_runner_registration_config["registration_token"]. But we need it to place the token from Gitlab somewhere. I usually store that token in a SSM parameter and reference it in the module configuration. Otherwise the token is visible in the code and checked in to the source control which is not a good idea at all. |
) ## Description Adds the ability to read the Gitlab registration token from SSM. If no registration token is passed in, it will look in SSM to find the token to use. This prevents the token from being leaked as part of the user_data. ```hcl module "gitlab_runner" { # ... gitlab_runner_registration_config = { registration_token = "" # this is the default value too # ... } secure_parameter_store_gitlab_runner_registration_token_name = "name-of-ssm-parameter-holding-the-registration-token" ``` Closes #776 Precondition for #186 to get rid of pre-registered runners. ## Migrations required NO ## Verification I modified the runner-default example to not pass in a registration token and added the token to SSM instead. Then I started up the runner and confirmed that it successfully registered with Gitlab. --------- Co-authored-by: Matthias Kay <github-public@matthiaskay.de> Co-authored-by: Matthias Kay <matthias.kay@hlag.com>
This seems to be a valid point, yes. Could you please create a separate issue for this, @dsalaza4 ? |
Planned for the v8 release end of 2024. https://docs.gitlab.com/ee/architecture/blueprints/runner_tokens/index.html#proposal |
Will close this now as this is the official strategy from GitLab to handle Runners. Register them manually and go with it. |
Due to backwards compatibly the module still supports the scenario to register a runner manual and pass the token. To reduce the complexity and number of scenarios this option will be removed.
The text was updated successfully, but these errors were encountered: