-
-
Notifications
You must be signed in to change notification settings - Fork 329
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add option to read Gitlab Runner Registration token from SSM #822
feat: add option to read Gitlab Runner Registration token from SSM #822
Conversation
Hey @Conoreby! 👋 Thank you for your contribution to the project. Please refer to the contribution rules for a quick overview of the process. Make sure that this PR clearly explains:
With submitting this PR you confirm that you hold the rights of the code added and agree that it will published under this LICENSE. The following ChatOps commands are supported:
Simply add a comment with the command in the first line. If you need to pass more information, separate it with a blank line from the command. This message was generated automatically. You are welcome to improve it. |
@Conoreby thanks, can you have a look on the failing workflows. Can you also add a note to the top-level readme about the options users have to provide the registration token. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You made a good job here to make the module safer. Thank you.
🤖 I have created a release *beep* *boop* --- ## [6.4.0](6.3.1...6.4.0) (2023-05-03) ### Features * add option to read Gitlab Runner Registration token from SSM ([#822](#822)) ([51d63e6](51d63e6)) ### Bug Fixes * disable outputting config.toml by default ([#768](#768)) ([2cd1e44](2cd1e44)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Signed-off-by: Niek Palm <dev.npalm@gmail.com> Co-authored-by: cattle-ops-releaser[bot] <126345536+cattle-ops-releaser[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Description
Adds the ability to read the Gitlab registration token from SSM. If no registration token is passed in, it will look in SSM to find the token to use. This prevents the token from being leaked as part of the user_data.
Closes #776
Precondition for #186 to get rid of pre-registered runners.
Migrations required
NO
Verification
I modified the runner-default example to not pass in a registration token and added the token to SSM instead. Then I started up the runner and confirmed that it successfully registered with Gitlab.