# GitLab CI

## Overview

We have a runner deployed in a VM on the dev jump host to run GitLab pipeline jobs. The runner in the VM follows the podman in podman pattern i.e. the runner is containerized and spawns containers to execute pipeline jobs.

## Changing Configuration

The config file is located at `/root/config.toml` and is mounted in the container using `./config.toml:/etc/gitlab-runner/config.toml:Z .`

The generic GitLab Runner config options can be found here: https://docs.gitlab.com/runner/configuration/

## Runner Image

The runner image is based on the Podmand-In-Podman Gitlab Runner image. We customized it to configure the Phoenix `CI_SERVER_URL` instead of `gitlab.com` in the register runlabel.

```
FROM registry.gitlab.com/qontainers/pipglr:latest

LABEL register="/proc/self/exe run -it --rm --secret=REGISTRATION_TOKEN,type=env \
  -v ./config.toml:/etc/gitlab-runner/config.toml:Z \
  -e REGISTER_NON_INTERACTIVE=true \
  -e CI_SERVER_URL=https://git.phoenix-systems.ch/ \
  -e RUNNER_NAME=pipglr \
  -e RUNNER_EXECUTOR=docker \
  -e RUNNER_SHELL=bash \
  -e DOCKER_HOST=unix:///home/runner/podman.sock \
  -e DOCKER_IMAGE=registry.access.redhat.com/ubi9/ubi-minimal:latest \
  -e DOCKER_CACHE_DIR=/cache \
  -e DOCKER_VOLUMES=/cache \
  -e DOCKER_NETWORK_MODE=host \
  -e DOCKER_PRIVILEGED=true \
  --entrypoint=/usr/bin/gitlab-runner localhost/custom-pipglr:latest register"
```

Build the image after making changes using `podman build -t custom-pipglr:latest .`

## Run the Runner

`podman container runlabel run localhost/custom-pipglr:latest`

## Register the Runner

Create a podman secret for the registration token.

`echo '<actual registration token>' | podman secret create REGISTRATION_TOKEN -`

Run register runlabel

`podman container runlabel register localhost/custom-pipglr:latest`