My instance level runner will not successfully run finish jobs because it fails to authenticate with the repo.
I created a gitlab instance level runner that seems to be working and is ready to pick up jobsgitlab-runner is listed
The runner was configured using the following docker-compose file and it is running on the same linux server as the gitlab instance:
<code> GNU nano 7.2 docker-compose.yml version: '3.8'
image: gitlab/gitlab-runner:latest
container_name: gitlab-instance-runner
- /var/run/docker.sock:/var/run/docker.sock
- ./config:/etc/gitlab-runner
echo "Starting registration process..."
if [ ! -f /etc/gitlab-runner/config.toml ]; then
echo "Config file not found, registering runner..."
gitlab-runner register --non-interactive
--url "https://gitlab.my-server-adress.com/"
--docker-image "docker:latest"
--token "$RUNNER_AUTHENTICATION_TOKEN"
&& echo "Runner registered successfully."
|| echo "Runner registration failed."
echo "Config file found, skipping registration."
echo "Starting runner..."
gitlab-runner run --user=gitlab-runner --working-directory=/home/gitlab-runner
<code> GNU nano 7.2 docker-compose.yml version: '3.8'
services:
gitlab-runner:
image: gitlab/gitlab-runner:latest
container_name: gitlab-instance-runner
restart: always
privileged: true
env_file:
- .env
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./config:/etc/gitlab-runner
entrypoint: |
sh -c '
echo "Starting registration process..."
if [ ! -f /etc/gitlab-runner/config.toml ]; then
echo "Config file not found, registering runner..."
gitlab-runner register --non-interactive
--url "https://gitlab.my-server-adress.com/"
--executor "docker"
--docker-image "docker:latest"
--token "$RUNNER_AUTHENTICATION_TOKEN"
&& echo "Runner registered successfully."
|| echo "Runner registration failed."
else
echo "Config file found, skipping registration."
fi
echo "Starting runner..."
gitlab-runner run --user=gitlab-runner --working-directory=/home/gitlab-runner
'
volumes:
gitlab-runner-config:
</code>
GNU nano 7.2 docker-compose.yml version: '3.8'
services:
gitlab-runner:
image: gitlab/gitlab-runner:latest
container_name: gitlab-instance-runner
restart: always
privileged: true
env_file:
- .env
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./config:/etc/gitlab-runner
entrypoint: |
sh -c '
echo "Starting registration process..."
if [ ! -f /etc/gitlab-runner/config.toml ]; then
echo "Config file not found, registering runner..."
gitlab-runner register --non-interactive
--url "https://gitlab.my-server-adress.com/"
--executor "docker"
--docker-image "docker:latest"
--token "$RUNNER_AUTHENTICATION_TOKEN"
&& echo "Runner registered successfully."
|| echo "Runner registration failed."
else
echo "Config file found, skipping registration."
fi
echo "Starting runner..."
gitlab-runner run --user=gitlab-runner --working-directory=/home/gitlab-runner
'
volumes:
gitlab-runner-config:
this is the config.toml file that was generated:
url = "https://gitlab.my-server-adress.com/"
token = "glrt-xxxxxxxxxxxxxxxxxxxx"
token_obtained_at = 2024-07-16T12:55:55Z
token_expires_at = 0001-01-01T00:00:00Z
MaxUploadedArchiveSize = 0
disable_entrypoint_overwrite = false
<code>concurrent = 1
check_interval = 0
shutdown_timeout = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "c1d4f2c35cd0"
url = "https://gitlab.my-server-adress.com/"
id = 11
token = "glrt-xxxxxxxxxxxxxxxxxxxx"
token_obtained_at = 2024-07-16T12:55:55Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "docker"
[runners.cache]
MaxUploadedArchiveSize = 0
[runners.docker]
tls_verify = false
image = "docker:latest"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
shm_size = 0
network_mtu = 0
</code>
concurrent = 1
check_interval = 0
shutdown_timeout = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "c1d4f2c35cd0"
url = "https://gitlab.my-server-adress.com/"
id = 11
token = "glrt-xxxxxxxxxxxxxxxxxxxx"
token_obtained_at = 2024-07-16T12:55:55Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "docker"
[runners.cache]
MaxUploadedArchiveSize = 0
[runners.docker]
tls_verify = false
image = "docker:latest"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
shm_size = 0
network_mtu = 0
I have this .gitlab-ci.yml file that defines the pipeline:
command: ["--tls=false", "--host=tcp://0.0.0.0:2375"]
DOCKER_HOST: tcp://docker:2375
DOCKER_IMAGE_NAME: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
- echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
- docker build --pull -t "$DOCKER_IMAGE_NAME" .
- docker push "$DOCKER_IMAGE_NAME"
<code>stages:
- build
docker-build:
image: docker:latest
stage: build
services:
- name: docker:dind
command: ["--tls=false", "--host=tcp://0.0.0.0:2375"]
variables:
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
DOCKER_IMAGE_NAME: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
before_script:
- echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
script:
- docker build --pull -t "$DOCKER_IMAGE_NAME" .
- docker push "$DOCKER_IMAGE_NAME"
</code>
stages:
- build
docker-build:
image: docker:latest
stage: build
services:
- name: docker:dind
command: ["--tls=false", "--host=tcp://0.0.0.0:2375"]
variables:
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
DOCKER_IMAGE_NAME: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
before_script:
- echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
script:
- docker build --pull -t "$DOCKER_IMAGE_NAME" .
- docker push "$DOCKER_IMAGE_NAME"
now when I commit to the repo to trigger the pipeline the instance runner picks it up but it always fails at the stage “Fetching changes with git depth set to 20…”
this is the entire error:
<code>Getting source from Git repository
Fetching changes with git depth set to 20...
Reinitialized existing Git repository in /builds/chipmunk/webapp/.git/
remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password. See https://my-server-adress.com/help/topics/git/troubleshooting_git#error-on-git-fetch-http-basic-access-denied
fatal: Authentication failed for 'http://gitlab.my-server-adress.com/chipmunk/webapp.git/'
Cleaning up project directory and file based variables
ERROR: Job failed: exit code 1
<code>Getting source from Git repository
00:00
Fetching changes with git depth set to 20...
Reinitialized existing Git repository in /builds/chipmunk/webapp/.git/
remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password. See https://my-server-adress.com/help/topics/git/troubleshooting_git#error-on-git-fetch-http-basic-access-denied
fatal: Authentication failed for 'http://gitlab.my-server-adress.com/chipmunk/webapp.git/'
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
</code>
Getting source from Git repository
00:00
Fetching changes with git depth set to 20...
Reinitialized existing Git repository in /builds/chipmunk/webapp/.git/
remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password. See https://my-server-adress.com/help/topics/git/troubleshooting_git#error-on-git-fetch-http-basic-access-denied
fatal: Authentication failed for 'http://gitlab.my-server-adress.com/chipmunk/webapp.git/'
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
What could be the reason why the authentication fails?
I have another gitlab runner that is specific to a gitlab group and for some reason there the pipelines work perfectly.
I have also tried to set the privileged property in the config.toml file to true but I still ran into authentication issues although the error looked slightly different:
<code>Getting source from Git repository
Fetching changes with git depth set to 20...
Initialized empty Git repository in /builds/chipmunk/webapp/.git/
Created fresh repository.
remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password. See https://gitlab.my-server-adress.com/help/topics/git/troubleshooting_git#error-on-git-fetch-http-basic-access-denied
fatal: Authentication failed for 'http://gitlab.my-server-adress.com/chipmunk/webapp.git/'
Cleaning up project directory and file based variables
ERROR: Job failed: exit code 1
<code>Getting source from Git repository
00:00
Fetching changes with git depth set to 20...
Initialized empty Git repository in /builds/chipmunk/webapp/.git/
Created fresh repository.
remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password. See https://gitlab.my-server-adress.com/help/topics/git/troubleshooting_git#error-on-git-fetch-http-basic-access-denied
fatal: Authentication failed for 'http://gitlab.my-server-adress.com/chipmunk/webapp.git/'
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
</code>
Getting source from Git repository
00:00
Fetching changes with git depth set to 20...
Initialized empty Git repository in /builds/chipmunk/webapp/.git/
Created fresh repository.
remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password. See https://gitlab.my-server-adress.com/help/topics/git/troubleshooting_git#error-on-git-fetch-http-basic-access-denied
fatal: Authentication failed for 'http://gitlab.my-server-adress.com/chipmunk/webapp.git/'
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1