Fatal编程技术网
  • docker-compose/
  • Docker compose Gitlab runner无法删除被拒绝的权限

Docker compose Gitlab runner无法删除被拒绝的权限

docker-compose continuous-integration gitlab

Docker compose Gitlab runner无法删除被拒绝的权限,docker-compose,continuous-integration,gitlab,Docker Compose,Continuous Integration,Gitlab,我正在与Gitlab建立一个CI/CD管道。我已经在Digital Ocean Ubuntu 18.04 droplet上安装了gitlab runner,并在/etc/sudoers中授予gitlab runner以下权限: gitlab-runner ALL=(ALL:ALL)ALL 对关联存储库的第一次提交正确构建docker compose(应用程序本身是Django+postgres),但以下提交无法清理以前的构建并失败: Running with gitlab-runner 12.

我正在与Gitlab建立一个CI/CD管道。我已经在Digital Ocean Ubuntu 18.04 droplet上安装了gitlab runner,并在
/etc/sudoers
中授予gitlab runner以下权限:

gitlab-runner ALL=(ALL:ALL)ALL
对关联存储库的第一次提交正确构建docker compose(应用程序本身是Django+postgres),但以下提交无法清理以前的构建并失败:

Running with gitlab-runner 12.8.0 (1b659122)
on ubuntu-s-4vcpu-8gb-fra1-01 52WypZsE
Using Shell executor...
00:00
Running on ubuntu-s-4vcpu-8gb-fra1-01...
00:00
Fetching changes with git depth set to 50...
00:01
 Reinitialized existing Git repository in /home/gitlab-runner/builds/52WypZsE/0/lorePieri/djangocicd/.git/
 From https://gitlab.com/lorePieri/djangocicd
  * [new ref]         refs/pipelines/120533457 -> refs/pipelines/120533457
    0072002..bd28ba4  develop                  -> origin/develop
 Checking out bd28ba46 as develop...
 warning: failed to remove app/staticfiles/admin/img/selector-icons.svg: Permission denied
 warning: failed to remove app/staticfiles/admin/img/search.svg: Permission denied
 warning: failed to remove app/staticfiles/admin/img/icon-alert.svg: Permission denied
 warning: failed to remove app/staticfiles/admin/img/tooltag-arrowright.svg: Permission denied
 warning: failed to remove app/staticfiles/admin/img/icon-unknown-alt.svg: Permission denied
这是.gitlab-ci.yml文件的相关部分:

image: docker:latest
services:
  - docker:dind

stages:
  - test
  - deploy_staging
  - deploy_production

step-test:
  stage: test
  before_script:
    - export DYNAMIC_ENV_VAR=DEVELOP
  only:
    - develop
  tags:
    - develop
  script:
    - echo running tests in $DYNAMIC_ENV_VAR
    - sudo apt-get install -y python-pip
    - sudo pip install docker-compose
    - sudo docker image prune -f
    - sudo docker-compose -f docker-compose.yml build --no-cache
    - sudo docker-compose -f docker-compose.yml up -d
    - echo do tests now
    - sudo docker-compose exec -T web python3 -m coverage run --source='.' manage.py test

...
我所尝试的:

usermod -aG docker gitlab-runner
sudo service docker restart
我建议在受影响的作业中将GIT_策略设置为none。

这可能是因为您在克隆出的代码库中编写了一个文件。我所做的只是在gitlab runner目录之外创建另一个目录:

WORKSPACE_DIR="/home/abcd_USER/a/b"
rm -rf $WORKSPACE_DIR
mkdir -p $WORKSPACE_DIR
cd $WORKSPACE_DIR
ls -la
git clone ..................
AND DO whatever
我再也没有面对过这个问题。

对我来说,最好的解决办法是添加

pre_clone_script = "sudo chown -R gitlab-runner:gitlab-runner ."
进入
/etc/gitlab runner/config.toml
即使您在上一个作业之后没有权限,它也会在清理workdir和克隆repo之前设置正确的权限。

您能详细介绍一下如何执行吗?谢谢。首先,我将创建一个作业,使用
sudo rm-rf*&&sudo rm-rf.git*
清除所有先前存在的构建数据,git_策略为none。然后,以下克隆项目的作业应该将GIT_策略设置为clone。这样,当您进行测试时,克隆时总是以一个完全空的文件夹开始,这意味着您在尝试覆盖内容时不会被拒绝权限。有关如何在YML中声明这些内容的更多信息:我也有同样的问题。你明白了吗?