Commit 86682ce7 authored by zauberstuhl's avatar zauberstuhl
Browse files

Add gitlab-ldap-runner image

parent 9b674de1
Pipeline #3396 passed with stages
in 3 minutes and 36 seconds
FROM gitlab/gitlab-runner:latest
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update
RUN apt-get install openssh-server ldap-server ldap-utils python-pip python-ldap -y
RUN apt-get clean && apt-get autoclean
RUN pip install ansible
# patching https://github.com/ansible/ansible/pull/44475
#ADD ldap_passwd.patch /tmp/ldap_passwd.patch
#RUN patch -p1 </tmp/ldap_passwd.patch && rm /tmp/ldap_passwd.patch
# configure ldap for testing environment
ADD *.ldif /tmp/
RUN rm -r /var/lib/ldap && mkdir -p /var/lib/ldap
RUN rm -r /etc/ldap/slapd.d && mkdir -p /etc/ldap/slapd.d
RUN slapadd -n 0 -F /etc/ldap/slapd.d -l /tmp/config.ldif
RUN slapadd -n 1 -F /etc/ldap/slapd.d -l /tmp/data.ldif
RUN rm /tmp/config.ldif /tmp/data.ldif
RUN chown -R openldap:openldap /etc/ldap/slapd.d
RUN chown -R openldap:openldap /var/lib/ldap
# configure ssh for testing environment
RUN su gitlab-runner -c 'ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa' && \
su gitlab-runner -c \
'echo "Host *\n StrictHostKeyChecking no" > ~/.ssh/config' && \
mkdir -p /root/.ssh && \
cp /home/gitlab-runner/.ssh/id_rsa.pub /root/.ssh/authorized_keys
ADD entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
CMD ["run", "--user=gitlab-runner", "--working-directory=/home/gitlab-runner"]
# Custom Gitlab Runner
The member repository requires a custom gitlab runner
with pre installed ansible and configured shell executor.
## Configuration
concurrent = 5
check_interval = 0
[[runners]]
name = "restricted-runner"
url = "https://git.feneas.org/"
token = "XXXXXXXXXXXXXXXXXXXXXXXXX"
executor = "shell"
[runners.cache]
## Docker
e.g.
docker build -t zauberstuhl/gitlab-ansible-runner .
socker push zauberstuhl/gitlab-ansible-runner
## Gitlab
Start the runner image and configure the gitlab
repository as private runner. Disable shared runners!
This diff is collapsed.
dn: dc=feneas,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: Federated Networks Association
dc: feneas
structuralObjectClass: organization
entryUUID: f74ed102-0017-1038-95e3-1932492af6df
creatorsName: cn=admin,dc=feneas,dc=org
createTimestamp: 20180609100230Z
entryCSN: 20180609100230.418174Z#000000#000#000000
modifiersName: cn=admin,dc=feneas,dc=org
modifyTimestamp: 20180609100230Z
dn: cn=admin,dc=feneas,dc=org
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
structuralObjectClass: organizationalRole
entryUUID: f76aaf12-0017-1038-95e4-1932492af6df
creatorsName: cn=admin,dc=feneas,dc=org
createTimestamp: 20180609100230Z
userPassword:: cHBwcA==
entryCSN: 20180821184425.018985Z#000000#000#000000
modifiersName: cn=admin,dc=feneas,dc=org
modifyTimestamp: 20180821184425Z
#!/bin/bash
/etc/init.d/slapd start
/etc/init.d/ssh start
# update ssh key in case it was changed
cp -v /home/gitlab-runner/.ssh/id_rsa.pub /root/.ssh/authorized_keys
/usr/bin/gitlab-runner $@
--- /usr/local/lib/python2.7/dist-packages/ansible/modules/net_tools/ldap/ldap_passwd.py 2018-08-26 22:01:14.981221689 +0000
+++ /usr/local/lib/python2.7/dist-packages/ansible/modules/net_tools/ldap/ldap_passwd.py 2018-08-26 22:01:46.337372988 +0000
@@ -117,7 +117,7 @@
# Change the password (or throw an exception)
try:
- self.connection.passwd_set(self.dn, None, self.passwd)
+ self.connection.passwd_s(self.dn, None, self.passwd)
except ldap.LDAPError as e:
self.fail("Unable to set password", e)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment