Hi
I’m trying to completely deploy my gitlab cicd stack with ansible and automatically register runners.
I use the below task in my playbook to get registration token and store it in facts for my runners further registration, as I saw in several tutorial that we can get the registration token from gitlab database.
The ansible playbook task :
- name: Extract Runner Registration Token directly from Gitlab DB
become: true
become_user: gitlab-psql
vars:
ansible_ssh_pipelining: true
query: "SELECT runners_registration_token FROM application_settings ORDER BY id DESC LIMIT 1"
psql_exec: "/opt/gitlab/embedded/bin/psql"
gitlab_db_name: "gitlabhq_production"
shell: '{{ psql_exec }} -h /var/opt/gitlab/postgresql/ -d {{ gitlab_db_name }} -t -A -c "{{ query }}"'
register: gitlab_runner_registration_token_result
But this task doesn’t get back any registration token (get an empty string) cause the runners_registration_token column does not exist in the application_settings table. However the runners_registration_token_encrypted
column exists, but the runners_registration_token_encrypted
string returned is rejected by runner-register
api.
Thus I have to copy runners registration token from the gitlab gui (in admin/runners), hardcode it in the playbook and run the playbook again to succeed registration stack.
Can someone explain where gitlab stores its runners registration token displayed in the GUI (I noticed it’s same after rebooting the gitlab server, it doesn’t change)?
Is it definitively impossible to automate gitlab runners registration token retrieval for automatic runners non-interactive registration?
Do you guys have any idea about the right way to achieve this please?