Automatic gitlab runners registration token retrieval from database for automatic runners registration




I’m trying to completely deploy my gitlab cicd stack with ansible and automatically register runners.

I use the below task in my playbook to get registration token and store it in facts for my runners further registration, as I saw in several tutorial that we can get the registration token from gitlab database.

The ansible playbook task :

- name: Extract Runner Registration Token directly from Gitlab DB
    become: true
    become_user: gitlab-psql
        ansible_ssh_pipelining: true
        query: "SELECT runners_registration_token FROM application_settings ORDER BY id DESC LIMIT 1"
        psql_exec: "/opt/gitlab/embedded/bin/psql"
        gitlab_db_name: "gitlabhq_production"
    shell: '{{ psql_exec }} -h /var/opt/gitlab/postgresql/ -d {{ gitlab_db_name }} -t -A -c "{{ query }}"'
    register: gitlab_runner_registration_token_result

But this task doesn’t get back any registration token (get an empty string) cause the runners_registration_token column does not exist in the application_settings table. However the runners_registration_token_encrypted column exists, but the runners_registration_token_encrypted string returned is rejected by runner-register api.

Thus I have to copy runners registration token from the gitlab gui (in admin/runners), hardcode it in the playbook and run the playbook again to succeed registration stack.

Can someone explain where gitlab stores its runners registration token displayed in the GUI (I noticed it’s same after rebooting the gitlab server, it doesn’t change)?
Is it definitively impossible to automate gitlab runners registration token retrieval for automatic runners non-interactive registration?
Do you guys have any idea about the right way to achieve this please?