Gitlab Windows Runner issue!

Swaroop · February 22, 2024, 6:53am

We’re encountering an issue while attempting to execute the pipeline, despite trying different docker image and adding environment = [“GIT_SSL_NO_VERIFY=true”] to the configuration file (config.toml). Unfortunately, these adjustments haven’t resolved the issue. Please refer to the below pipeline logs.

Running with gitlab-runner 16.8.0

[2](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L2) on esp-gl-win-docker-vm ZbyUjE2b, system ID: s_9fca1c7f9101

[3](https://xxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L3)Resolving secrets

[4](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L4)Preparing the "docker-windows" executor

[5](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L5)Using Docker executor with image mcr.microsoft.com/dotnet/framework/runtime:4.8-windowsservercore-ltsc2016 ...

[6](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L6)Pulling docker image mcr.microsoft.com/dotnet/framework/runtime:4.8-windowsservercore-ltsc2016 ...

[7](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L7)Using docker image sha256:8c8392e36df30c894e973f63aa0f07bbb9d7bb2b74911be8f20145552d711034 for mcr.microsoft.com/dotnet/framework/runtime:4.8-windowsservercore-ltsc2016 with digest mcr.microsoft.com/dotnet/framework/runtime@sha256:c1764ef591de06cb15c21e273de950ca958461add40ce6c16131d06869327d5e ...

[8](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L8)Preparing environment

[9](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L9)Running on RUNNER-ZBYUJE2B via

[10](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L10)esp-gitlab-wind...

[11](https://xxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L11)Getting source from Git repository

[12](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L12)Exception calling "WriteAllText" with "2" argument(s): "Access to the path

[13](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L13)'C:\builds\repos\eonplits\ir-dg\k2\ebok\zebra-be-sc.tmp\CI_SERVER_TLS_CA_FILE'

[14](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L14)is denied."

[15](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L15)At line:87 char:1

[16](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L16)+ [System.IO.File]::WriteAllText("C:\builds\repos\eonplits\ir-dg\k2\ebo ...

[17](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L17)+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[18](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L18) + CategoryInfo : NotSpecified: (:) [], MethodInvocationException

[19](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L19) + FullyQualifiedErrorId : UnauthorizedAccessException

[20](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L20)

[21](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L21)Get-Content : Access to the path

[22](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L22)'C:\builds\repos\eonplits\ir-dg\k2\ebok\zebra-be-sc.tmp\gitlab_runner_env' is

[23](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L23)denied.

[24](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L24)At line:338 char:7

[25](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L25)+ Try { Get-Content "C:\builds\repos\eonplits\ir-dg\k2\ebok\zebra-be-sc ...

[26](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L26)+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[27](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L27) + CategoryInfo : PermissionDenied: (C:\builds\repos...tlab_runner

[28](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L28) _env:String) [Get-Content], UnauthorizedAccessException

[29](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L29) + FullyQualifiedErrorId : GetContentReaderUnauthorizedAccessError,Microsof

[30](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L30) t.PowerShell.Commands.GetContentCommand

[31](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L31)

[32](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L32)Fetching changes with git depth set to 20...

[33](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L33)error: could not lock config file C:\builds\repos\eonplits\ir-dg\k2\ebok\zebra-be-sc.tmp\git-template\config: Permission denied

[34](https://xxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L34)Cleaning up project directory and file based variables

[35](https://xxxxxxx/repos/eonplits/ir-dg/k2/ebok/zebra-be-sc/-/jobs/16285943#L35)ERROR: Job failed: exit code 255

We would greatly appreciate any insights or optimization from anyone to address this matter effectively. Thank you for your assistance.

Hutius · February 23, 2024, 2:59am

If your Git server has a special kind of security certificate (like one you made yourself or got from a private company), you need to make sure your system trusts it. Here’s how you can do that:
So, put your special certificate into the Docker image you use for running your pipeline tasks.
Then use an environment variable called CI_SERVER_TLS_CA_FILE in your pipeline settings. Point this variable to your certificate file. This tells the system that runs your pipeline (GitLab Runner) to trust your certificate.
Also, if you use Docker commands directly in your pipeline file (.gitlab-ci.yml), make sure to include the GIT_SSL_NO_VERIFY variable in your Docker command. This makes sure the system knows to trust your setup during the task run.