Gitlab Runner version: Version 16.4.0
Gitlab Version: 15.11.11-ee
Hello this is my first post here so I hope I’m not doing anything wrong, if I am please let me know and I’ll correct it,
I’ve been having issues with Gitlab Workers using my s3 cache and I’m not sure it’s an issue / where the issue lies anymore.
I’m not using s3 Cache from Amazon but I tried S3 compatible storage from MinIO and Vultr.
Every time I try to use either solution, I get the following error:
.cache/: found 100 matching artifact files and directories
Uploading cache.zip to https://subdomain.example.com/gitlab/cache/project/63/main-protected
FATAL: received: 403 Forbidden
Failed to create cache
My Gitlab Worker configuration looks like this:
[[runners]]
name = "WinServ02"
url = "https://0.0.0.0/"
id = 5
token = "REDACTED"
token_obtained_at = 2023-05-03T12:12:40Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "docker-windows"
clone_url = "https://0.0.0.0"
shell = "powershell"
disable_cache = false
[runners.cache]
Type = "s3"
Shared = true
Path = "cache"
[runners.cache.s3]
ServerAddress = "subdomain.example.com"
AccessKey = "REDACTED"
SecretKey = "REDACTED"
BucketName = "gitlab"
BucketLocation = "germany-east0"
Insecure = false
[runners.docker]
tls_verify = false
image = "python:3.10-windowsservercore-ltsc2022"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
shm_size = 0
CI Script:
default:
image: python:3.9-windowsservercore-ltsc2022
tags:
- winserv02
variables:
PIP_CACHE_DIR: ${CI_PROJECT_DIR}/.cache/pip
before_script:
- Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
- $env:Path += ';C:\ProgramData\Chocolatey'
- choco config set --name="'cacheLocation'" --value="${CI_PROJECT_DIR}/.cache/choco-cache/"
- python -m pip install --upgrade pip
.dependencies_cache:
cache:
key: "$CI_COMMIT_REF_SLUG"
paths:
- Analysis-00.toc
- dist/
- build/build_for_pipeline/
- .cache/
policy: pull
stages:
- test
Create Things to cache:
stage: test
extends: .dependencies_cache
cache:
policy: pull-push
script:
- pip3 install -q pandas
- choco install vcredist2013
Access Policy for S3 Key:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"admin:*"
]
},
{
"Effect": "Allow",
"Action": [
"kms:*"
]
},
{
"Sid": "AllAccess",
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::gitlab",
"arn:aws:s3:::gitlab/*"
]
}
]
}
I already tried these solutions, none of which seemed to have solved the issue:
I really hope ya’ll can help me I’m really stuck on this one, it seems like it should work but it doesn’t. I feel like I’m missing something obvious here?