Kubernetes Executor & Internal Certificate Authority

phoenixmage · July 29, 2021, 12:47am

Hi All,

I am running self hosted Gitlab 14.1 and my gitlab runners are running on a connected kubernetes cluster and have my internal CA installed and working, my runners are registered and working, except… the helper and build containers that get spun up don’t contain my internal CA cert so fails to pull containers from my internal gitlab registry.

So far I have tried adding the certificate to /etc/gitlab-runner/certs/ca.crt and /etc/gitlab-runner/certs/.crt using kubernetes secrets volumes. I can validate that the certs are definately there by logging on to the helper and build containers but they seem to have no effect.

Does anyone else have any experience in this area or can advise where the CA cert needs to be mounted to be effective on the build and helper containers?

rhillery · January 18, 2022, 12:16am

Hi there,

I am working with Gitlab 14.7 now and I am having this exact same issue. I was wondering if you were ever able to determine a solution?

I have tried a similar list of things you described and I even tried creating our own version of the helper image that contains our custom CA cert. Unfortunately that hasn’t had any effect either

phoenixmage · January 20, 2022, 4:14am

Sadly no dice, I eventually had to move on to other things.

Topic		Replies	Views
Gitlab managed kubernetes runner - how to add CA certs? GitLab CI/CD	0	398	December 22, 2019
Gitlab Runner on Kubernetes isn't handling certificates properly GitLab CI/CD ci	0	1859	March 3, 2022
AutoDevOps with Enterprise CA certificate How to Use GitLab runner	0	349	February 20, 2020
Custom CA and self-hosted Gitlab instance and runners with Docker executor GitLab CI/CD	2	878	February 9, 2024
Runner on kubernetes with selfisigned certificate for private gitlab GitLab CI/CD	1	1415	February 4, 2021

Kubernetes Executor & Internal Certificate Authority

Related Topics