Sharing volumes inside docker container on gitlab runner

Replace this template with your information

Describe your question in as much detail as possible:

So I am trying to mount a working directory with project files into a child instance on a gitlab runner in sort of a DinD setup. I want to be able to mount a volume in a docker instance, which would allow me to muck around and test stuff. Like e2e testing and such… without compiling a new container to inject the files I need… Ideally, so I can share data in a DinD environment without having to build a new container for each job that runs…

I tried following (Docker volumes not mounted when using docker:dind (#41227) · Issues · GitLab.org / GitLab FOSS · GitLab) and I have some directories being mounted, but it is not the project data I am looking for.

  • What are you seeing, and how does that differ from what you expect to see?
    So, the test jobs, I ceated a dumby file, and I wish to mount the directory in a container and view the files…

  • Consider including screenshots, error messages, and/or other helpful visuals

  • What version are you on? Are you using self-managed or GitLab.com?

the gitlab server is on perm and is running “12.9.2” CE.

  • *Runner (Hint: /admin/runners):

I am using the latest gitlab runner deployed through a helm chart. the version is “13.3.1”.

  • Add the CI configuration from .gitlab-ci.yml and other configuration if relevant (e.g. docker-compose.yml)

I have a test ci yml, which sort of does what I am looking for. I make test files in the volume I which to mount, which I would like to see in a directory listing, but sadly do not. I my second attempt at this, I couldn’t get the container ID becuase the labels don’t exist on the runner and it always comes up blank… However, the first stages show promise as It works perfectly on a “shell” runner outside of k8s. But, as soon as I change the tag to use a k8s runner it craps out. I can see old directory files /web and my directory I am mounting, but not the files within it. weird?

ci.yml

    image: docker:stable
    services:
      - docker:dind

    stages:
      - compile

    variables:
      SHARED_PATH: /builds/$CI_PROJECT_PATH/shared/
      DOCKER_DRIVER: overlay2

    .test: &test
      stage: compile
      tags:
    - k8s-vols
      script:
      - docker version
      - 'export TESTED_IMAGE=$(echo ${CI_JOB_NAME} | sed "s/test //")'
      - docker pull ${TESTED_IMAGE}
      - 'export SHARED_PATH="$(dirname ${CI_PROJECT_DIR})/shared"'
      - echo ${SHARED_PATH}
      - echo ${CI_PROJECT_DIR}
      - mkdir -p ${SHARED_PATH}
      - touch ${SHARED_PATH}/test_file
      - touch ${CI_PROJECT_DIR}/test_file2
      - find ${SHARED_PATH}
      #- find ${CI_PROJECT_DIR}
      - docker run --rm -v ${CI_PROJECT_DIR}:/mnt ${TESTED_IMAGE} find /mnt
      - docker run --rm -v ${CI_PROJECT_DIR}:/mnt ${TESTED_IMAGE} ls -lR /mnt
      - docker run --rm -v ${SHARED_PATH}:/mnt ${TESTED_IMAGE} find /mnt
      - docker run --rm -v ${SHARED_PATH}:/mnt ${TESTED_IMAGE} ls -lR /mnt

    test alpine: *test
    test ubuntu: *test
    test centos: *test


    testing:
      stage: compile
      tags:
    - k8s-vols
      image:
    name: docker:stable
    entrypoint: ["/bin/sh", "-c"]
      script:
    # get id of container
    - export CONTAINER_ID=$(docker ps -q -f "label=com.gitlab.gitlab-runner.job.id=$CI_JOB_ID" -f "label=com.gitlab.gitlab-runner.type=build")
    # get mount name
    - export MOUNT_NAME=$(docker inspect $CONTAINER_ID -f "{{ range .Mounts }}{{ if eq .Destination \"/builds/${CI_PROJECT_NAMESPACE}\" }}{{ .Source }}{{end}}{{end}}" | cut -d "/" -f 6)
    # run container
    - docker run -v $MOUNT_NAME:/builds -w /builds/$CI_PROJECT_NAME --entrypoint=/bin/sh busybox -c "ls -la"
  • What troubleshooting steps have you already taken? Can you link to any docs or other resources so we know where you have been?

This is the values files I am working with…

image: docker-registry.corp.com/base-images/gitlab-runner:alpine-v13.3.1
imagePullPolicy: IfNotPresent
gitlabUrl: http://gitlab.corp.com
runnerRegistrationToken: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
runnerToken: ""
unregisterRunners: true
terminationGracePeriodSeconds: 3600
concurrent: 5
checkInterval: 10
rbac:
  create: true
  resources: ["pods", "pods/exec", "secrets"]
  verbs: ["get", "list", "watch","update", "create", "delete"]
  clusterWideAccess: false
metrics:
  enabled: true
runners:
  image: docker-registry.corp.com/base-images/docker-dind:v1
  imagePullPolicy: "if-not-present"
  requestConcurrency: 5
  locked: true
  tags: "k8s-vols"
  privileged: true
  secret: gitlab-runner-vols
  namespace: gitlab-runner-k8s-vols
  pollTimeout: 180
  outputLimit: 4096
  kubernetes:
    volumes:
    - type: host_path
      volume:
        name: docker
        host_path: /var/run/docker.sock
        mount_path: /var/run/docker.sock
        read_only: false
  cache: {}
  builds: {}
  services: {}
  helpers:
    cpuLimit: 200m
    memoryLimit: 256Mi
    cpuRequests: 100m
    memoryRequests: 128Mi
    image: docker-registry.corp.com/base-images/gitlab-runner-helper:x86_64-latest
  env:
    NAME: VALUE
    CI_SERVER_URL: http://gitlab.corp.com
    CLONE_URL:
    RUNNER_REQUEST_CONCURRENCY: '1'
    RUNNER_EXECUTOR: kubernetes
    REGISTER_LOCKED: 'true'
    RUNNER_TAG_LIST: k8s-vols
    RUNNER_OUTPUT_LIMIT: '4096'
    KUBERNETES_IMAGE: ubuntu:18.04
    KUBERNETES_PRIVILEGED: 'true'
    KUBERNETES_NAMESPACE: gitlab-runners-k8s-vols
    KUBERNETES_POLL_TIMEOUT: '180'
    KUBERNETES_CPU_LIMIT:
    KUBERNETES_MEMORY_LIMIT:
    KUBERNETES_CPU_REQUEST:
    KUBERNETES_MEMORY_REQUEST:
    KUBERNETES_SERVICE_ACCOUNT:
    KUBERNETES_SERVICE_CPU_LIMIT:
    KUBERNETES_SERVICE_MEMORY_LIMIT:
    KUBERNETES_SERVICE_CPU_REQUEST:
    KUBERNETES_SERVICE_MEMORY_REQUEST:
    KUBERNETES_HELPER_CPU_LIMIT:
    KUBERNETES_HELPER_MEMORY_LIMIT:
    KUBERNETES_HELPER_CPU_REQUEST:
    KUBERNETES_HELPER_MEMORY_REQUEST:
    KUBERNETES_HELPER_IMAGE:
    KUBERNETES_PULL_POLICY:
securityContext:
  fsGroup: 65533
  runAsUser: 100
resources: {}
affinity: {}
nodeSelector: {}
tolerations: []
envVars:
    - name: CI_SERVER_URL
      value: http://gitlab.corp.com
    - name: CLONE_URL
    - name: RUNNER_REQUEST_CONCURRENCY
      value: '1'
    - name: RUNNER_EXECUTOR
      value: kubernetes
    - name: REGISTER_LOCKED
      value: 'true'
    - name: RUNNER_TAG_LIST
      value: k8s-vols
    - name: RUNNER_OUTPUT_LIMIT
      value: '4096'
    - name: KUBERNETES_IMAGE
      value: ubuntu:18.04
    - name: KUBERNETES_PRIVILEGED
      value: 'true'
    - name: KUBERNETES_NAMESPACE
      value: gitlab-runner-k8s-vols
    - name: KUBERNETES_POLL_TIMEOUT
      value: '180'
    - name: KUBERNETES_CPU_LIMIT
    - name: KUBERNETES_MEMORY_LIMIT
    - name: KUBERNETES_CPU_REQUEST
    - name: KUBERNETES_MEMORY_REQUEST
    - name: KUBERNETES_SERVICE_ACCOUNT
    - name: KUBERNETES_SERVICE_CPU_LIMIT
    - name: KUBERNETES_SERVICE_MEMORY_LIMIT
    - name: KUBERNETES_SERVICE_CPU_REQUEST
    - name: KUBERNETES_SERVICE_MEMORY_REQUEST
    - name: KUBERNETES_HELPER_CPU_LIMIT
    - name: KUBERNETES_HELPER_MEMORY_LIMIT
    - name: KUBERNETES_HELPER_CPU_REQUEST
    - name: KUBERNETES_HELPER_MEMORY_REQUEST
    - name: KUBERNETES_HELPER_IMAGE
    - name: KUBERNETES_PULL_POLICY
hostAliases:
  - ip: "10.10.x.x"
    hostnames:
    - "ch01"
podAnnotations:
  prometheus.io/path: "/metrics"
  prometheus.io/scrape: "true"
  prometheus.io/port: "9252"
podLabels: {}

So, I have made a couple of tweaks to the helm chart. I have added a a volumes section in the config map…
config.toml: |
concurrent = {{ .Values.concurrent }}
check_interval = {{ .Values.checkInterval }}
log_level = {{ default “info” .Values.logLevel | quote }}
{{- if .Values.metrics.enabled }}
listen_address = ‘[::]:9252’
{{- end }}
volumes = ["/builds:/builds"]
#volumes = ["/var/run/docker.sock:/var/run/docker.sock", “/cache”, “/builds:/builds”]

I tried using the last line, which includes the docker sock mount, but when it ran, it complained that it could no find mount docker.sock, file not found, so I used the builds directory only in this section, and in the values files, added, the docker.sock mount. and it seems to work fine. for everything else but this mounting thing…

I also saw examples of setting the runner to privledged, but that didn’t seem to do much for me…

when I run the pipeline, this is the output…


So as you can see no files…

Thanks for taking the time to be thorough in your request, it really helps! :blush: