For my implementation of gitlab ce 14.0.6, I am trying to run CI on AWS fargate using this article as a reference:
I am getting an error:
ERRO[2021-09-07T19:59:54Z] Error when waiting for task initialization. Will stop the task for cleanup PID=23346 command=prepare_exec error=“fetching the container IP: error trying to get the public IP: error reading network interfaces: UnauthorizedOperation: You are not authorized to perform this operation.\n\tstatus code: 403, request id: b33d8dc2-c25a-4bc2-a4d9-5fca6c9de499” taskARN=“arn:aws:ecs:us-east-1:[my_id]:task/gitlab2-ci-cluster/5d499183e90a45b89ad50327723a7470”
I just can’t figure out what policy is required for the CI Runner Manager role to allow it to get at the ip address. I created a test role which has rights to everything and I am able to continue past this point but then get the error:
ERRO[2021-09-07T20:17:23Z] Application execution failed PID=23424 error=“executing the script on the remote host: executing script on container with IP “34.234.223.129”: connecting to server: connecting to server “34.234.223.129:22” as user “root”: dial tcp 34.234.223.129:22: connect: connection timed out”
If I run the docker container locally, I can see that sshd is running port 22 is exposed. I am not exactly sure how root access is exposed. I based my runner container on FROM docker/compose:debian-1.29.2
and followed the debian example from the aforementioned document. Not sure what is going on here.
Any thoughts on these issues are appreciated.