4

I need to add the following options to run the Docker image. However I gave been unable to find from the documentation how one specifies these options in .gitlab-ci.yml

–device /dev/fuse --cap-add SYS_ADMIN --cap-add=MKNOD --security-opt apparmor:unconfined
Improve this question
5
  • Do you simply want to run a new container or want to execute the gitlab build inside a container, which has these options? Commented Apr 7, 2021 at 18:43
  • The image specified with 'image:my-docker/my-image:latest' in .gitlab-ci.yml needs to have these options - so I want to run all my CI jobs inside my-image Commented Apr 7, 2021 at 18:53
  • 1
    I think you need docs.gitlab.com/runner/configuration/… See "The [runners.docker] section" Commented Apr 7, 2021 at 18:58
  • It works using the runner, but doesn't that mean that the CI pipeline now runs from my machine, not on the server that is hosting the GitLab? If so, then this undesirable, since if the connection to my personal computer is lost, then the runner won't run for others too? Or am I missing something? Commented Apr 8, 2021 at 8:20
  • yes, the runner can either be run on your computer or any server. You can install it where you want. It's not possible to configure this in the gitlab-ci.yml Commented Apr 8, 2021 at 12:40

1 Answer 1

Reset to default
4

Those Docker options are not configured in the .gitlab-ci.yml file, they are specified in the runner's configuration found in the config.toml file.

The [runners.docker] section allows you to configure these options on a per-runner basis.

Here is an example of how to set those options:

[[runners]] ... [runners.docker] tls_verify = false image = "{your-image:tag}" cap_add = ["SYS_ADMIN", "MKNOD"] devices = ["/dev/fuse"] security_opt = ["apparmor:unconfined"] ...
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I had the notion that when I run the CI with only the things specified in the .gitlab-ci.yml, the pipeline runs on that (private) server that is hosting the GitLab instance. Unfortunately I don't have the administrative rights for that server. Do I understand correctly that the runners should be registered in a different server than the one that is hosting the Gitlab? Since the server is used by a group of people, I wouldn't want that the runner is located on my personal machine (when computer is off, the pipeline can't run).
Runners can be hosted on separate servers, nearly anywhere. You can register a if you have Owner permission to a group or project.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.