时间戳

首页 > 解决方案 > Gitlab-runner 未能删除权限被拒绝

docker-compose - Gitlab-runner 未能删除权限被拒绝

问题描述

我正在使用 Gitlab 设置 CI/CD 管道。我已经在 Digital Ocean Ubuntu 18.04 droplet 上安装了 gitlab-runner,并授予/etc/sudoers了 gitlab-runner 的权限:

gitlab-runner ALL=(ALL:ALL)ALL

对关联存储库的第一次提交正确地构建了 docker-compose(应用程序本身是 Django+postgres),但以下提交无法清理以前的构建并失败:

Running with gitlab-runner 12.8.0 (1b659122)
on ubuntu-s-4vcpu-8gb-fra1-01 52WypZsE
Using Shell executor...
00:00
Running on ubuntu-s-4vcpu-8gb-fra1-01...
00:00
Fetching changes with git depth set to 50...
00:01
 Reinitialized existing Git repository in /home/gitlab-runner/builds/52WypZsE/0/lorePieri/djangocicd/.git/
 From https://gitlab.com/lorePieri/djangocicd
  * [new ref]         refs/pipelines/120533457 -> refs/pipelines/120533457
    0072002..bd28ba4  develop                  -> origin/develop
 Checking out bd28ba46 as develop...
 warning: failed to remove app/staticfiles/admin/img/selector-icons.svg: Permission denied
 warning: failed to remove app/staticfiles/admin/img/search.svg: Permission denied
 warning: failed to remove app/staticfiles/admin/img/icon-alert.svg: Permission denied
 warning: failed to remove app/staticfiles/admin/img/tooltag-arrowright.svg: Permission denied
 warning: failed to remove app/staticfiles/admin/img/icon-unknown-alt.svg: Permission denied

这是 .gitlab-ci.yml 文件的相关部分:

image: docker:latest
services:
  - docker:dind

stages:
  - test
  - deploy_staging
  - deploy_production

step-test:
  stage: test
  before_script:
    - export DYNAMIC_ENV_VAR=DEVELOP
  only:
    - develop
  tags:
    - develop
  script:
    - echo running tests in $DYNAMIC_ENV_VAR
    - sudo apt-get install -y python-pip
    - sudo pip install docker-compose
    - sudo docker image prune -f
    - sudo docker-compose -f docker-compose.yml build --no-cache
    - sudo docker-compose -f docker-compose.yml up -d
    - echo do tests now
    - sudo docker-compose exec -T web python3 -m coverage run --source='.' manage.py test

...

我试过的:

usermod -aG docker gitlab-runner
sudo service docker restart

标签: docker-composecontinuous-integrationgitlab

解决方案

对我来说最好的解决方案是添加

pre_clone_script = "sudo chown -R gitlab-runner:gitlab-runner ."

即使您在/etc/gitlab-runner/config.toml 上一份工作之后没有权限,它也会在清理工作目录和克隆存储库之前设置正确的权限。

推荐阅读