File gitlab-runner.changes of Package gitlab-runner
------------------------------------------------------------------- Thu Oct 23 09:47:37 UTC 2025 - obs@tbadm.net - Update to version 18.5.0: * Update CHANGELOG for v18.5.0 * Add project name to build logging fields * Update Usage Log with more job context * Add Kubernetes context support for executor * Added context for Parallels executor * Implement minimal job confirmation API * Rename Connect() to TerminalConnect() * Usage new payload data in runner logging * Add namespace, root namespace and organization info to job payload * Made the mermaid chart readable * fix: Fix logging of duration_s field * Add slot information to no capacity error * Remove EOL spaces in docs * Updated host key check default value * Change runner to runner core and ci functions platform * Improve branch selection logic for docs:check Hugo build job * Introduce a basic get secrets integration test * Improve error logging in docker-machine executor * Remove duplicate prefix in docker service containers * Fix log field name for docker machine executor * Improved over-linking * Add enhanced project and user metadata to runner job logging * Fix test data to match test case intention * Rename test case that had a duplicate name * Rename test case that had a duplicate name * Remove duplicate test case * Update Hugo version for Docs test * chore: rename VersionInfo to Info * Remove outdated redirects * Fix external links * Add project name to build logging fields * Update the ubuntu version used as a base image * Latest Translation Yaml enhancements * feat: add labels to global config and individual runner configs * Add changelog entry for v18.4.0 * Bump test timeouts * Refactor: improve executors/internal/autoscaler/provider.go readability * Reduce linking score * Add VMware vSphere fleeting plugin to community maintained plugins * First iteration * Add new ruleset to cover all docs patterns * Update docker device documentation link * Update fleeting plugin and other dependencies * Fix development s3 job for ppc64le * Upgrade base images to v0.0.26 * Use EventuallyWithT for test stability * Bump default step-runner version used in tests * Update step-runner version to 0.16.0 * Update docs hugo_build job image to use latest image * Fix arch label for IBM PPC arch * Add CI to test Hugo build with translated documentation * Add changelog entry for v18.3.1 * Update fleeting plugin and other dependencies * Add path verifications for localized files * Refactor registering of commands to be more explicit * [docker] Document persistent dynamic storage * Use testing linter with t.Context related settings * Add GIT_CLONE_EXTRA_FLAGS variable for native git clone * Remove health check from Vault client call * Fix docs links * Update file fleeting.md * Changed 'date +%s' to '' as the %s format is unsupported on z/OS at this time * Enable static check QF1012 * CI: Skip downloading artifacts of previous jobs * Test nanosecond padding of timestamps * Fix non-semantic linking words * Refactor scripts/sign-binaries into three different scripts * Remove EOL spaces in docs * Add support for signing and notarizing macOS binaries * Change option signature to not return error * Fix flaky unit test with TestDefaultDocker_Exec * Fix flaky Docker integration tests * Bump golang to 1.24.6 * Bump RUNNER_IMAGES_VERSION to 0.0.25 * Revert "Merge remote-tracking branch 'origin/18-2-stable'" * Bump version to v18.4.0 * Add timeouts to all docker-machine command executions * Migrate golangci lint to version 2 * Update CHANGELOG for v18.3.0 * Merge branch 'hhoerl/547332-docker-cache-volume-separation' into 'main' * Ensure TOML feature flags are used and take precedence over job env * Added request_concorrency KB link * Update CHANGELOG for v18.2.2 * Handle with warnings and document concurrency deadlock * [docker] Volume manager uses real unique names * Get a real unique name for a build * Update docs for cache key hashing * Update fleeting plugin dependency * Update documentation * Set LOCAL_FLAVOR to alpine-latest * Set ALPINE_DEFAULT_VERSION to latest * Update API metric description to bring consistency * Refactor docker service logs tests * Update CHANGELOG for v18.3.0 * Allow customization of taskscaler & fleeting parameters in config.toml * Fix proxy-exec store temporary directory * Refactor verify runner tests to table tests and better assertions * Refactor kubernetes feature checker tests * Update fastzip to v0.2.0 * Pass cache metadata via env * Do not enable FF_HASH_CACHE_KEYS by default * Update fleeting plugin dependency * Replace HashiCorp Vault with OpenBao SDK * Count the number of retries for each request: * Refactor unregister command method for testability * Document cache key hashing * [k8s] Allow to use helper image from this pipeline * Do not sanitize hashed cache keys * Add operator pod_spec and deployment_spec docs * Setting job variables prunes all existing vars with same key * Refactor cache key & file handling * Ensure cache metadata is written when not uploading * Adapt test cache adapter for metadata * Restore metadata on cache pulls * Change metadata handling for local caches * Add metadata for gcs & gcsv2 cache uploads * Refactor cache tests * Add metadata for s3 & s3v2 cache uploads * Add metadata for GoCloud blobs * Add metadata file for local caches * Cache keys are hashed by default * Merge branch 'hhoerl/547332-sec-docker-cache-volume' into 'main' * Add correlation id header to outgoing requests * Remove code for disabled Akeyless integration feat * Mention that systempaths security_opt is not supported * Drop alpine 3.18 * Remove unused lock from client struct * Move backoff logic to retry requester * Parse the last line of stdout for UID/GID * Update information passed with Hosted Runners Bridge * Sync vale rules from main project * Add errorlint linter to golangci-lint settings * Fix identity for aws_secrets_manager_resolver * Add a max age of 24h for Kubernetes integration RBAC resources * Bridge releases with Hosted Runners * Add status_class and method label to request duration metrics * Bump default step-runner version used in tests * Update step-runner version to 0.15.0 * Docs: Minor grammar updates in GitLab Runner README * Correct erroneous compatibility chart features for docker-autoscaler executor * Refactor move retry 429 status code logic to one place * Remove EOL spaces in docs * Refactor gitlab client register runner tests * Enable image executor opts in the kubernetes executor * Sort features support functions * Update CHANGELOG for v18.2.1 * Update CHANGELOG for v18.2.0 * Merge branch 'hhoerl/38933-cache-key-sanitation-fixes' into 'main' * Fix cache key sanitation issues, esp. re. "cache key files" * First iteration of unit tests for unregister command * A bit of general copy edit cleanup * Minor improvements to best practices for fleet scaling * Add method label to status counter metrics * Introduce unnecessary-traversal Markdownlint rule to Runner docs * chore: Use stable alpine for RISC-V * Upstream batch push 2025-07-21 * Refactor errors to wrap errors * Add support for 503 http code in maintenance mode * Update file _index.md * Bump version to v18.3.0 * Update CHANGELOG for v18.2.0 * Upgrade prebuilt runner images back to Alpine 3.21 * Add a note about the experiment status of GRIT * Remove line length rule for markdownlint for i18n files * Add test for abstract shell guardGetSourcesScriptHooks method * Merge branch 'hhoerl/506381-sanitize-cache-keys' into 'main' * Suggest AWS regions with lower grid CO2 emissions * Refactor docker auth resolving * Refactor kube cred setup test * Make docker auth test easier * Consume docker auth info in order * Simplify reading of docker config files * Make image ref normalization clearer * Make docker auth helper tests more readable and idiomatic * Merge branch 'hhoerl/sec-sanitize-cache-key' into 'main' * Fix job duration reporting * Docker machine AMI update * Update index file for getting started * Fix minor typos with executor interface docs * Update CHANGELOG for v18.2.0 * Revert "Merge branch 'avonbertoldi/RFH3046/fetch-source-is-system-error' into 'main'" * Skip pre and post checkout hooks for empty * Update region from us-central-1 to eu-central-1 * Update step-runner version to 0.13.0 * Fix localization codeowners * Update default ruby version in examples * Add glrtr prefix to token sanitizer * Fix unit and integration tests * Reimplement ShortenToken * wip * Fix OS version package support docs * Add additonal info about sha-pinned images * Add operator metrics docs * Fix protocol_port default for SSH * Limit which vale rules to run in i18n pipelines * Add aardvark-dns bug notice to podman guide * Clean up runner docs * Set helper_image_flavor to "ubi-fips" when fips mode is enabled * Add -depth option to `find -exec rm` invocations * WIP * Index page revamp * Improve runner_name metric label coverage * Add formatting target for easy fixes with golangci-lint * Add .markdownlint-cli2.yaml for doc-locale * Log usage of deault image for Docker and K8S executors * Remove outdated information * Update mockery to latest version 3.3.4 and generate mocks * Refactor gitlab client request job tests to table tests * Fix this test * Add unit tests for asBuildError * Ensure BuildErrors have FailureReason * Bump golang to 1.24.4 * Document cache compression env vars * Update gitlab-runner versions * Clarify documentation on reading S3 credentials from the environment * Put the fips binary in the fips runner image * Add troubleshooting guide for GCS workload identity * Fix indent in config.toml example. * Add Kubernetes executors docs for helper container memory sizing * chore: refactor TestAttachPodNotRunning * Bump version to v18.2.0 * Add known SELinux issue regarding tmp and pip to the Podman docs * Update CHANGELOG for v18.1.0 * Merge branch 'ajwalker/thread-correlation-id-to-git' into 'main' * Update file _index.md * Fix docs pipelines for forks * Update access a private registry from kubernetes executor * Thread job request correlation ID to git operations * Add overprovisioning note, fix typos * Clean inherited env var from calling shell * rebase * Fix kubernetes executor helper image override log * Small typo fixes * Update docs on how to use env variables for S3 cache access * Update PROVENANCE.md file * Add configure runner on OCI to the index page * Updated the documents * Migrate more jobs to Kubernetes * Update file _index.md * Remove cleanup step from TestBufferHandlingWithExceededFDIssue test * Bump default step-runner version used in tests * Update step-runner version to 0.11.0 * Install runner on z/OS * Update CHANGELOG for v17.10.2 * Restrict danger-review to canonical GitLab forks * Integration tests for docker+autoscaler timed out job * Tidy up Cleanup() method * Use dockerConn instead of client * Reimplement connectDocker in terms of dockerConnection * Function to create a new dockerConnection * Add dockerConnection type * Add dockerTunnel type * Make environmentDialContext easier to call * Inject Context into environmentDialContext * Make validateOSType easier to call * Extract a type * Log failure to remove a container * Misc non-functional cleanups * Make Logger.WithFields easier to use * Log a different message for policy jobs with highest precedence * Add queue_size and queue_depth metrics * Install local dev tools and dependency binaries in tmp bin * Bump base-images to 0.0.18 * Add development docs to upstream * Install tool binaries in tmp bin * Make preemptive mode configurable * Log policy job information * gitlab-runner install et al as user service * Update dates in examples * docs: Add custom executor "shell" property * Remove outdated information * Use the correct rules for the unit test job * Update docker-machine version in docs * Fix authentication towards HTTP docker registries * Add correlation_id to request logs * Document DinD DNS behavior with network-per-build feature * Fix AWS GovCloud with AWS S3 cache * docs: remove a line that is not accurate to the current usages of GRIT * Limit Unit test job to only MR pipelines for forks * Fix pipelines for forks * Added Experimental Status * Update redirected links * Improve pipelines for community, fork, docs MRs * Tidy runner_wrapper/api * Upgrade Go to v1.24.3 * Move commands configOptions to configfile package * Update docker machine in docs * Update Update golang.org/x/net in runner_wrapper module * Update golang.org/x/net in main module * Change System State ID on RunnerConfig to primitive type * Run git config cleanup before creating the template dir * Remove outdated content * Move internal docs into development directory * Upgrade github.com/bmatcuk/doublestar/v4 to latest * Enable powershell native clone * Use mockery constructors in tests * Clean up tables in misc runner docs * Clean up tables in executors docs * Remove randomness of TestProcessRunner_BuildLimit failures * Bump version to 18.1.0 * Punctuation should be outside bold * Clean up stray whitespace * Support int64 and string for k8s user options * Fix final job duration handling * Remove outdated mention * Handle the new glrtr- prefix * Added missing commas * Docker executor image clarification and macOS virtualization info * Switch the default for FF_GIT_URLS_WITHOUT_TOKENS back to false * Fix protoc binary download for macos * Initial setup of config.toml var * Bump base images to allow native clone to work * Document how to set helm chart env variables * Remove kaniko references * Added safety checks for nil sessions and empty endpoints * Run Hugo build test on the correct Docs branch * Add more request_concurrency related metrics * Add adaptive request concurrency * Disable windows tests for TestPwshGitCredHelper * Test git credential helper setup with the docker executor * Run git credential helper setup on different pwsh versions * Cleanup: Remove shellwriter's CommandWithStdin * Refactor git cred helper setup * FF_GIT_URLS_WITHOUT_TOKENS defaults to true * Add exponential backoff to execute stage retries * Push all GitLab translations upstream from production fork * Update the cntlm link to the new fork * Remove github.com/docker/machine library dependency * Upgrade taskscaler dependency with updated heartbeat functionality * Add argo_translation.yml for continous translation * Avoid logging error for empty kubernetes user values * Sync vale rules from main repo * Clean up tables in runner docs * Add support for uid:gid format * Adding How To Configure PVC Cache * Update GPG key expiry date * Make dependant docker images optional * Promote FF_RETRIEVE_POD_WARNING_EVENTS * Create Japanese documentation directory * Add support for Overlay Volume Mounts * Update fleeting dependency * shells: Guard git-clone --revision with version check * shells: Implement the use of git-clone(1) again * shells: Extract template setup into function * shells: Make userAgent check less strict in test * Missing volumeParser is a RunnerSystemFailure * Add some ConfigurationErrors to docker executor * Build config errors are ConfigurationError * Custom executor prepare failures are ConfigurationError JobFailureReason * Add convenience method to BuildError * Prepare failures should be RunnerSystemFailure not ScriptFailure * Add missing JobCancelled JobFailureReason to allFailureReasons * Add resolution to docker image pull failure reason * Add resolution to autoscaler job failure reasons * Fix steps to runner error mapping * Invalid image name should be a ConfigurationError * Invalid executor option should be a ConfigurationError * Misc cleanup * Add error message on cache upload failures * Add reccomendation to read Readme for plugin before installing * Remove section referring to unapplied breaking change * Wait for MR image before starting runner incept * Deprecate ServiceAccountName * Update file fleeting.md * docs: Add troubleshooting section for AZRebalance issue * Merge branch 'avonbertoldi/37859/allowed-pull-policies' into 'main' * Remove algorithm and parameters from instance group autoscaler * Use Hugo 0.145.0 for docs builds * Add instructions for installing prebuilt images while using binaries * Remove outdated mentions * Retry packagecloud 504 errors * Bump base images to address CVE-2024-8176 * Remove outdated registration in test script ------------------------------------------------------------------- Fri May 02 13:28:54 UTC 2025 - obs@tbadm.net - Update to version 17.11.0: * Update CHANGELOG for v17.11.0 * Add ubuntu arm64 pwsh runner helper image * Update example * Update linting tools in project * Fix powershell stdin data race * docs: add a small advanced config section to grit docs * Add job timeout as annotations/labels for kubernetes/docker executor * Removing Stray Newline * Adding Suggested Changes * Fix k8s integration tests resource groups * chore: consolidate regexes into a single regex * GitLab Runner instance group autoscaler doc improvements * ServiceAccountName deprecation * Add notes and standardize capitization * Update file _index.md * remove outdated mentions * SNPowerShell is only for Windows, remove OS check * Deploy to Kubernetes cluster with KUBERNETES_DEPLOY_BRANCH condition * Rebase branches on main * init * Simplify git credential helper command * Fix CI_JOB_TOKEN storage and removal of credentials * Use correct version of linter image * Enable FF_USE_NATIVE_STEPS by default * Update fuzzing corpus exist * Regenerate mocks to account for type changes * Update deprecated docker types * Update obsolete docker types * Update step-runner to v0.8.0 * Expose started_at and finished_at values in Usage Log job details * Update outdated module reference * Add note mentioning PathTooLongException regression on Windows * Seperate GitLab Runner autoscaler content * Update file _index.md * Add note on FILTER_FLAG to docker executor * Allow overriding FILTER_FLAG in clear-docker-cache script * Bump base images for CVE * Update docker machine version * Remove v0.2 of SLSA as no longer supported * Handle vulnerabilty against CVE-2025-30204 * Update docs re. ECS Fargate image override * Mask sensitive config fields for debug logs * docs: Clarify how autoscaler idle_time is calculated * docs: add section to docs about who is using GRIT * Migrate to mockery's packages configuration * Back up unsigned binaries * Fix broken test due to sort order * Use Runner-Token instead of Private-Token where applicable * Method to create Runner-Token http header * Cleanup and standardize code that creates a job-token header * Use a JOB-TOKEN instead of PRIVATE-TOKEN header for job-related requests * Method to create job-token http header * Remove now obsolete *JSONWithPAT* * Replace GitLabClient.doJSONWithPAT with of doJSON * Add headers argument to GitLabClient.doJSON and friends * GitLabClient.doJSONWithPAT calls client.doJSON directly * Method to create PAT http header * Split up client.doJSONWithPAT * Update file windows.md * Update link to documentation labels in runner repo * Add executor options for the Kubernetes executor * Default to unix-like shell when no explicitly set * Only sign tagged binaries * docs: add information about GRIT support and min_support to docs * Parameterize WI_POOL_PROVIDER value * docs: add contributing section for GRIT docs * Eliminate dependencies needed in `yaml:lint` CI job * Improve README.me about signing * Avoid use of Vault and document how signing process works * Sign Windows runner binary executables * Bump RUNNER_IMAGES_VERSION to v0.0.13 * Add rules and targets for CI yaml formatting * Updating links to point to new doc site * Link concurrent doc to custom_build_dir section * Run unit tests in k8s * Ensure automatic `git gc` operations run in the foreground * Fix usage log timestamp generation * Backfill test for RmDirsRecursive and Powershell path resolving * RmFilesRecursive should not attempt to delete directories * Fix package test pipeline trigger jobs * update docker-machine version * Bring up changelog from all v17 * Bring up changelog from v17.9.2 & 17.8.4 * Add permissions docs for Operator containers * Revert "Don't make this pipeline depend on the downstream pipeline" * Don't make this pipeline depend on the downstream pipeline * Trigger the downstream pipeline to test OS packages * Bump version to v17.11.0 * Convert to UTC before formatting to http.TimeFormat * Update CHANGELOG for v17.10.0 * docs: Add warning against sharing autoscaling resources * Update file support-policy.md * Merge branch 'hhoerl/467181-to-main--clean-git-config' into 'main' * Remove mention of GitLab 18.0 removal * Document new git cleanup behaviour * feat: describe how to use FARGATE_TASK_DEFINITION * Set default for git config cleanup based on executor and git strategy * Clean up TestPowershellPathResolveOperations * Run cleanup before setting configs * Clear git config and hooks in submodules * Do more cleanups * Add new config to clean up git configuration * Ensure the cred helper does not persist config injections * Make sure that inline config can't override the 'default: false' setting * Make Alpine 3.19 the default base for helper images * Fix incept tests * Add how to exclude image * Update CHANGELOG for v17.10.0 * Update link to tech writing course in gitlab-runner * Add add-mask functionality to proxy-exec * Upgrade ubuntu image to 24.04 * Proxy shell execution * Exclute helpers/runner_wrapper/api/v* tags from version evaluation * Downgrade prebuilt runner helper images to Alpine 3.19 * Add new supported runner package distros * Fix Vale issues * Bump runner base images version to 0.0.10 * Fix small typo * Fix Vale issues * Sanitize gzip header * Fix HTTP retries not working properly * Update the example versions * Make submodule `--remote` more resilient * Implement test for submodule `--remote` behavior * Refactor abstract shell tests * Shell integration tests: pull out token injection * Fix Vale issues * Update zstandard version to 1.5.7.20250308 * Revert "Update CHANGELOG for v17.9.0" * Update CHANGELOG for v17.9.1 * Update CHANGELOG for v17.9.0 * Bump base image version to 0.0.9 * Merge branch 'sh-cache-upload-env-file' into 'main' * Fix Vale issues * Fix Vale issues * Fix CVE-2025-27144 by upgrading github.com/go-jose/go-jose/v3 * Bump RUNNER_IMAGES_VERSION to 0.0.8 * Bump go version to 1.23.6 * Fix runner_wrapper gRPC API client * Expand volume destinations with job vars * Add volume parser test cases * Fix CVE-2024-45338 by updating golang.org/x/net * Add GPUs support for services * Use TW Team Docker image for site build test * Detect bucket location when not provided * Only add step-runner volume mount when native steps is enabled * Native steps does not run on windows * Fix cache extractor redownloading up-to-date caches for Go Cloud URLs * Fix table rendering * Pin zstandard version and specify checksum * Update gRPC pro definitions * Support custom dialers in runner_wrapper API Client * Make ErrProcessNotInitialized on shutdown commands not to fail them * Add logging of client methods execution * Add support for forceful shutdown * Add wrapper API client implementation * Move wrapper gRPC API to a dedicated go module * Properly parse listen address for wrapper command * Executor selection info added * Update vale rules for runner docs * Use pipeline helper-binary for custom, instance and ssh integration tests * Fix autoscaler policy table format * Fix Vale issues * Allow OS overwrite via ShellScriptInfo * Refactor git cred helper test * Avoid using deprecated class for review apps * Fixed Vale issues * Use correct values for log_format * Fix json schema validation warnings * Move trigger deploy to kubernetes to a deploy stage * Update links for jobs and tags * Consistently use local helper image in CI * Update documentation to point to Rake task to deduplicate tags * Fix inconsistent arguments when creating a service in tests * Fix rules config in trigger deploy to kube job * Revert Disable the `test kubernetes integration` stage * Remove duplicate hugo code * Bump version to v17.10.0 * Update CHANGELOG for v17.9.0 * Merge branch 'ajwalker/taskscaler-acquire-heartbeat' into 'main' * Disable the `test kubernetes integration` stage * Ignore device mappings order in test assertion * Add fleeting heartbeat/connectivity check before instance acquisition * Only use docs-gitlab-com project for review apps * Merge branch 'DarrenEastman-main-patch-af69' into 'main' * Merge branch 'sarahgerman-ff-doc-template' into 'main' * Merge branch 'docs-update-links-runner' into 'main' * Merge branch 'sarahgerman-docs-hugo-shortcodes' into 'main' * Merge branch 'DarrenEastman-main-patch-adf1' into 'main' * Update docker-machine version in docs * Update route map for runner review apps * Add comment regarding scale in protection for an AWS auto scaling group * Clarify support policy for the docker machine executor * Update feature flags doc template for Hugo * Update links to docs from runner docs * Update presumable GitLab version containing this feature in the docs * Apply doc-related suggestions * Update content to use Hugo shortcodes * Update file autoscale.md * Add clear-docker-cache script to runner image * Make UBI image wait for downstream pipeline success * Fix image and glob patterns in unit test cases * Add unit test case for bad glob pattern * Fix linter violations * Update presumable GitLab version containing this feature in the docs * Add integration test * Add unit test cases * Refactor `bindDevices` for reuse in `getServicesDevices` * MR feedback * Add devices support on services * Update step-runner docker executor integration docs * Add gitlab_runner_job_prepare_stage_duration_seconds histogram * Fix step-runner inject container run * docs: add the mount_propagation parameters to the k8s executors documentation * Disable interactive git credentials * Add global operator config options docs * Make sure deploy to kubernets works only on main * Reduce busy work in main job loop * Update file advanced-configuration.md * Add test job for Hugo docs build * Bump base images version to 0.0.6 * Better handle invalid secret format in kv_v2 value engine * Handle nil data at valid key for kv_v2 value engine * Docs: Fix broken external links in runner docs * Fix wording * Deploy each commit from main to kubernetes cluster * Improve services sorting * Update feature flag documentation * Hide the change behind a feature flag enabled by default * Add benchmark tests * Update tests accordingly * Mask by default all known token prefixes * Fix related unit tests * Name k8s service container with alias if valid * Update docker-machine version * Ensure proper table rendering * Exclude distro names from Vale's spell checker * Refactor tests re. custom_build_dir * Update steps integration tests * Run the step-runner container * Method to create/run a step-runner container * Add stepRunnerContainerConfigurator type * Add the step-runner binary path to the build container's PATH * Add step-runner container type * Add step-runner volume * Use defaultContainerConfigurator * Add defaultContainerConfigurator type * Add containerConfigurator interface * Change createContainerConfig signature * Reduce config post-creation modification * Consolidate some common functionality and comments into a method * Minor refactor to make room for running step-runner container * Refactor a condition * Rename getContainer to requestContainer * Rename requestPredefinedContainer to requestHelperContainer * Rename getPrebuiltImage to getHelperImage * Method to get step-runner image name:version * Move steps-specific method to new file * Update step-runner library version * Cleanup: Use existing ptr funcs * Make `custom_build_dir.enabled` optional * Rename index.md to _index.md for compatibility with docs-gitlab-com * CI job to ensure the docs are up to date * Remove now obsolete documentation * Add generated docs * Add docs placeholder for codegen * Minor manual docs fix * Mage target to generate docs * Code to generate linux distro/version support * Add release name to dist/version entry for deb-based distros * Make some code more reusable * Move block_line_replacer.go to a different package * Make NewBlockLineReplacer function public * Use embedded VCS information rather than add manually * Do not create containers with duplicate env vars * Cleanup unused code * Document apt limitation and required workaround * use '-f' to allow for race condition (issue #38447) * Fix windows image zstd compressing * Run rpm_verify_fips against FIPS images * Artifact upload response body logging logs as warning * Refactor artifact upload testing * Protect against responses with large bodies * Add more troubleshooting docs re. artifact upload * Add response detail debugging for artifact upload * Document how to configure S3 Express buckets * Direct-use of the `rpm` command adversely impacts the `yum`/`dnf` database used by modern, RPM-based distros. * Remove obsolete note regarding Alpine DNS issues * Fix missing default alpine images * Improve labels * Add a template for kubernetes feature toggle * Create prebuilt docker-archive Windows images * Support ImageLoad for prebuilt images * Deflake pod watcher tests * Update self-managed naming in runner docs * Revert "Merge branch 'sh-fix-role-arn-s3-express' into 'main'" * Run ubi images with BUILD_COMMIT_SHA and PARENT_PIPELINE_ID * Update docs for informers usage * Upgrade RUNNER_IMAGES_VERSION to v0.0.4 * Expand default labels for FinOps use-cases * Add riscv64 binary download links * Add service_account parameter in [runners.kubernetes] section * Remove lock files left over in .git/refs * Pod watcher: retry getting the subject access reviews * Remove hosted runner section from under Administer * Update k8s analyzer and docs generator * Update offering badges to standard name * Fix Windows image gitlab-runner-helper path * Temporarily use older Windows Helper image for integration tests * Upgrade RUNNER_IMAGES_VERSION to v0.0.3 * Gracefully handle missing informer permissions * Replace deprecated field name with the new name * Pod watcher: test retry scenario * Fix race in pod watcher test * Modify image pusher to fix Buildx OCI Layout images * Fix image pusher script not pushing all tags * CI: add release on riscv64 * Fix flaky logrotate write test * Attempt to disable Windows Defender in a different way * Drop disabling of Windows Defender * Fix missing runner image tag * Fix Role ARN support with S3 Express buckets * Push the helper image packages to S3 * Introduce changes to custom exec build failure * Create copy of aliased helper images, not symlinks * Ensure release tag is included in tags to push * Fix runner helper packages not pushed to PackageCloud * Bump version to v17.9.0 * Update gitlab.com/gitlab-org/fleeting/fleeting as well * Update taskscaler to get ConnectInfo fix for state storage instances * Roll docs linting tooling forward * Document proxy and self-signed certificate error * Add labeling to Usage Logger * Bump base image version * PodWatcher: Put behind FF_USE_INFORMERS * PodWatcher: Gracefully handle initial cache sync * PodWatcher: log unexpected objects * PodWatcher: log pod errors we drop * Update kubernetes analyzer to to also handle informers * Skip powershell tests on non-windows * Refactor test TestPrepareIssue2583 * Use the pod watcher in the k8s executor * Improve configuration description * Document select executors information as an unordered list * Applied docs suggestions * Update Runner config documentation * Add backoff to finalUpdate mechanism * Make configurable the final update retry limit * Update make help with new local-image and related targets * Fix helper-local-image target issue * Fix lint-docs error and expand local-image docs * Change terminology to local for local docker image creation * Remove explicit buildx builder creation for local images * Update documentation for creating local docker images * Host images build in the current, not default, context * Add support for building local docker images * Update CHANGELOG for v17.8.0 * Merge branch 'avonbertoldi/update-step-runner-version' into 'main' * Docs update - Update Architecture naming for GRIT * Fix formatting and add link to GRIT docs * Fix prebuilt-helper-images target * Remove references to helper-dockerarchive-host * Fix helper-bin-host target * Properly handle shortening for tokens with prefix glcbt- * Update step-runner library version to 0.3.0 * Add GRIT documentation * Update CHANGELOG for v17.8.0 * Runner cache s3 table cleanup * Document RoleARN configuration parameter * Clean up unused GetUploadEnv() in cache code * Only specify --provides in deb packages * Specify gitlab-runner-helper-images version in dependency * Change gitlab-runner-helper-images package arch to `noarch` * Incompatible pull policies should not be a retryable error * Add new ConfigurationError failure reason * Make OnStage faster to discover build stage * Implement a pod watcher * Remove Windows 24H2 tests until such a runner is available * Add support for Windows 24H2 * Update CHANGELOG for v17.5.5 * Expand variables for the docker platform with unit tests * Add note about being unable to change some settings via config template due to known issue * Pubt `RPM` in backticks * Fixes issue where service containers were missing labels * Clarify ServiceAccount of the runner manager * Update manual install upgrade docs * Fix runner deb package upgrade * Fix a 404 error in the Runner repo * Update documentation for manual installation of the new packages * Update golang.org/x/net to v0.33.0 * Update golang.org/x/crypto to v0.31.0 * Run go mod tidy * Actually save and commit go.sum * Merge branch 'avonbertoldi/update-steps-version' into 'main' * Actually update step-runner version to 0.2.0 * Add RoleARN to handle both upload and download S3 transfers * Note Reuse previous clone if it exists support for k8s * Docs: remove misleading information about the initiation of the session server * Update CHANGELOG for v17.7.0 * Update CHANGELOG for v17.6.1 * Merge branch '38267-windows-docker-runner-errors-since-17-5-0' into 'main' * Merge branch 'avonbertoldi/update-alpine-docs' into 'main' * Add mount propagation mode for hostpath mounts on kubernetes * Fixed Vale issues in Runner docs: Part 9 * Fix incorrect references to packagecloud.io * Fix fork pipelines by ensuring windows tag refs exist * Add Troubleshooting for docker autoscaler executor * Add finished job usage data logging * Go mod tidy * Upgrade Akeyless SDK to v4 * Don't run kubernetes integration tests in community MRs * Change anyuid service account to gitlab-runner-app-sa * Job tagging dependant on canonical vs. fork * Use runner base images * Clarify docker container support policy * Fixed Vale issues in the Configure GitLab Runner on OpenShift doc * Limit UploadARN session duration to 1 hour * Improve documentation for Azure workload identities * Update CHANGELOG for v17.7.0 * Add node tolerations to kubernetes integration tests * Skip testKubernetesBuildCancelFeatureFlag as it's flaky * Actually update step-runner version to 0.2.0 * Downgrade `Upload request redirected` to info message * Address review feedback * Add feature flag issue templates * Separate kubernetes integration tests resource groups * Ignore some linter errors in mage * Make check_directives skip magefiles * Update powershell version * Update alpine versions in docs * Fix renovate regex for ubi image versions * Update sync_docker_images test and test data * Update alpine 3.18 and 3.19 patch versions * Drop alpine versions 3.16 and 3.17 * Make alpine version 3.21 the default/latest version * Add alpine version 3.21 support * Fix deb 386 package file names * Kubernetes API reference analyzer based on types instead of field names * Let Docker site redirect to latest version * Ignore 404 errors when extracting cache * Refactor cache downloading in shells/abstract.go * Return error with GetGoCloudURL() * Refactor cache extractor code to handle presigned and GoCloud URLs * Drop unused Azure code for presigning URLs * Use GoCloud URLs for Azure downloads * Remove CI_JOB_ID from allowlist * Reuse gotestsum flags * Use the testname reporter * Fix gotestsum args * Fix golint * Add more flags to gotestsum * Gotestsum use default format * Gotestsum hide empty tests from junit report * Increase tolerances for testKubernetesPublicInternalVariables * Use gotestsum to run kubernetes integration tests * Fix potential typo * Adjust release job dependencies * Fix building ubuntu runner image * Add job to build exported helper images packages * Make runner packages depend on gitlab-runner-helper-images package * Remove prebuiltImages dependency for runner package blueprint * Mage targets to create rpm and deb helper images * Methods to create helper images packages * Method to create helper images package target blueprint * Refactor prebuiltImages function * Add --verbose flag to fpm invocation * Fix typo in variable name * Fix potential typo * Stop publishing packages for EOL OS versions * Fix sorting of OS release versions * Add mage target to print list of supported OS/versions * Update steps version to 0.2.0 * Fix Kubernetes helpers imports * By default run all execution strategy tests * Migrate Kubernetes integration tests to use the Runner K8S Cluster * Bump docker-machine to v0.16.2-gitlab.30 * Add ability to create review apps by using the GitLab Docs Hugo project * Make fuzz variable mask required to pass * Fix podman troubleshooting doc * Document how to use Azure workload identities for the cache * Fix TestStackDumping test freezing * Update gitlab.com/gitlab-org/fleeting/fleeting version and other deps * Update file configuring_runner_operator.md * Fix Vale issues in Runner docs: Part 5 * Update dependency danger-review to v2 * Docs: Fix `limitations` in `gitlab-runner` repo * Fix Vale issues in Kubernetes executor doc * Fix flaky step-integration test * Remove the term worker from the Plan and operate a fleet of instance or group runners doc * Remove redundant prepare runner-incept variables job * Update experiment-beta page path * Add 'Example' column to Docker runner advanced configuration docs * Bump version to v17.7.0 * Bump UBI base images to the newest 9.5.x versions * Moved some contextual info to runner registration section * Remove semgrep-sast CI rules * Revert "Merge branch 'avonbertoldi/git-lfs-is-bad' into 'main'" * Add Windows Server 2025 to the Windows version support policy * Fix docker network config for Windows * Remove links to interactive web terminals * Correct spelling in comment * Fix apt package install version string and change to a newer version * Make build environment cache friendly * Speed up windows test runs * Export GITLAB_ENV variables without using 'source' * Ensure that GITLAB_ENV file is cleaned up for each job execution * Add docker connection error to troubleshooting * Make homedir easier to test * Update CHANGELOG for v17.6.0 * Merge branch 'pedropombeiro/change-unregister-runner-manager-log-output' into 'main' * Note in logs when runner manager is being unregistered * Attempt to fix stub ssh server on windows * Fix test * Attempt to fix windows process handling * Address linter violations * Clone tag instead of branch when cloning go-fips repo * Bump Go compiler version to 1.23.2 * Merge branch 'hhorl/disable-flaky-test-for-release' into 'main' * Skip homedir fix test on Windows to not block the release * Added information about Docker Autoscaler and Instance executors in the executor selection table * custom.md: Fix typo * Doc/runner spelling exceptions * Fix fuzz variable mask test * Adjust existing unit tests * Do not wait polltimeout when container has terminated * Update CHANGELOG for v17.6.0 * Fix Vale issues in Runner docs: Part 4 * Removed fault tolerance section * Fixed Vale issues in the Advanced Configuration doc * Doc/executor intro feedback * Added docker autoscaler and instance executors info * Remove fault tolerance section * Invoke step-runner from $PATH instead of / * Add docs about potential git cred leakage across builds * TestCredSetup runs tests in parallel * Fix a technical error in the Podman doc * Update Configuration of the metrics HTTP server for runners * Wait for Pod to be reachable in exec mode * Propagate context to triggerPodAttachCheck * Skip TestBuildContainerOOMKilled integration test * Clean git URLs for SSL & cred helper setup * TestCredSetup uses caching cred helper * Ensure the git cred helper does not add \r * Allow integration tests access to the CI_JOB_TOKEN * Adapt shell integration test / TestCredSetup * Make pwsh/powershell git cred helper align with the one for bash * Ensure we don't use cached git creds * Implement CommandWithStdin for shell writer * Externalize git cred helper * Change how we pass in the arg for the git cred helper on windows * Fix path-style requests with Upload ARN functionality * Fix Vale issues in Runner docs * Improve helpers/cli/FixHOME * Add documentation for the docker executor * Fix test-compile jobs * Go module additions * Docker executor integration tests * Function to skip tests if job variable set * Test utils to create JobResponse object that uses run keyword * Remove now obsolete StepShim * Wire it all up * Method to validate steps request, and determine how to execute it * Function to create steps RunRequest from Build * Steps.Docker implementation that uses docker tunneling dialer * Dialer implementation that tunnels though docker exec API * Rename stdErrOmitWriter to omitWriter * Add stderrOmitWriter type * Method to determine if native steps integration is requested/enabled * Add and set step-integration feature info * Add feature flag for native step-runner integration * Minor pedantic cleanup * Simplify kubernetes integration test names * Add runner-wrapper command * Remove broken link * Add integration tests to cover service container behaviour * Update autogenerated code tests and make targets * Add process wrapper gRPC server * Add process wrapper * Add ShutdownCallback executor * Add 'commander' abstraction for command execution * Update CONTRIBUTING.md and LICENSE * Remove the bleeding docker images * Make docker and helper image jobs optional * Fix typo * Add more docstrings * Rename containerStatusChecker to podStatusChecker * Rename to shouldCheckContainerFilter * Rename filter to shouldCheckContainer * Make internal function private * Remove obsolete checkExtendedPodStatusFunc * Don't fail job on service container errors during run * Update log message to properly reference 'container' * Rename service->container * Terminate on any pod service errors, not just OOM * Specifically check if there's an oom when failing runWithAttach * Use oom service check, fail run with attach if container ooms * Add extended pod status check for container ooms * Omit canonical ports for S3 endpoints * Update CHANGELOG for v17.5.3 * Transfer MR short commit SHA to Runner Incept * Download the rpm with yum but install it with rpm * Install git-lfs in ubi image from upstream RPM repo * Delete Runner topics marked for removal * Follow up MR to add changes to MR 5120 * Update CHANGELOG for v17.5.1 * Update CHANGELOG for v17.5.2 * Update CHANGELOG for v17.4.2 * Update CHANGELOG for v17.3.3 * Update CHANGELOG for v17.2.3 * Set gitlab-advanced-sast job to run on code changes * Update script call for job cancellation for powershell * Create script to kill chill process for powershell * Warn user if no fleeting plugins to install * Fix UploadRoleARN URL when other regions are used * Use S3 dual-stack when ServerAddress set to default AWS S3 address * Minor documentation corrections * Replace config_exec_args with config_args * Use saas-linux-medium-amd64 for release_s3 job * Increase max concurrent requests to 50 * Update CI release task to upload with AWS CLI * Fix mage k8s:generatePermissionsDocs intermittent test faliures * Replace the term shared runner with instance runner in Runner docs * Add tests for service name empty * Removed an extra line * Applied review suggestions * Apply TW suggestions * Fix my horrible commit modification * Apply suggestion to fix lint * Apply suggestion to fix linting * Update file advanced-configuration.md * Restore 2nd method of restarting after config * Fix fleeting plugin installation architecture selection * Default to us-east-1 region for AWS SDK v2 * Stop testing UseWindowsLegacyProcessStrategy for KillerTest * Update k8s permission and FF documentation * Hide Pod wait to be attachable behind a FF * Really publish sles/opensuse runner packages * Add AWS hosted MacOS instance troubleshooting note * Disable FF_GIT_URLS_WITHOUT_TOKENS by default * Fix home directory detection * Omit default connector config values * Upgrade github.com/BurntSushi/toml, dario.cat/mergo * Upgrade github.com/mvdan/sh to v3.9.0 * Add taskscaler state storage options * Add comment to help future users * Documented Podman with Runner K8s executor * Merge branch 'remove-trailing-slash' into 'main' * Remove github.com/tevino/abool in favor of atomic.Bool * Rewording to make it clearer * Add Support Warning to Fargate custom tutorial ------------------------------------------------------------------- Tue Oct 22 12:13:47 UTC 2024 - obs@tbadm.net - Update to version 17.5.1: * Revert "Update CHANGELOG for v17.5.0" * Update CHANGELOG for v17.5.1 * Update CHANGELOG for v17.5.0 * Merge branch 'hhoerl/switch-default-for-git-urls-without-token' * Merge branch 'fix-home-directory-finding-error' into 'main' * Bump version to 17.5.1 * Bump version to v17.6.0 * Update CHANGELOG for v17.5.0 * Add taskscaler state storage options * Add comment to help future users * Documented Podman with Runner K8s executor * Merge branch 'remove-trailing-slash' into 'main' * Remove github.com/tevino/abool in favor of atomic.Bool * Document fault tolerance feature * docs: set admin access for rancher desktop * Update gocloud.dev for AWS client-side rate limiting fix * Wait for k8s pods to become attachable as part of poll period * Rephrase description for FF_GIT_URLS_WITHOUT_TOKENS * Run git credential setup tests as part of the shell integration tests * Refactor URL helpers * Don't use a generic helper to get the default shell's name * Adapt git cred helper for all shells * Ensure we catch invalid URLs * Adapt testcase for FF_GIT_URLS_WITHOUT_TOKENS * Make git command setup more succinct * Remove URL helpers' dependency on the Build * Configure the git credential helper for the local repo * Use the FF for not exposing the job token in URLs in the abstract shell * Introduce FF for not exposing the job token in URLs * Rollback URL handling changes * Don't store creds in the git config * Refactor: use helper to determine first non-zero value * Don't use creds in any git URL * Remove trailing whitespace from GitLab Runner docs * Update Go version in dev docs * Update CHANGELOG * Update CHANGELOG for v17.4.1 * Update CHANGELOG for v17.3.2 * Update CHANGELOG for v17.2.2 * Update CHANGELOG for v17.1.2 * Update CHANGELOG for v17.0.3 * Update CHANGELOG for v16.11.4 * Update CHANGELOG for v16.10.1 * Revert "Merge remote-tracking branch 'origin/16-9-stable'" * Revert "Merge remote-tracking branch 'origin/16-10-stable'" * Revert "Merge remote-tracking branch 'origin/16-11-stable'" * Revert "Merge remote-tracking branch 'origin/17-0-stable'" * Revert "Merge remote-tracking branch 'origin/17-1-stable'" * Revert "Merge remote-tracking branch 'origin/17-2-stable'" * Revert "Merge remote-tracking branch 'origin/17-3-stable'" * Revert "Merge remote-tracking branch 'origin/17-4-stable'" * Adjust autoscaler policy on config reloading * Break apart Helm chart optional config into new page * Update CHANGELOG for v17.4.1 * Update CHANGELOG for v17.4.0 * Update CHANGELOG for v17.3.2 * Update CHANGELOG for v17.2.2 * Update CHANGELOG for v17.1.2 * Update CHANGELOG for v17.0.3 * Update CHANGELOG for v16.11.4 * Update CHANGELOG for v16.10.1 * Add deprecation note to the Docker Machine executor docs page * Applied review suggestion * Fixed a typo * Applied review suggestion * Change link to autoscale doc to relative * Add missing link to runner autoscaling docs * Make invalid service image name a build error * UBI: remove non-UBI assets from magefile for runner image * Merge branch 'avonbertoldi/38034/go-fips-image-downgrade' into 'main' * Merge branch 'ggeorgiev/fix-builds-with-exited-services' into 'main' * Update file autoscale.md * Docker install page: clean up installation steps * Use latest markdownlint-cli2 and linter configuration * Add use case to docs for system_id and reusing configurations * Require only build container to start in k8s * Resolve "get "panic: EOF" when register runners run in a container" * Bump linter version to 1.59.1 * Bump golang to 1.22.7 * Made a minor copy edit * Remove Docker reference to focus on OS docs * Add markdownlint-cli2 as asdf dependency * Remove quotes around IP address in ssh invocation in example * Clean up stray whitespace in gitlab-runner project * Remove note that the Azure Fleeting plug-in is in beta from docs * Fix git 1.8 test job * Fix git 1.8 test job * Trigger rebuild if go.fips image * Silence linter * Silence linter * Silence linter * Silence linter * Silence linter * Silence linter * Silence linter * Remove license scanning template * Remove license scanning template * Enable timestamps for CI/CD jobs * Merge branch 'avonbertoldi/38034/go-fips-image-downgrade' into 'main' * Merge branch 'avonbertoldi/38034/go-fips-image-downgrade' into 'main' * Merge branch 'avonbertoldi/38034/go-fips-image-downgrade' into 'main' * UBI: remove non-UBI assets from magefile for runner image * Magefile: fix package:rpmFips * UBI: remove non-UBI assets from magefile for runner image * Magefile: fix package:rpmFips * UBI: remove non-UBI assets from magefile for runner image * Magefile: fix package:rpmFips * UBI: remove non-UBI assets from magefile for runner image * Magefile: fix package:rpmFips * UBI: remove non-UBI assets from magefile for runner image * Magefile: fix package:rpmFips * UBI: remove non-UBI assets from magefile for runner image * Magefile: fix package:rpmFips * UBI: remove non-UBI assets from magefile for runner image * Magefile: fix package:rpmFips * Bump docker-machine to v0.16.2-gitlab.29 * Refactor TestPrepare tests * Fix defaulting of build container name * Use prepared options to set up the pull manager * Track kubernetes pull policies based off of the container name * Fix example trust relationship in UploadRoleARN config * Update GitLab release version for DualStack and Accelerate config * Helm chart install page: start structural revisions * Additionally tag go.fips image version with ubi base image version * Use Windows test code coverage reports * Remove dependency on `prepare ubi base` job * Downgrade go-fips base image to ubi8 * Document PathStyle and UploadRoleARN config parameters * Set AssumeRole session timeout to be as long as build * Add UploadRoleARN support for server side encryption * Strip leading slashes in S3 object names * Make GetUploadEnv() return an error * Extract encryption config parsing and add tests * Support AWS S3 multipart uploads via scoped temporary credentials * Merge branch 'k8s-prevent-script-dump-on-cancellation' into 'main' * Merge branch 'k8s-prevent-script-dump-on-cancellation' into 'main' * Merge branch 'k8s-prevent-script-dump-on-cancellation' into 'main' * Merge branch 'k8s-prevent-script-dump-on-cancellation' into 'main' * Merge branch 'k8s-prevent-script-dump-on-cancellation' into 'main' * Fix bug in scripts/logs dir for k8s executor * Fix setting a container's MacAddress * Fetch docker server API version on initial connection * Add ServerVersion method to Docker API * Fix staticcheck linter violations * Bump some test timeouts * Fix docker wait test * Fix docker volume manager test * Fix docker auth unit tests * Fix official docker client unit tests * Update mock docker client * Address CVE-2024-41110 by upgrading github.com/docker/[docker|cli] * K8s install page: move troubleshooting info, tackle 2 subheads * Docker install: start with line-level cleanups * Fix `pod_annotations_overwrite_allowed` parsing error * Refactor container entrypoint forwarder * Address line-level findings in Kubernetes install page * Exclude Windows code coverage from Linux Cobertura reports * Fix code coverage visualization not working in merge requests * Add namespace support for DOCKER_AUTH_CONFIG * [docs] Fix concurrent_id being used when it is concurrent_project_id * Updating intro sentence again * Refactor the linux repository page to follow CTRT * [k8s] more explicit docs on OS, Arch, KernelVersion selection * Mock Azure STS endpoints to ensure they work in CI * Refactor Azure cache implementation * Document how to use Azure workload or managed identities * Squelch jsonschema warning about DualStack config * Make Azure GetUploadEnv() return account name and storage domain * Add support for Azure Managed Identities in cache * Update interactive runner registration documentation * Publish runner and helper packages for SLES and OpenSUSE * Bump version to v17.5.0 * Update Docker image for docs review apps * Resolve "Proxy configuration docs missing NO_PROXY instructions" * Fix Windows killer graceful termination and related tests * Fix test coverage report job * Flagging `windows 1809 unit tests` as optional * Introduce DualStack and Accelerate S3 options * Drop setting of UseAccelerate * Enable S3 dual-stack endpoints by default * Fix encryption not working with AWS SDK v2 * Refactor cache adapter to combine URL and headers in GetUploadURL * Switch to AWS SDK for S3 cache access * Allow pull_policy to be unset when defining allowed_pull_policies * Improve flaky waitForRunningContainer test * Skip TestDockerCommand_MacAddressConfig on Windows OS * Fix capitalization * UBI: add curl to runner deps install * Magefiles: attempt to satisfy cq/lint asks * Update rebuild dates for go-fips and ubi-fips-base 2024-08-26 * CI: ci/build_ubi_fips_base_image: correct missed local-dev change * UBI: runner-helper Dockerfile.fips to support distroless * UBI: remove non-UBI assets from magefile for runner image * UBI: refactor runner image generation to support distroless * UBI: update runner-helper tar scripting * UBI: convert ubi-fips-base to distroless (ubi-micro) * FIPS: go-fips-base changes to support distroless * CI: Introduce ubi-micro variable changes * maint: Add dockerfile/runner/ubi-fips items to .gitignore * CI: enable bypass of docker logout and scan triggers * Revert "Merge branch 'k8s-exit-container-on-context-cancellation' into 'main'" * Revert "Merge branch 'ajwalker/remove-license-scanning-template' into 'main'" * Merge branch 'ajwalker/remove-license-scanning-template' into 'main' * Merge branch 'k8s-exit-container-on-context-cancellation' into 'main' ------------------------------------------------------------------- Wed Oct 02 09:00:22 UTC 2024 - obs@tbadm.net - Update to version 17.4.0: * Update CHANGELOG for v17.4.0 * Merge branch 'docker-test-mac-address-config' into 'main' * Merge branch 'sh-fix-issue-38016' into 'main' * Update CHANGELOG for v17.4.0 * Fix docker+machine download url * Remove the GitLab Hosted Runners as an example of security risks with DIND * Change designation of Fleeting plugin for Azure from BETA to generally available * fleeting.md: fix bin path * Resolve "`gitlab-runner start` throws "FATAL: Failed to start gitlab-runner: exit status 134" when started prior to being logged in" * docs(kubernetes): mention AWS ASG Zone rebalancing * Use latest docs docker image and linting configuration docs * Add planning issue template * Prevent script dump on job cancellation through UI * Add troubleshooting step to resolve install error on Apple M1 to the Install GitLab Runner on macOS * Revise install Step 3a in the Install GitLab Runner on macOS doc * Revise install step 2 in the Install GitLab Runner on macOS doc * Runner instance generally available * Change the intro section in the Install GitLab Runner on macOS doc * Fix tests panic * Go mod tidy * Add more akeyless tests and refactor accordingly * Small akeyless fixes and refactoring * Add akeyless dependencies * Adding mock generated from go generate * Removing auto genrated mock file * Support fetching the akeyless token * Adding go:generate mockery * Removing build constraint to mock file * Adding build constraint to mock file * Fix goimports * Adding build tag to test * Support akeyless secrets * Bump UBI base image from `9.4-1194` to `9.4-1227` * Add reference to troubleshooting to install step 3c of the Install GitLab Runner on macOS doc * Backfill test for waitForRunningContainer * Add check for dependency resolution * Copy in (some) podutils * Copy edit GitLab Runner system services doc * Fix fleeting plugin version constraint format documentation * CTRT: Refactor install GitLab Runner * Add GitLab Advanced SAST to CI/CD config * Updated Ruby version from 3.3 to 3.3.x * Update file advanced-configuration.md * Update file macos_setup.md * CTRT: Refactor the intro for Install GitLab Runner * Applied suggestions from review * Docker integration test for MacAddress setting * Update allowed_pull_policies notes * Clarify allowed_pull_policies default * Doc details about enhanced behaviour when honoring images' entrypoint * Fix TestPrepareIssue2583 test * Adapt TestWaitForPodRunning for new wait strategy * Adapt services entrypoint logging * Make ensurePodsConfigured a bit more succinct * Forward entrypoint logs to the build log * Rename captureServiceContainersLogs to reflect what it actually does * Prepare powershell image for entrypoint logging checks * Prepare an image with an interesting entrypoint * Address GHSA-xr7q-jx4m-x55m Update google.golang.org/grpc to 1.64.1 * Update CHANGELOG for v17.3.1 * Update CHANGELOG for v17.3.1 * Update CHANGELOG for v17.3.0 * Merge branch 'release-dumb-init-failure-on-helper-image' into 'main' * Add token newline troubleshooting item * Change `Docker` to container in Kubernetes section of the Runner Advanced Configuration doc * Add links to new autoscaling executors to the [[runners]] section in the Runner Advanced Configuration doc * Add `Instance` and `Docker Autoscaler` executors to the default build dir section in the Runner Advanced Configuration doc * Change text on the use of runner in offline environments in Runner Advanced Configuration doc * Re-order sentences in the Helper image registry section of the Runner Advanced Config doc * Add an example config for check interval * Update the config.toml example in Runner Advanced Config * Add link to debug trace docs page in the Runner Advanced Configuration doc * Add `instance` and `docker-autoscaler` executors to the executors table * Expand session server configuration example * Update file advanced-configuration.md * Update file advanced-configuration.md * Update file advanced-configuration.md * Update file advanced-configuration.md * Update dumb-init version to 1.2.5 on GitLab Runner images * Set default DUMB_INIT_VERSION for Helper ubi-fips * Make image generation fail upon failure to download dumb-init ubi-fips * Update install GitLab runner documentation for Amazon Linux * Update the intro to the Shells table in Runner Advanced Configuration * Add reference to docker executor in the [runners.docker] section * Update the Global Section in the Runner Advanced Config doc * Delete `experiment` label from `idleScaleFactor` * Add intro to the [[runners.nachine.autoscaling]] section * Update 3.18 and 3.19 alpine info * Update file advanced-configuration.md * Update file advanced-configuration.md * Update file advanced-configuration.md * Change `executor` description in the advanced configuration doc * Add link to the Git LFS page Advanced Config doc * Change language to terminate in the Advanced Config doc * Add link to the `services` docs page in Advanced Config doc * Bump version to v17.4.0 * Magefile: fix package:rpmFips * Dev: adding scripts/local-env * Makefile.runner-helper: provide mapping from aarch64 to arm64 * Magefiles: docker/buildx: remove deprecated flag * Fix punctuation and grammar * Fix broken links * Update the default container registry of the helper images * Update the default container registry of the helper images * Ensure unregister is called with at least one of --name or --token * Remove redundant return * Update CHANGELOG for v17.3.0 * Update CHANGELOG for v17.3.0 * Bump docker-machine to 0.16.2-gitlab.28 * Add rules to semgrep-sast job * Remove unneeded notes in tabs * Fix formatting in runner registration doc * Work around a syntax highlighting problem * Reorder assertions to group Contains and NotContains checks * Install gitlab-runner using --init-user * Set the default config file path * Method to get specified user's home dir * Plumb init-user into service configuration * Add new init-user install flag * Consolidate some code * Add GIT_STRATEGY empty tests * Remove Beta plugin warning for AWS * Apply split Vale rules to project * Employ a dedicated project directory for GitEmpty strategy * Upgrade fleeting: fix tcpchan deadline for tunnelled connections * Skip `TestRunCommand_configReloading` on windows platforms * Remove funlen * Fix default log format to FormatRunner * Add unit test for deletion of log_level from config.toml * Reset log format to default (text) when not set * Reset log level to default (info) when not set * Bump UBI base image from `9.4-1134` to `9.4-1194` * Add runner path requirement * Add debug log message for resolving Docker credentials * Update index.md * Update azidentity dependency * Update index.md * Add integration test for no additional newlines * Remove previous logic to prevent additional newline * Detect addition \n added by helper * Update CHANGELOG for v17.2.1 * Update CHANGELOG for v17.2.1 * Update CHANGELOG for v17.2.0 * Update CHANGELOG for v17.1.1 * Update CHANGELOG for v17.0.2 * Update CHANGELOG for v16.11.3 * Add GIT_STRATEGY of "empty" to support clean build directories * Merge branch 'hhoerl/37842-remove_git-1.8.3.1' into 'main' * Clarify where to install the fleeting plugin * Re-enable Windows Docker git-lfs tests * Custom executor script shouldn't end with '.' when no file extension * Merge branch 'k8s-exit-container-on-context-cancellation' into 'main' * Merge branch 'k8s-exit-container-on-context-cancellation' into 'main' * Merge branch 'k8s-exit-container-on-context-cancellation' into 'main' * Merge branch 'k8s-exit-container-on-context-cancellation' into 'main' * Improve job cancellation in attach mode * Docs maintenance: Add internal pages to ignore list * [k8s] Fix `testKubernetesWithNonRootSecurityContext` integration tests * [k8s] Fix `CaptureServiceLogs` integration tests * Add missing requirement for network_mtu * Add note about using Workload Identity Federation for GKE * Bump version to v17.3.0 * Update CHANGELOG for v17.2.0 * Update file fleeting.md * Adapt integration tests & docs to slightly differnt pull issue error * Update docs for modifying Git LFS endpoints * Rename some executor fields to better reflect what they are used for * Push defaulting of more things into the constructor func * Test against executors created via the contructor func * Add note about Runner install requirement * Add mount propagation volume option for kubernetes executor * Ensure that dialing fleeting instance can be canceled * Docs maintenance: Fix 404 links * Manually update linting configuration and update Vale version * Add note that AWS and GCP Fleeting plugins is beta * Bump golang to 1.22.5 * Enable FF_RETRIEVE_POD_WARNING_EVENTS by default and update doc * Improve existing integration tests * Always attempt to retrieve pod warning events * Manually update Vale and markdownlint rules and fix docs * Add note to runner autoscaling for runner manager on fault tolerant design * Have the k8s executor successfully discover the windows version * Add note to runner autoscaling for runner manager on preemptive mode * Add note on the runner `tls_verify` setting to the docs * Add note to runner autoscaling on use of credentials file * Add note to runner autoscaling for runner manager on containers * Don't export the kube client creator and config getter * Clean up TestPrepare * Use correct build image in TestPrepare tests * Have a way to inject a kube config into the kubernetes executor * Test services' pull policies are templated into the build pod * Make pull manager allow for different images * Have a way to inject a kube client into the kubernetes executor * Use `client-go/kubernetes.Interface` as our kube client * Fix testKubernetesNamespaceIsolation integration test * Fix testKubernetesGarbageCollection integration test * Fix testKubernetesCustomPodSpec integration test * Fix lint errors * Fix testKubernetesSuccessRunFeatureFlag * Fixed reservation/unavailability taskscaler instance churn * Add integration tests to test the feature flag * Update working dir ownership when umask is disabled * Fix lint warning * Add and document the new feature flag * Fix link that is broken when published * Shorten network names created by FF_NETWORK_PER_BUILD * Update CHANGELOG for v17.0.1 * Update CHANGELOG for v16.11.2 * Merge branch 'hhoerl/37842-remove_git-1.8.3.1' into 'main' * Merge branch 'hhoerl/37842-remove_git-1.8.3.1' into 'main' * Fix periods example in [[runners.autoscaler.policy]] * Add a Runner Docker image tag for the build's revision * Update dependency danger-review to v1.4.1 * Bump docker+machine version to v0.16.2-gitlab.27 * Make directories for scripts and logs configurable for k8s Executor * Docs: fix kubernetes executor runner api permission * Adress CVE-2024-6104 in github.com/hashicorp/go-retryablehttp * Update renovate config for UBI base image * Bump UBI bases image from `9.4-949` to `9.4-1134` * Update CHANGELOG for v17.0.1 * Update CHANGELOG for v16.11.2 * Remove git 1.8.3.1 test * Add note about `FF_ENABLE_JOB_CLEANUP` feature flag * Document k8s executors for read-only root filesystem * Fix some external links in the project * Fix default runner alpine flavour version * Replace sysvinit-adjacent commands with systemd equivalents * Remove vendor exclude dir from golangci-lint check * Keep volumes on runner update * Suppress golangci-lint config deprecations and warnings * Fix mock.AnythingOfTypeArgument deprecation error * Upgrade fleeting and taskscaler to fix instance churn/runaway * Fix mock.AnythingOfTypeArgument deprecation error * Upgrade fleeting and taskscaler to fix instance churn/runaway * Specify in which scenarios missing index has been seen * Bump runner-linters * Bump to Go 1.22.4 * Create issue template for bumping golang * Fix parsing of --kubernetes-host_aliases command-line flag * Use upstream spdystream again * Set proper permission on entrypoint scripts * Bump version to v17.2.0 * Update CHANGELOG for v17.1.0 * Set file permissions before creating runner rpm/deb packages * Add exact commands to fix signed by unknown authority * Fix mock.AnythingOfTypeArgument deprecation error * Check if err is nil while attempting a retry for k8s executor * Upgrade fleeting and taskscaler to fix instance churn/runaway * Document troubleshooting steps for 500 error creating tags * Update file docker_autoscaler.md * Upgrade github.com/klauspost/compress to v1.17.9 * Upgrade github.com/minio/minio-go to v7.0.70 * Remove golang.org/x/exp/slices dependency * Remove github.com/samber/lo dependency from main application * Add AFTER_SCRIPT_IGNORE_ERRORS variable * Add Kubernetes configurable retry backoff ceiling * Use the danger-review component * Fix linter violation * Update file index.md * Apply 1 suggestion(s) to 1 file(s) * Apply 1 suggestion(s) to 1 file(s) * Apply 4 suggestion(s) to 2 file(s) * Update Docker Autoscaler executor docs * Update 2 files * Update file fleeting.md * Support handling docker images with @digest * Bump docker+machine version to v0.16.2-gitlab.26 * Check links in more files * Upgrade ubi fips base image from ubi8 to ubi9 * Upgrade ubi fips base image from ubi8 to ubi9 * Upgrade ubi fips base image from ubi8 to ubi9 * Fix blockquote format for version history * Upgrade helper image git-lfs to 3.5.1 * Update docs linting Docker images * Update runner registration documentation * Enable tarzstd archive format for caches * Fix docker client intermittently failing to connect to unix socket * Use more consistent configFile setup * Restructure documentation * Apply 1 suggestion(s) to 1 file(s) * Apply ajwalker suggestion to combine into one function * Add steps shim * Apply 1 suggestion(s) to 1 file(s) * Fix external links in docs * Fix lint failure * Add version requirement to run-single config file usage * Allow reading run-single configuration from a config file * Fix trailing newline * Remove trailing whitespace * Define GO_FIPS_VERSION_SUFFIX for FIPS image * Bump to Go 1.22.3 * Move docs-related CI jobs to the same file * Override helper images entrypoint on docker import * Use lowercase for beta and experiment * Docs: match example to text * Override helper images entrypoint on docker import * Add note about KMS Alias syntax * Propagate exit codes through nested pwsh calls * Fix jsonschema validation warning for kubernetes retry_limits * Made beta and experiment lowercase * Revert "Merge branch 'runner-incept-needs-ci-prep' into 'main'" * Revert "Merge branch 'runner-incept-needs-ci-prep' into 'main'" * Bump version to v17.1.0 * Update CHANGELOG for v17.0.0 * Add fleeting docs describing new plugin installation method * Allow callers of Kubernetes log processor to wait for Goroutines * Update mocks after running check_mocks * Update mockery to 2.43.0 * Bump to Go 1.22.2 * Improve upgrade docs * Clean up docs redirects, runner - 2024-05-02 * Fix jsonschema validation warning for docker services_limit * Added missing apostrophe * Log ETag of extracted cache archive if available * golangci-lint: Migrate to new formats config * Disable linting of appendAssign * Rename deadline config to timeout in golangci-lint config * Fix golangci-lint static analysis failures * Upgrade runner-linters image to golangci-lint v1.58.0 and Go 1.22 * Updating docs tier badge rules * Apply Fiona's suggestions * Apply 1 suggestion(s) to 1 file(s) * Fix incorrect link * Apply Fiona's suggestion * Fix broken link and typo * Add clarity on container per VM * Apply 1 suggestion(s) to 1 file(s) * Update GitLab Runner Version * Added tier badge info * Fix stuck Windows 1809 jobs * Restructure sentence * Clarify MachineOptions location * Formatting and sentence structure * Update .html to .md * Use a relative link for documentation * Provide examples and clarify * Clarify "circular" docs links * Remove configuration from documentation * Update integration tests accordingly * Remove deprecated pre and post clone scripts * Remove unsupported GitLab versions from Verify Runner group docs * Require ci prep before incept * Remove slsa_v02 from artifact_metadata * Update Changelog * Revert "Merge remote-tracking branch 'origin/16-11-stable'" * Add information regarding Beta feature * Switch to Lychee for link checking * Upgrade taskscaler library, fixes capacity calculation * Upgrade fleeting library, fixes ssh connection hang * Remove runner from config when unregister with token * Apply 1 suggestion(s) to 1 file(s) * Support Google Secrets from projects other than the WIF pool one * Make of PowerShell the default for Windows OS * Remove feature flag FF_CMD_DISABLE_DELAYED_ERROR_LEVEL_EXPANSION * Update documentation * Update unit and integration tests * Remove `cmd` shell * Interpret failed pods as system failures rather than script failures for Kubernetes executor * Fix fleeting install subcommand for Windows * Updated examples to avoid helm error * Remove container on cancel to fix after_script not always executing * Correctly set CI_JOB_STATUS to timedout/canceled when appropriate * April: fixes trailing whitespace in GitLab Runner project * Remove `gitlab-runner exec` command * Implement new GCS Cache adapter that uses Google Cloud SDKs auth discovery defaults * Upgrade fleeting-artifact to fix plugin installation * Add ssh: handshake failed to troubleshooting * Update autoscaler config option documentation * Add cpuset_mems option to Docker executor * Add docs for Runner Operator in disconnected network environments * Update 4 files * Fix failing unit tests * Remove legacy shell quoting and FF_USE_NEW_SHELL_ESCAPE feature flag * Cleanup code * Remove deprecated terminationGracePeriodSeconds * Fix dead documentation anchor links in README * Remove license scanning template * Fix buildlogger write race * Add prerequisite info to runner registration token section * Document the Beta status of the Google Cloud plugin for fleeting * Add support for taskscaler scale throttle * Add security risk on runner debug for Shell executors * Print a warning when token rotation is disabled * Add the ability to disable the automatic token rotation * Fix jsonschema validation warning for monitoring struct * Stop installing tar in ubi fips images * Convert custom kubernetes error to retryError ------------------------------------------------------------------- Mon May 13 07:29:14 UTC 2024 - obs@tbadm.net - Update to version 16.11.1: * Update CHANGELOG for v16.11.1 * Update CHANGELOG for v16.11.0 * Merge branch 'ajwalker/fleeting-ssh-connection-hang' into 'main' * Merge branch 'ajwalker/remove-license-scanning-template' into 'main' * Merge branch '37485-ci_job_status' into 'main' * Merge branch 'ajwalker/fix-fleeting-plugin-installation-windows' into 'main' * Merge branch 'ajwalker/upgrade-fleeting-artifact' into 'main' * Merge branch 'ajwalker/buildlogger-write-race' into 'main' * Bump version to v16.12.0 * Update CHANGELOG for v16.11.0 * Taskscaler and fleeting now use logrus logger * Bump Go version to 1.21.9 * Fix log timestamps fixed format * Add Jfrog Artifactory Secretes engine as External Secrets option in Hashicorp Vault * Optimize buildlogger masking options * Add timestamps to logs behind feature flag * Refactor logging so that each stream has its own masker * Refactor SSH Client to pass stdout/stderr on run, rather than connect * Remove Improved URL Masking feature flag * Detach masking from trace buffer * Give up on the trace finalUpdate if it keeps on failing * Add autoscaler instance_ready_command option * Runner: Updates docs-lint image for new SVG use * docs: Remove period in the middle of a sentence * Remove extra square brackets in podman section * Fix test coverage report job * Update github.com/docker/docker * Update google.golang.org/protobuf * Update github.com/hashicorp/vault/api * Apply 1 suggestion(s) to 1 file(s) * Try to fix CI by removing quotes * Check docker version before using deprecated arg * Add fleeting subcommand to manage fleeting plugins * move arg out * Fix Makefile.build.mk for armv7l (#36976) * Update integration tests to reflect the ssh.Config change * Rename ssh.Config to common.SshConfig * Upgrade github.com/BurntSushi/toml to v1.3.2 * Exclude ssh config from config.toml the validation * Update file index.md * Update file index.md * Fix typo in note * Poke dockerfiles/ci/go.fips.Dockerfile rebuild * Update GO_FIPS_VERSION to match GO_VERSION * Revert "Merge branch 'avonbertoldi/27443/graceful-shutdown-shell' into 'main'" * Extend GitInfo with RepoObjectFormat to store object format * Use fork of moby/spdystream to fix race condition * Re-enable SAST scanning * Change beta to pre in version string * Avoid errors when creating files in pwsh 2.0 ------------------------------------------------------------------- Thu Apr 11 12:10:33 UTC 2024 - obs@tbadm.net - Update to version 16.10.0: * Update CHANGELOG for v16.10.0 * Merge branch 'avonbertoldi/revert-unit-file-change' into 'main' * Bump version to v16.11.0 * Update CHANGELOG for v16.10.0 * Build is now canceled if autoscaled instance disappears * Update windows support section * Add target to compile all test * Upgrade fleeting library * Document connection_max_age parameter * Remove broken link to Kubernetes docs' emptyDir * Document how to troubleshoot Docker Machine issues * Apply 1 suggestion(s) to 1 file(s) * Bump docker+machine version to v0.16.2-gitlab.25 * Runner: updates last two redirecting links * Update plugin status, link timeline/epic * Fix typo (Telsa -> Tesla) * Enabling Vale for badges * Add support for cgroup_parent setting on Docker executor * [Experimental] Define monitoring threshold for job queue duration * Finishes link fixes in Runner docs * Enable feature cancel_gracefully * Apply 2 suggestion(s) to 1 file(s) * Fix Experimental -> Beta references * Add runner token to header * Updating SaaS to be .com * service_linux.go: Remove non-existent syslog.target from service file syslog.target was removed more than a decade ago - https://github.com/systemd/systemd/blob/6aa8d43ade72e24c9426e604f7fc4b7582b9db7c/NEWS#L72-L73 * Really silence error when execing on container that does not exists * Update CHANGELOG for v16.9.0 * Update runner sizes * Fix reference to project issue * Implement integration test to verify behavior * Implement unit tests to test general logic * Apply idiomatic suggestions from review * Use correct context when communicating with K8s API * Add new option namespace_per_job to executor docs * Add missing kubeAPI annotations and permission docs * Add support for isolating jobs to individual namespaces * Set saner default for --config option * Stop adding `--user` to gitlab-runner run command * Use curl instead of wget in install-deps script * Don't install wget in ubi images * Update CHANGELOG for v16.9.1 * Merge branch 'sh-skip-failing-cmd-test' into 'main' * Merge branch 'avonbertoldi/incident-17638-dockerauthconfig' into 'main' * Update CHANGELOG for v16.8.0 * Set UseWindowsLegacyProcessStrategy to false by default * Update no-trailing-spaces configuration for consistency * Remove unneeded trailing spaces * Skip TestBuildGitFetchStrategyFallback on Windows cmd * Fix unrelated failing windows test * Add unit tests for build vars as file-type vars * Call Value() instead of Get() when validating variables * Restructure Kubernetes executor page part 2 * Restructure Kubernetes executor page * Refactor network.newClient to use Go functional option pattern * Fix get IP for Parallels executor on macOS intel * Add-vale-plugin-to-runner-dev * Update usage of GCP to Google Cloud * Bump version to v16.10.0 * Update CHANGELOG for v16.8.1 * Use the actual keys now in the test * This test now panics * Return statement is not needed anymore * Fix fallback_key for local cache * GIT_LFS_VERSION is no longer required to be set * Merge branch 'revert-b534d885' into 'main' * Set saner default for --config option * Stop adding `--user` to gitlab-runner run command ------------------------------------------------------------------- Tue Apr 09 07:59:07 UTC 2024 - obs@tbadm.net - Update to version 16.9.0: * Update CHANGELOG for v16.9.0 * Retry package cloud push on HTTP error 520 * Fix warning event integration test * Fix rpm gpg sign command invocation * Add missing `syscall.EPIPE` network error to retry * Apply kubernetes retry limits docs suggestions * Fix kubernetes exec import * Fix lint job for kubernetes/index.md * Fix verify stable resources job by adding release artifacts to docker jobs * Apply 1 suggestion(s) to 1 file(s) * Apply 1 suggestion(s) to 1 file(s) * Correctly use volume driver for all volumes. * Fix `retry_limits` docs example * Fix `retry_limits` config.go docs * Re-apply Kubernetes docs for retry limits * Add tests for RetryRequestLimit, RetryRequestLimits and fix edge cases * Add configuratble retry limits * Fix service resource overwrites in kubernetes executor * Kubernetes: updating the diff with review suggestions * Docs: updating kubernetes docs with service overwrite section * Kubernetes allow explicit cpu/memory service resources overwrites
