Since use of the http(s) proxies are currently the only method of network egress for gitlab runners, we'll need to pass these environment variables through to image build processes. It seems that the way to do this is to add support to the blubber buildkit frontend for proxy options to be passed via the buildctl invocation. The dockerfile implementation in buildkit does it this way, e.g. --opt build-arg:http_proxy=http://foo and so forth.
Description
Description
Details
Details
Customize query in gerrit
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | • dduvall | T308271 Deploy buildkitd to trusted GitLab runners | |||
| Resolved | • dduvall | T317997 Support http_proxy, https_proxy and other proxy `build-arg:` options in blubber buildkit frontend |
Event Timeline
Comment Actions
Change 832699 had a related patch set uploaded (by Dduvall; author: Dduvall):
[blubber@master] buildkit: Support Docker's build-arg options
Comment Actions
Change 832699 merged by jenkins-bot:
[blubber@master] buildkit: Support Docker's build-arg options
Comment Actions
Change 833125 had a related patch set uploaded (by Dduvall; author: Dduvall):
[operations/puppet@production] P:gitlab::runner: Provide proxy variables to runner jobs
Comment Actions
Change 833125 merged by Dzahn:
[operations/puppet@production] P:gitlab::runner: Provide proxy variables to runner jobs
Comment Actions
Change 840234 had a related patch set uploaded (by Dzahn; author: Dzahn):
[operations/puppet@production] buildkitd: re-add <%= @image %> to the docker ExecStart command line
Comment Actions
Change 840234 merged by Dzahn:
[operations/puppet@production] buildkitd: re-add <%= @image %> to the docker ExecStart command line
Comment Actions
Looks like https://gerrit.wikimedia.org/r/c/operations/puppet/+/833125/ broke Puppet on the gitlab-runners project. Example for runner-1026.gitlab-runners.eqiad1.wikimedia.cloud:
ERR: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Class[Profile::Gitlab::Runner]: parameter 'http_proxy' expects a String value, got Undef parameter 'https_proxy' expects a String value, got Undef parameter 'no_proxy' expects a String value, got Undef on node runner-1026.gitlab-runners.eqiad1.wikimedia.cloud WARNING: Not using cache on failed catalog ERR: Could not retrieve catalog; skipping run
Comment Actions
Change 840835 had a related patch set uploaded (by Hashar; author: Hashar):
[operations/puppet@production] gitlab: proxy settings on runners must be optional
Comment Actions
Change 840835 merged by Jelto:
[operations/puppet@production] gitlab: proxy settings on runners must be optional
Comment Actions
Change 841171 had a related patch set uploaded (by Dduvall; author: Dduvall):
[operations/puppet@production] P:gitlab::runner: Quote uppercase environment variable hash keys
Comment Actions
Change 841171 merged by Jelto:
[operations/puppet@production] P:gitlab::runner: Quote environment variable hash keys
Comment Actions
Change 841554 had a related patch set uploaded (by Ahmon Dancy; author: Ahmon Dancy):
[operations/puppet@production] P:gitlab::runner: Do not quote the value of environment variables
Comment Actions
Change 841554 merged by RLazarus:
[operations/puppet@production] P:gitlab::runner: Do not quote the value of environment variables
Comment Actions
Mentioned in SAL (#wikimedia-operations) [2022-10-11T16:40:57Z] <rzl> gitlab-runner[1002-1004,2002-2004] - systemctl restart buildkitd - T317997