Changes

Page history
lint and spellcheck ci docs authored by anarcat's avatar anarcat
Show whitespace changes
Inline Side-by-side
service/ci.md
View page @ 18ab0ba3
...@@ -126,7 +126,7 @@ to clone the repository at the start of the job, for example: ...@@ -126,7 +126,7 @@ to clone the repository at the start of the job, for example:
A workaround is to reboot the runner's virtual machine. It might be A workaround is to reboot the runner's virtual machine. It might be
that we need to do some more configuration of Docker, see [upstream that we need to do some more configuration of Docker, see [upstream
issue 6644](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6644), although it's unclear why this problem is happening issue 6644](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6644), although it's unclear why this problem is happening
right now. Still to be more fully, see [tpo/tpa/gitlab#93](https://gitlab.torproject.org/tpo/tpa/gitlab/-/issues/93). right now. Still to be more fully investigated, see [tpo/tpa/gitlab#93](https://gitlab.torproject.org/tpo/tpa/gitlab/-/issues/93).
## Disaster recovery ## Disaster recovery
...@@ -145,7 +145,7 @@ GitLab. ...@@ -145,7 +145,7 @@ GitLab.
### Docker on Debian ### Docker on Debian
A first runner (`ci-runner-01`) was setup by Puppet in the gnt-chi A first runner (`ci-runner-01`) was setup by Puppet in the `gnt-chi`
cluster, using this command: cluster, using this command:
gnt-instance add \ gnt-instance add \
...@@ -174,10 +174,10 @@ performed: ...@@ -174,10 +174,10 @@ performed:
NOTE: this was probably already done. If you need a more specific NOTE: this was probably already done. If you need a more specific
runner (say group- or project-specific), a new Role runner (say group- or project-specific), a new Role
(e.g. `roles::gitlab::runner::docker::tpa` could be created and (e.g. `roles::gitlab::runner::docker::tpa` could be created and
pass a different token (set in trocla like the above). pass a different token (set in Trocla like the above).
TODO: this is one case where the Trocla Hiera support (which we do TODO: this is one case where the Trocla Hiera support (which we do
not currently use), could come in handy. See our [Puppet trocla not currently use), could come in handy. See our [Puppet Trocla
docs](howto/puppet#trocla) for more details. docs](howto/puppet#trocla) for more details.
2. setup the large partition in `/srv`, and bind-mount it to cover 2. setup the large partition in `/srv`, and bind-mount it to cover
...@@ -312,12 +312,12 @@ We currently use the following tags: ...@@ -312,12 +312,12 @@ We currently use the following tags:
example, run Docker-inside-Docker (DinD) example, run Docker-inside-Docker (DinD)
* **memory** size: `64GB`, `32GB`, `4GB`, etc. * **memory** size: `64GB`, `32GB`, `4GB`, etc.
* `privileged`: those containers have actual root access and should * `privileged`: those containers have actual root access and should
explicitely be able to run `DinD` explicitly be able to run `DinD`
* `interactive web terminal`: supports [interactively debugging * `interactive web terminal`: supports [interactively debugging
jobs](https://docs.gitlab.com/ee/ci/interactive_web_terminal/) jobs](https://docs.gitlab.com/ee/ci/interactive_web_terminal/)
* `fdroid`: provided as a courtesy by the [F-Droid project](https://f-droid.org/) * `fdroid`: provided as a courtesy by the [F-Droid project](https://f-droid.org/)
Use tags in your configuration only if your job can be fullfilled by Use tags in your configuration only if your job can be fulfilled by
only some of those runners. For example, only specify a memory tag if only some of those runners. For example, only specify a memory tag if
your job requires a lot of memory. your job requires a lot of memory.
...@@ -435,7 +435,7 @@ see the [log and metrics](#log-and-metrics) section below. ...@@ -435,7 +435,7 @@ see the [log and metrics](#log-and-metrics) section below.
## Logs and metrics ## Logs and metrics
GitLab runners send logs to syslog and systemd. They contain minimal GitLab runners send logs to `syslog` and `systemd`. They contain minimal
private information: the most I could find were Git repository and private information: the most I could find were Git repository and
Docker image URLs, which do contain usernames. Those end up in Docker image URLs, which do contain usernames. Those end up in
`/var/log/daemon.log`, which gets rotated daily, with a one-week `/var/log/daemon.log`, which gets rotated daily, with a one-week
... ...
......