英文:
How to pass Gitlab Credentials in Custom Runner
问题
我已创建了一个自定义的Gitlab CI/CD运行程序。我使用了基于项目的令牌。
New-Item -Path 'C:\GitLab-Runner' -ItemType Directory
cd 'C:\GitLab-Runner'
Invoke-WebRequest -Uri "https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-windows-amd64.exe" -OutFile "gitlab-runner.exe"
.\gitlab-runner.exe install
.\gitlab-runner.exe start
./gitlab-runner.exe register --url http://gitlab.my-company.net/ --registration-token $REGISTRATION_TOKEN
我从用户界面获取的令牌,但我遇到了以下错误:
远程: HTTP基本身份验证: 访问被拒绝。提供的密码或令牌不正确,或者您的帐户启用了双因素身份验证(2FA),必须使用个人访问令牌而不是密码。
英文:
I have created a custom Gitlab CI/CD runner. I used project based token.
New-Item -Path 'C:\GitLab-Runner' -ItemType Directory
cd 'C:\GitLab-Runner'
Invoke-WebRequest -Uri "https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-windows-amd64.exe" -OutFile "gitlab-runner.exe"
.\gitlab-runner.exe install
.\gitlab-runner.exe start
./gitlab-runner.exe register --url http://gitlab.my-company.net/ --registration-token $REGISTRATION_TOKEN
The token I get from the UI,
But I am getting this error,
> remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password.
答案1
得分: 1
你需要首先检查使用的GitLab版本。
如在“注册 Runner(已弃用)”中所述:
在GitLab 15.6中已弃用了传递 Runner 注册令牌的功能,计划在17.0中删除,同时不再支持某些配置参数
GitLab计划引入新的GitLab Runner 令牌架构,引入了一种新的注册 Runner 方法并消除了传统的Runner 注册令牌。
Thread 82118也关注了这个问题:
你是否在Gitlab上使用了LDAP或SSO认证?
我遇到了一个问题,我们的 Runner 正在尝试在后台进行LDAP/Kerberos身份验证,但失败了。
我们以为这是与CI_JOB_TOKEN有关的问题,但事实并非如此。
OP Imran Qadir Baksh - Baloch在评论中补充道:
正如“Gitlab流水线失败“remote: HTTP基本:访问被拒绝””所示,添加
clone_url修复了问题。现在,我遇到了
引发异常时调用“WriteAllText”与“2”个参数(s):
“拒绝访问路径'c:\builds\xxx\xxx.tmp\CI_SERVER_TLS_CA_FILE'。”使用
mcr.microsoft.com/dotnet/sdk:6.0.202-windowsservercore-ltsc2019可以解决这个问题,正如gitlab-org/gitlab-runner问题27891中所提到的。
英文:
You need first to check the version of GitLab used.
As noted in "Registering runners (deprecated)"
> The ability to pass a runner registration token was deprecated in GitLab 15.6 and is planned for removal in 17.0, along with support for certain configuration arguments
>
> GitLab plans to introduce a new GitLab Runner token architecture, which introduces a new method for registering runners and eliminates the legacy runner registration token.
Thread 82118 also follows that issue:
> Did you perhaps have some form of LDAP or SSO authentication in place on Gitlab?
I ran into an issue where our runner was trying to authenticate with LDAP/Kerberos under the hood, which was failing.
We thought it was an issue with the CI_JOB_TOKEN, but that was not the issue.
The OP Imran Qadir Baksh - Baloch adds in the comments:
> As shown in "Gitlab Pipeline failing "remote: HTTP Basic: Access denied"", adding clone_url fixed it.
>
> Now, I am getting
>
> Exception calling "WriteAllText" with "2" argument(s):
> "Access to the path 'c:\builds\xxx\xxx.tmp\CI_SERVER_TLS_CA_FILE' is denied."
>
> And that is fixed by using mcr.microsoft.com/dotnet/sdk:6.0.202-windowsservercore-ltsc2019, as mentioned in gitlab-org/gitlab-runner issue 27891.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论