tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-11 18:23:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
nixpkgs/nixos/modules
History
Yaya 6f211d899d nixos/gitlab-runner: Add support runner authentication tokens 
Support for *runner registration tokens* is deprecated since GitLab
16.0, has been disabled by default in GitLab 17.0 and will be removed in
GitLab 18.0, as outlined in the [GitLab documentation].

It is possible to [re-enable support for runner registration tokens]
until GitLab 18.0, to prevent the registration workflow from
breaking.

*Runner authentication tokens*, the replacement for registration tokens,
have been available since GitLab 16.0 and are expected to be defined in
the `CI_SERVER_TOKEN` environment variable, instead of the previous
`REGISTRATION_TOKEN` variable.

This commit adds a new option
`services.gitlab-runner.services.<name>.authenticationTokenConfigFile`.
Defining such option next to
`services.gitlab-runner.services.<name>.registrationConfigFile` brings
the following benefits:
- A warning message can be emitted to notify module users about the
  upcoming breaking change with GitLab 17.0, where *runner registration
  tokens* will be disabled by default, potentially disrupting
  operations.
- Some configuration options are no longer supported with *runner
  authentication tokens* since they will be defined when creating a new
  token in the GitLab UI instead. New warning messages can be emitted to
  notify users to remove the affected options from their configuration.
- Once support for *registration tokens* has been removed in GitLab 18,
  we can remove
  `services.gitlab-runner.services.<name>.registrationConfigFile` as
  well and make module users configure an *authentication token*
  instead.

This commit changes the option type of
`services.gitlab-runner.services.<name>.registrationConfigFile` to
`with lib.types; nullOr str` to allow configuring an authentication
token in
`services.gitlab-runner.services.<name>.authenticationTokenConfigFile`
instead.

A new assertion will make sure that
`services.gitlab-runner.services.<name>.registrationConfigFile` and
`services.gitlab-runner.services.<name>.authenticationTokenConfigFile`
are mutually exclusive. Setting both at the same time would not make
much sense in this case.

[GitLab documentation]: https://docs.gitlab.com/17.0/ee/ci/runners/new_creation_workflow.html#estimated-time-frame-for-planned-changes
[re-enable support for runner registration tokens]: https://docs.gitlab.com/17.0/ee/ci/runners/new_creation_workflow.html#prevent-your-runner-registration-workflow-from-breaking
2024-06-25 17:06:45 +02:00
..
config Merge pull request #312516 from Stunkymonkey/nixos-swap-umask 2024-06-20 20:06:13 +02:00
hardware nixos/hardware/video/virtualbox: move from generic opengl module 2024-06-16 14:11:33 +03:00
i18n/input-method
image repart-image: removing unshare (and util-linux dep) form systemd-repart invocation 2024-06-03 17:48:27 -07:00
installer nixVersions.nix_2_18: 2.18.2 -> 2.18.3 2024-06-22 10:56:11 +02:00
misc nixos/locate: drop with lib{,.types}, misc cleanup 2024-06-11 00:44:19 +02:00
profiles
programs Merge pull request #320737 from Reputable2772/path-priority 2024-06-23 19:49:48 +05:30
security nixos/ipa: Lower default sssd debug_level (#310662) 2024-06-22 11:31:18 -04:00
services nixos/gitlab-runner: Add support runner authentication tokens 2024-06-25 17:06:45 +02:00
system Merge pull request #319359 from misuzu/clevis-zfs-fix 2024-06-24 14:47:55 -04:00
tasks nixos/clevis: add support for parent encrypted zfs datasets 2024-06-12 21:21:50 +03:00
testing nixos/tests: set non-conflicting priority for logrotate disabling 2024-05-10 16:25:51 +03:00
virtualisation Merge pull request #322211 from NyCodeGHG/update-libvirt 2024-06-25 05:47:13 +02:00
module-list.nix Merge pull request #310778 from wineee/dde23 2024-06-25 09:52:28 +08:00
rename.nix nixos/pantheon-tweaks: remove 2024-05-22 21:58:16 +08:00