Gitlab CI - gitlab-runner run as root

Here is documentation for how to use sudo and gitlab-runner user. I am not sure, but I think it creates multiple runners.

On CentOS 8 I modified the gitlab-runner.service and changed the --user option to root.
Here is the default configuration:

/usr/bin/gitlab-runner run --working-directory /home/gitlab-runner --config /etc/gitlab-runner/config.toml --service gitlab-runner --user gitlab-runner

or

root@server# cat /etc/systemd/system/gitlab-runner.service
[Unit]
Description=GitLab Runner
After=syslog.target network.target
ConditionFileIsExecutable=/usr/bin/gitlab-runner

[Service]
StartLimitInterval=5
StartLimitBurst=10
ExecStart=/usr/bin/gitlab-runner "run" "--working-directory" "/home/gitlab-runner" "--config" "/etc/gitlab-runner/config.toml" "--service" "gitlab-runner" "--user" "gitlab-runner"

Restart=always
RestartSec=120

[Install]
WantedBy=multi-user.target

and I changed to this:

[Unit]
Description=GitLab Runner
After=syslog.target network.target
ConditionFileIsExecutable=/usr/bin/gitlab-runner

[Service]
StartLimitInterval=5
StartLimitBurst=10
ExecStart=/usr/bin/gitlab-runner "run" "--working-directory" "/home/gitlab-runner" "--config" "/etc/gitlab-runner/config.toml" "--service" "gitlab-runner" "--user" "root"

User=root
Group=root

Restart=always
RestartSec=120

[Install]
WantedBy=multi-user.target

NOTE

Absolutely I did not have security concerns, and did it for test, plase make sure you are considering security part.

Tags:

Gitlab

Gitlab Ci

Gitlab Ci Runner

Recent Posts