I have been using a self hosted Gitlab-Runner for my CI though I do not have any self instance server of Gitlab, just the runner, so I use gitlab.com directly. I have been using this runner until very recently on a Linux machine and it has been working ok.
However, for several non-relevant issues I have moved it to Windows and I started getting errors. I get the same errors if I run the Gitlab-Runner in Docker instead of Windows/Linux.
I get the famous error:
"x509: certificate signed by unknown authority"
Which is related to:
https://docs.gitlab.com/runner/configuration/tls-self-signed.html
https://about.gitlab.com/blog/2019/07/31/docker-in-docker-with-docker-19-dot-03/
I have tried to disable TLS (DOCKER_TLS_CERTDIR="" in my .gitlab-ci.yml), but it does not work as I get the error "no active session for o2sqatkibxtn725ie4jpr4d7u: context deadline exceeded" when I try to build an image with docker build blabla when running the CI.
Does anyone have a working example with gitlab.com? All examples I have seen are related to self-instances of Gitlab, so they explain you they have created a certificate and place it in a folder, etc. However, if I am using Gitlab.com, how can I create a certificate? If I am not the owner of it (my knowledge here is very small). As far as I understood it should be the Gitlab-Runner the one creating such certificates but I do not see them anywhere. I have tried adding volumes in the Gitlab-Runner ( volumes = ["/certs/client", "/cache"]) and adding then DOCKER_TLS_CERTDIR="/certs" as mentioned on the links above, but it does not work.
If I run my CI using the shared-runners, then it works ok. A slice of my CI looks like this:
stages:
- test
- build
- deploy
variables:
DOCKER_TLS_CERTDIR = "blabla"
test_server:
tags:
- mytag
stage: test
image: docker/compose:1.27.4
services:
- docker:19.03.8-dind
before_script:
- echo "$CI_JOB_TOKEN" | docker login -u $CI_REGISTRY_USER --password-stdin $GITLAB_REGISTRY
script:
- docker build blabla
Thank you in advance and regards.
