Merge pull request #202 from sezanzeb/master

riemers · web-flow · commit 4cba5bb5e4e2 · 2021-10-29T13:13:38.000+02:00
Constructing the command without no_log, and then adding secrets with no_log
diff --git a/tasks/register-runner.yml b/tasks/register-runner.yml
@@ -23,126 +23,132 @@
       become: "{{ gitlab_runner_system_mode }}"
   when: (verified_runners.stderr.find("Verifying runner... is removed") != -1)
 
+- name: Construct the runner command without secrets
+  # makes the command visible in awx without the secrets and therefore helps with debugging
+  set_fact:
+    command: >
+      {{ gitlab_runner_executable }} register
+      --non-interactive
+      --url '{{ gitlab_runner.url|default(gitlab_runner_coordinator_url) }}'
+      --description '{{ gitlab_runner.name|default(ansible_hostname+"-"+gitlab_runner_index|string) }}'
+      --tag-list '{{ gitlab_runner.tags|default([]) | join(",") }}'
+      {% if gitlab_runner.clone_url|default(false) %}
+      --clone-url "{{ gitlab_runner.clone_url }}"
+      {% endif %}
+      {% if gitlab_runner.run_untagged|default(true) %}
+      --run-untagged
+      {% endif %}
+      --executor '{{ gitlab_runner.executor|default("shell") }}'
+      {% if gitlab_runner.shell is defined %}
+      --shell '{{ gitlab_runner.shell }}'
+      {% endif %}
+      --limit '{{ gitlab_runner.concurrent_specific|default(0) }}'
+      --output-limit '{{ gitlab_runner.output_limit|default(4096) }}'
+      --locked='{{ gitlab_runner.locked|default(false) }}'
+      {% for env_var in gitlab_runner.env_vars|default([]) %}
+      --env '{{ env_var }}'
+      {% endfor %}
+      {% if gitlab_runner.pre_clone_script|default(false) %}
+      --pre-clone-script "{{ gitlab_runner.pre_clone_script }}"
+      {% endif %}
+      {% if gitlab_runner.pre_build_script|default(false) %}
+      --pre-build-script "{{ gitlab_runner.pre_build_script }}"
+      {% endif %}
+      {% if gitlab_runner.tls_ca_file|default(false) %}
+      --tls-ca-file "{{ gitlab_runner.tls_ca_file }}"
+      {% endif %}
+      {% if gitlab_runner.post_build_script|default(false) %}
+      --post-build-script "{{ gitlab_runner.post_build_script }}"
+      {% endif %}
+      --docker-image '{{ gitlab_runner.docker_image|default("alpine") }}'
+      {% if gitlab_runner.docker_privileged|default(false) %}
+      --docker-privileged
+      {% endif %}
+      {% if gitlab_runner.docker_wait_for_services_timeout|default(false) %}
+      --docker-wait-for-services-timeout '{{ gitlab_runner.docker_wait_for_services_timeout|default(30) }}'
+      {% endif %}
+      {% if gitlab_runner.docker_tlsverify|default(false) %}
+      --docker-tlsverify '{{ gitlab_runner.docker_tlsverify|default("true") }}'
+      {% endif %}
+      {% if gitlab_runner.docker_disable_cache|default(false) %}
+      --docker-disable-cache '{{ gitlab_runner.docker_disable_cache|default("false") }}'
+      {% endif %}
+      {% if gitlab_runner.docker_dns|default(false) %}
+      --docker-dns '{{ gitlab_runner.docker_dns|default("1.1.1.1") }}'
+      {% endif %}
+      {% if gitlab_runner.docker_dns_search|default(false) %}
+      --docker-dns-search '{{ gitlab_runner.docker_dns_search|default([]) }}'
+      {% endif %}
+      {% if gitlab_runner.docker_disable_cache|default(false) %}
+      --docker-disable-cache
+      {% endif %}
+      {% if gitlab_runner.docker_oom_kill_disable|default(false) %}
+      --docker-oom-kill-disable '{{ gitlab_runner.docker_oom_kill_disable|default("false") }}'
+      {% endif %}
+      {% for policy in gitlab_runner.docker_pull_policy|default([]) %}
+      --docker-pull-policy "{{ policy }}"
+      {% endfor %}
+      {% for volume in gitlab_runner.docker_volumes|default([]) %}
+      --docker-volumes "{{ volume }}"
+      {% endfor %}
+      {% for device in gitlab_runner.docker_devices|default([]) %}
+      --docker-devices "{{ device }}"
+      {% endfor %}
+      --ssh-user '{{ gitlab_runner.ssh_user|default("") }}'
+      --ssh-host '{{ gitlab_runner.ssh_host|default("") }}'
+      --ssh-port '{{ gitlab_runner.ssh_port|default("") }}'
+      --ssh-identity-file '{{ gitlab_runner.ssh_identity_file|default("") }}'
+      {% if gitlab_runner.executor == "virtualbox" and gitlab_runner.virtualbox_base_name %}
+          --virtualbox-base-name '{{ gitlab_runner.virtualbox_base_name }}'
+          --virtualbox-base-snapshot '{{ gitlab_runner.virtualbox_base_snapshot|default("") }}'
+          --virtualbox-base-folder '{{ gitlab_runner.virtualbox_base_folder|default("") }}'
+          --virtualbox-disable-snapshots '{{ gitlab_runner.virtualbox_disable_snapshots|default(false) }}'
+      {% endif %}
+      {% if gitlab_runner.cache_type is defined %}
+      --cache-type '{{ gitlab_runner.cache_type }}'
+      {% endif %}
+      {% if gitlab_runner.cache_shared|default(false) %}
+      --cache-shared
+      {% endif %}
+      {% if gitlab_runner.cache_path is defined %}
+      --cache-path '{{ gitlab_runner.cache_path }}'
+      {% endif %}
+      {% if gitlab_runner.cache_s3_server_address is defined %}
+      --cache-s3-server-address '{{ gitlab_runner.cache_s3_server_address }}'
+      {% if gitlab_runner.cache_s3_access_key is defined %}
+      --cache-s3-access-key '{{ gitlab_runner.cache_s3_access_key }}'
+      {% endif %}
+      {% endif %}
+      {% if gitlab_runner.cache_s3_bucket_name is defined %}
+      --cache-s3-bucket-name '{{ gitlab_runner.cache_s3_bucket_name }}'
+      {% endif %}
+      {% if gitlab_runner.cache_s3_bucket_location is defined %}
+      --cache-s3-bucket-location '{{ gitlab_runner.cache_s3_bucket_location }}'
+      {% endif %}
+      {% if gitlab_runner.builds_dir|default(false) %}
+      --builds-dir '{{ gitlab_runner.builds_dir }}'
+      {% endif %}
+      {% if gitlab_runner.custom_build_dir_enabled|default(false) %}
+      --custom_build_dir-enabled '{{ gitlab_runner.custom_build_dir_enabled }}'
+      {% endif %}
+      {% if gitlab_runner.cache_dir|default(false) %}
+      --cache-dir '{{ gitlab_runner.cache_dir }}'
+      {% endif %}
+      {% if gitlab_runner.cache_s3_insecure|default(false) %}
+      --cache-s3-insecure
+      {% endif %}
+      {% if gitlab_runner.extra_registration_option is defined %}
+      {{ gitlab_runner.extra_registration_option }}
+      {% endif %}
+
 - name: Register runner to GitLab
   command: >
-    {{ gitlab_runner_executable }} register
-    --non-interactive
-    --url '{{ gitlab_runner.url|default(gitlab_runner_coordinator_url) }}'
+    {{ command }}
     --registration-token '{{ gitlab_runner.token|default(gitlab_runner_registration_token) }}'
-    --description '{{ gitlab_runner.name|default(ansible_hostname+"-"+gitlab_runner_index|string) }}'
-    --tag-list '{{ gitlab_runner.tags|default([]) | join(",") }}'
-    {% if gitlab_runner.clone_url|default(false) %}
-    --clone-url "{{ gitlab_runner.clone_url }}"
-    {% endif %}
-    {% if gitlab_runner.run_untagged|default(true) %}
-    --run-untagged
-    {% endif %}
-    --executor '{{ gitlab_runner.executor|default("shell") }}'
-    {% if gitlab_runner.shell is defined %}
-    --shell '{{ gitlab_runner.shell }}'
-    {% endif %}
-    --limit '{{ gitlab_runner.concurrent_specific|default(0) }}'
-    --output-limit '{{ gitlab_runner.output_limit|default(4096) }}'
-    --locked='{{ gitlab_runner.locked|default(false) }}'
-    {% for env_var in gitlab_runner.env_vars|default([]) %}
-    --env '{{ env_var }}'
-    {% endfor %}
-    {% if gitlab_runner.pre_clone_script|default(false) %}
-    --pre-clone-script "{{ gitlab_runner.pre_clone_script }}"
-    {% endif %}
-    {% if gitlab_runner.pre_build_script|default(false) %}
-    --pre-build-script "{{ gitlab_runner.pre_build_script }}"
-    {% endif %}
-    {% if gitlab_runner.tls_ca_file|default(false) %}
-    --tls-ca-file "{{ gitlab_runner.tls_ca_file }}"
-    {% endif %}
-    {% if gitlab_runner.post_build_script|default(false) %}
-    --post-build-script "{{ gitlab_runner.post_build_script }}"
-    {% endif %}
-    --docker-image '{{ gitlab_runner.docker_image|default("alpine") }}'
-    {% if gitlab_runner.docker_privileged|default(false) %}
-    --docker-privileged
-    {% endif %}
-    {% if gitlab_runner.docker_wait_for_services_timeout|default(false) %}
-    --docker-wait-for-services-timeout '{{ gitlab_runner.docker_wait_for_services_timeout|default(30) }}'
-    {% endif %}
-    {% if gitlab_runner.docker_tlsverify|default(false) %}
-    --docker-tlsverify '{{ gitlab_runner.docker_tlsverify|default("true") }}'
-    {% endif %}
-    {% if gitlab_runner.docker_disable_cache|default(false) %}
-    --docker-disable-cache '{{ gitlab_runner.docker_disable_cache|default("false") }}'
-    {% endif %}
-    {% if gitlab_runner.docker_dns|default(false) %}
-    --docker-dns '{{ gitlab_runner.docker_dns|default("1.1.1.1") }}'
-    {% endif %}
-    {% if gitlab_runner.docker_dns_search|default(false) %}
-    --docker-dns-search '{{ gitlab_runner.docker_dns_search|default([]) }}'
-    {% endif %}
-    {% if gitlab_runner.docker_disable_cache|default(false) %}
-    --docker-disable-cache
-    {% endif %}
-    {% if gitlab_runner.docker_oom_kill_disable|default(false) %}
-    --docker-oom-kill-disable '{{ gitlab_runner.docker_oom_kill_disable|default("false") }}'
-    {% endif %}
-    {% for policy in gitlab_runner.docker_pull_policy|default([]) %}
-    --docker-pull-policy "{{ policy }}"
-    {% endfor %}
-    {% for volume in gitlab_runner.docker_volumes|default([]) %}
-    --docker-volumes "{{ volume }}"
-    {% endfor %}
-    {% for device in gitlab_runner.docker_devices|default([]) %}
-    --docker-devices "{{ device }}"
-    {% endfor %}
-    --ssh-user '{{ gitlab_runner.ssh_user|default("") }}'
-    --ssh-host '{{ gitlab_runner.ssh_host|default("") }}'
-    --ssh-port '{{ gitlab_runner.ssh_port|default("") }}'
-    --ssh-password '{{ gitlab_runner.ssh_password|default("") }}'
-    --ssh-identity-file '{{ gitlab_runner.ssh_identity_file|default("") }}'
-    {% if gitlab_runner.executor == "virtualbox" and gitlab_runner.virtualbox_base_name %}
-        --virtualbox-base-name '{{ gitlab_runner.virtualbox_base_name }}'
-        --virtualbox-base-snapshot '{{ gitlab_runner.virtualbox_base_snapshot|default("") }}'
-        --virtualbox-base-folder '{{ gitlab_runner.virtualbox_base_folder|default("") }}'
-        --virtualbox-disable-snapshots '{{ gitlab_runner.virtualbox_disable_snapshots|default(false) }}'
-    {% endif %}
-    {% if gitlab_runner.cache_type is defined %}
-    --cache-type '{{ gitlab_runner.cache_type }}'
-    {% endif %}
-    {% if gitlab_runner.cache_shared|default(false) %}
-    --cache-shared
-    {% endif %}
-    {% if gitlab_runner.cache_path is defined %}
-    --cache-path '{{ gitlab_runner.cache_path }}'
-    {% endif %}
-    {% if gitlab_runner.cache_s3_server_address is defined %}
-    --cache-s3-server-address '{{ gitlab_runner.cache_s3_server_address }}'
-    {% if gitlab_runner.cache_s3_access_key is defined %}
-    --cache-s3-access-key '{{ gitlab_runner.cache_s3_access_key }}'
-    {% endif %}
     {% if gitlab_runner.cache_s3_secret_key is defined %}
     --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key }}'
     {% endif %}
-    {% endif %}
-    {% if gitlab_runner.cache_s3_bucket_name is defined %}
-    --cache-s3-bucket-name '{{ gitlab_runner.cache_s3_bucket_name }}'
-    {% endif %}
-    {% if gitlab_runner.cache_s3_bucket_location is defined %}
-    --cache-s3-bucket-location '{{ gitlab_runner.cache_s3_bucket_location }}'
-    {% endif %}
-    {% if gitlab_runner.builds_dir|default(false) %}
-    --builds-dir '{{ gitlab_runner.builds_dir }}'
-    {% endif %}
-    {% if gitlab_runner.custom_build_dir_enabled|default(false) %}
-    --custom_build_dir-enabled '{{ gitlab_runner.custom_build_dir_enabled }}'
-    {% endif %}
-    {% if gitlab_runner.cache_dir|default(false) %}
-    --cache-dir '{{ gitlab_runner.cache_dir }}'
-    {% endif %}
-    {% if gitlab_runner.cache_s3_insecure|default(false) %}
-    --cache-s3-insecure
-    {% endif %}
-    {% if gitlab_runner.extra_registration_option is defined %}
-    {{ gitlab_runner.extra_registration_option }}
-    {% endif %}
+    --ssh-password '{{ gitlab_runner.ssh_password|default("") }}'
   when: (verified_runners.stderr.find("Verifying runner... is removed") != -1) or
         ((configured_runners.stderr.find('\n' + gitlab_runner.name|default(ansible_hostname+'-'+gitlab_runner_index|string)) == -1) and
         (gitlab_runner.state|default('present') == 'present'))
