gpt4 book ai didi

mysql - Gitlab CI + DinD + MySQL 服务权限问题

转载 作者:IT老高 更新时间:2023-10-28 12:39:33 26 4
gpt4 key购买 nike

我创建了两个 GitLab 工作:

  • 测试单元(使用 GitLab 上的 PHP 注册 docker)
  • 声纳(使用 docker 服务运行“Letsdeal/docker-sonar-scanner”)

我使用以下 gitlab-ci-multi-runner 配置:

concurrent = 1
check_interval = 0

[[runners]]
name = "name-ci"
url = "https://uri/ci"
token = "token"
executor = "docker"
[runners.docker]
tls_verify = false
image = "docker:latest"
privileged = true
disable_cache = false
volumes = ["/cache"]
shm_size = 0
[runners.cache]

测试单元作业正常工作,但声纳作业失败并显示以下消息:

service runner-f66e3b66-project-227-concurrent-0-docker-wait-for-service did timeout

2017-07-05T16:13:18.543802416Z mount: mounting none on /sys/kernel/security failed: Permission denied
2017-07-05T16:13:18.543846406Z Could not mount /sys/kernel/security.
2017-07-05T16:13:18.543855189Z AppArmor detection and --privileged mode might break.
2017-07-05T16:13:18.543861712Z mount: mounting none on /tmp failed: Permission denied

当我将 'runner.docker' 的配置参数 'privileged' 更改为 false 时,Sonar 作业工作但测试单元失败:

service runner-f66e3b66-project-227-concurrent-0-mysql-wait-for-service did timeout

2017-07-05T15:08:49.178114891Z
2017-07-05T15:08:49.178257497Z ERROR: mysqld failed while attempting to check config
2017-07-05T15:08:49.178266378Z command was: "mysqld --verbose --help"
2017-07-05T15:08:49.178271850Z
2017-07-05T15:08:49.178276837Z mysqld: error while loading shared libraries: libpthread.so.0: cannot open shared object file: Permission denied

参数“privileged”必须为真才能在 docker 中使用 docker。但我不明白为什么它会破坏 MySQL 等服务的权限。

这是我的 gitlab-ci 文件:

stage :
- test-unit
- analyse

.php_job_template: &php_job_template
image: custom_docker_image
before_script:
- eval $(ssh-agent -s) && ssh-add <(echo "$SSH_PRIVATE_KEY")
- mkdir -p ~/.ssh && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
services :
- mysql
variables:
MYSQL_DATABASE: blabla
MYSQL_USER: blabla
MYSQL_PASSWORD: blabla
MYSQL_ROOT_PASSWORD: blabla

test_phpunit_dev:
<<: *php_job_template
stage: test-unit
script:
- mysql -h mysql -u blabla -pblabla <<< "SET GLOBAL sql_mode = '';"
- php composer.phar install -q
- php vendor/bin/phpunit -c tests/phpunit.xml

sonar:
stage: analyse
image: docker:1.12.6
services:
- docker:dind
script:
- docker run --rm -v `pwd`:/build -w /build letsdeal/sonar-scanner:2.7 scan -e

我该如何解决这个问题?

最佳答案

为什么不使用 ciricihq/gitlab-sonar-scanner 例如?它不需要使用dind或特权模式

official github repository

关于mysql - Gitlab CI + DinD + MySQL 服务权限问题,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45012652/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com