Catatan Mas Wachid

Gitlab

Cara memperbaiki error cannot create resource “secrets” in API group “” in the namespace “gitlab-runner”

Byadmin web

Aug 17, 2024 
Running with gitlab-runner 16.10.0 (81ab07f6)
  on gitlab-runner-instance-02-577878b99f-d68hp jkD5TfzPt, system ID: r_hgMM9mLUHhIU
Preparing the "kubernetes" executor
00:00
Using Kubernetes namespace: gitlab-runner
Using Kubernetes executor with image sll-dev-regs.kemenhub.go.id/library/docker:24.0.5 ...
Using attach strategy to execute scripts...
Preparing environment
00:00
ERROR: Error cleaning up secrets: resource name may not be empty
ERROR: Job failed (system failure): prepare environment: setting up credentials: secrets is forbidden: User "system:serviceaccount:gitlab-runner-02:default" cannot create resource "secrets" in API group "" in the namespace "gitlab-runner-02". Check https://docs.gitlab.com/runner/shells/index.html#shell-profile-loading for more information

Membuat Cluster role berikut contohnya, bisa juga dengan menggunakan rancher gui untuk membuat role nya

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: cr-gitlab-runner-instance-01
rules:
  - apiGroups:
      - '*'
    resources:
      - '*'
    verbs:
      - create
      - delete
      - get
      - list
      - patch
      - update
      - watch
#  - apiGroups:
#      - string
#    nonResourceURLs:
#      - string
#    resourceNames:
#      - string
#    resources:
#      - string
#    verbs:
#      - string

Role diatas harus di koneksikan (binding)

Membuat Cluster Role binding dengan Service account

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: crb-gitlab-runner-instance-01
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cr-gitlab-runner-instance-01
subjects:
  - kind: ServiceAccount
    name: default
    namespace: gitlab-runner

Bisa juga langsung jadi satu menjalankannya dengan di pisahkan tanda — sebagaimana :

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: cr-gitlab-runner-instance-01
rules:
  - apiGroups:
      - '*'
    resources:
      - '*'
    verbs:
      - create
      - delete
      - get
      - list
      - patch
      - update
      - watch
#  - apiGroups:
#      - string
#    nonResourceURLs:
#      - string
#    resourceNames:
#      - string
#    resources:
#      - string
#    verbs:
#      - string

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: crb-gitlab-runner-instance-01
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cr-gitlab-runner-instance-01
subjects:
  - kind: ServiceAccount
    name: default
    namespace: gitlab-runner

By admin web

Related Post

Gitlab

Melakukan instalasi Gitlab dengan docker compose

Jan 18, 2024 admin web
Gitlab

Cara menginstall Sefl-Signed SSL pada Gitlab

Jul 9, 2023 admin web
Gitlab Ubuntu

Cara menginstall Gitlab pada Ubuntu 22.04 | 20.04 | 18.04

Jul 8, 2023 admin web

Leave a Reply

Your email address will not be published. Required fields are marked *

You missed

Uncategorized

Cara perbaiki ASK ERROR: activating LV ‘lvm-hdd-02/lvm-hdd-02’

May 26, 2025 admin web
Uncategorized

Cara setting NTP di server aix

March 11, 2025 admin web
Uncategorized

Cara menginstall gitlab dengan registry menggunakan docker

February 22, 2025 admin web
Uncategorized

Script update ubuntu 18.04 ke 22.04

February 20, 2025 admin web