Running with gitlab-runner 16.10.0 (81ab07f6) on gitlab-runner-instance-02-577878b99f-d68hp jkD5TfzPt, system ID: r_hgMM9mLUHhIU Preparing the "kubernetes" executor 00:00 Using Kubernetes namespace: gitlab-runner Using Kubernetes executor with image sll-dev-regs.kemenhub.go.id/library/docker:24.0.5 ... Using attach strategy to execute scripts... Preparing environment 00:00 ERROR: Error cleaning up secrets: resource name may not be empty ERROR: Job failed (system failure): prepare environment: setting up credentials: secrets is forbidden: User "system:serviceaccount:gitlab-runner-02:default" cannot create resource "secrets" in API group "" in the namespace "gitlab-runner-02". Check https://docs.gitlab.com/runner/shells/index.html#shell-profile-loading for more information
Membuat Cluster role berikut contohnya, bisa juga dengan menggunakan rancher gui untuk membuat role nya
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cr-gitlab-runner-02
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
# - apiGroups:
# - string
# nonResourceURLs:
# - string
# resourceNames:
# - string
# resources:
# - string
# verbs:
# - string
Role diatas harus di koneksikan (binding)
Membuat Cluster Role binding dengan Service account
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: gitlab-runner-02
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cr-gitlab-runner-02
subjects:
- kind: ServiceAccount
name: default
namespace: gitlab-runner-02