我正在尝试使我的持续交付工作正常,然后将二进制文件上传到公司服务器,该服务器只能通过VPN连接访问。
问题是,每次尝试时,都会出现以下错误:
Connected as 158.196.194.120 + 2001:718:1001:111::7/64, using SSL
DTLS handshake timed out
DTLS handshake failed: Resource temporarily unavailable, try again.
Failed to bind local tun device (TUNSETIFF): Operation not permitted
To configure local networking, openconnect must be running as root
See http://www.infradead.org/openconnect/nonroot.html for more information
Set up tun device failed
Unknown error; exiting.
奇怪的是,我的代码在sudo
中显式使用了.gitlab-ci.yml
,所以我希望它具有所有权利。
deploy_spline:
stage: deploy
image: martinbeseda/lib4neuro-ubuntu-system-deps:latest
dependencies:
- test_spline
before_script:
- echo "DEPLOY!"
- apt-get -y install lftp openconnect sudo
script:
- mkfifo mypipe
- export USER=${USER}
- echo "openconnect -v --authgroup VSB -u ${USER} --passwd-on-stdin vpn.vsb.cz < mypipe &" > vpn.sh
- chmod +x vpn.sh
- sudo ./vpn.sh
- echo "${PASS}">mypipe
- lftp -u ${USER},${PASS} sftp://moldyn.vsb.cz:/moldyn.vsb.cz/www/releases -e "put build/SSR1D_spline.out; exit"
那么,您知道我的代码怎么了吗?还是GitLab CD的某些特定问题?
答案 0 :(得分:2)
Gitlab CI运行程序需要在特权模式下运行以绑定隧道接口。检查您的 /etc/gitlab-runner/config.toml 文件,并确保您的跑步者将privileged
设置为true
。
[[runners]]
name = "privileged runner"
...
[runners.docker]
privileged = true
没有该设置,构建容器将无法绑定接口,即使是root用户也是如此。