gitlab-ci的注意点

在使用gitlab搭配gitlab-runner进行ci配置时，发现两个问题，略记如下备忘：

1. 若发现ci job控制台显示无法下载该项目，但当前提交代码人和ci用户都确实具备该项目的访问权限时，需要检查的是，该访问权限是否是由该账号为系统管理员而具备的权限。也就是需要确保，提交代码的账号，必须是该项目的正常权限所有者（比如private项目则比如加入member并具备report以上权限）。

2. 若指定的docker image报错信息形如 < lt; 字符如何如何，则应该检查该docker镜像是否已经配置了 ENTRYPOINT ， ENTRYPOINT 的参数可能与gitlab-runner 调用 docker 时的方式质检存在冲突。一般改为使用CMD方式的简单启动模式的image即可。

附：

nodejs模块的ci配置

image: node:latest

stages:
  - build

job_build:
  stage: build
  script:
    - npm publish --registry=http://****/
  only:
    - develop
  tags:
    - nodejs

nodejs的gitlab-runner配置：

concurrent = 4
check_interval = 0

[[runners]]
  name = "nodejsrunner"
  url = "https://***/"
  token = "0f2ac********429"
  executor = "docker"
  [runners.docker]
    tls_verify = false
    image = "node:latest"
    privileged = false
    disable_cache = false
    volumes = ["/cache", "/root:/root"]
    shm_size = 0
  [runners.cache]

maven模块的ci配置：

image: maven:3-jdk-8

stages:
  - build

job_build:
  stage: build
  script:
    - mvn clean deploy -Dmaven.test.skip=true -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true
  only:
    - develop
  tags:
    - develop

maven模块的gitlab-runner配置：

concurrent = 4
check_interval = 0

[[runners]]
  name = "develop"
  url = "https://*****/"
  token = "vdj-R*******J"
  tls-ca-file = "/etc/gitlab-runner/****.crt"
  tls-cert-file = "/etc/gitlab-runner/****.crt"
  executor = "docker"
  [runners.docker]
    tls_verify = false
    image = "openjdk:8"
    privileged = false
    disable_cache = false
    volumes = ["/cache", "/root/.m2:/root/.m2"]
    pull_policy = "if-not-present"
    shm_size = 0
  [runners.cache]

[[runners]]
  name = "gitlabrunner"
  url = "https://******/"
  token = "dd5*********178"
  executor = "docker"
  [runners.docker]
    tls_verify = false
    image = "openjdk:8"
    privileged = false
    disable_cache = false
    volumes = ["/cache", "/root/.m2:/root/.m2"]
    pull_policy = "if-not-present"
    shm_size = 0
  [runners.cache]