Add configuration values for the Pipelines created containers

[ignaciolg]

I've tried to use my docker file template to deploy Gitness.

In that docker file, I define specific networks for the stack, and usually, I run everything without exposing ports by exposing the services with a tunnel (Cloudflare) or a proxy (Traefik)

Following this approach I have found that it is not possible to run pipelines, as they create the Drone container expecting to have access to Gitness using the 'http://host.docker.internal:3000/' address, instead of 'http://container_name:3000', accessible from the same docker network.

This results in an error on the first step of the pipeline that says 'unable to access 'http://host.docker.internal:3000/'

Changing the docker file by exposing the port makes it work.

It should be possible to specify the network for the newly created containers + where to find Gitness, as docker environment variables that can be passed on the container creation or as part of any docker file

[cozyGalvinism]

+1, am running into the same issue. I am running Gitness behind Traefik and this is pretty annoying.

[bradrydzewski]

Following this approach I have found that it is not possible to run pipelines, as they create the Drone container expecting to have access to Gitness using the 'http://host.docker.internal:3000/' address

I believe this is configurable using GITNESS_URL_CONTAINER

gitness/types/config.go

Lines 99 to 104 in a989595

	// Container is the endpoint that can be used by running container builds to communicate
	// with gitness (for example while performing a clone on a local repo).
	// host.docker.internal allows a running container to talk to services exposed on the host
	// (either running directly or via a port exposed in a docker container).
	// Value is derived from HTTP.Server unless explicitly specified (e.g. http://host.docker.internal:3000).
	Container string `envconfig:"GITNESS_URL_CONTAINER"`

[indaco]

Hello,
any update on this?

@bradrydzewski GITNESS_URL_CONTAINER (not documented at all, Configuration) is the one I thought could work but... it does not.

Here is a simple docker-compose.yml file with just traefik and gitness

version: '3.8'

services:
  traefik:
    container_name: traefik
    image: traefik:latest
    restart: always
    networks:
      - my_net
    ports:
      - '80:80/tcp'
    volumes:
      - ./config/traefik.yml:/etc/traefik/traefik.yml
      - ./logs/:/logs/
      - /var/run/docker.sock:/var/run/docker.sock:ro
    labels:
      - 'traefik.enable=true'
      - 'traefik.http.routers.traefik.rule=Host(`traefik.localhost`)'
      - 'traefik.http.routers.traefik.service=api@internal'
      - 'traefik.http.routers.traefik.entrypoints=web'

  gitness:
    container_name: gitness
    image: harness/gitness:latest
    restart: always
    networks:
      - my_net
    ports:
      - '3000:3000'
    environment:
      - GITNESS_DEBUG=true
      - GITNESS_URL_BASE=http://gitness.localhost
      - GITNESS_HTTP_PORT=3000
      - GITNESS_URL_CONTAINER=http://gitness:3000
      - GITNESS_PRINCIPAL_ADMIN_PASSWORD=password
      - GITNESS_TOKEN_COOKIE_NAME=gitness_code_token
    volumes:
      - gitness_data:/data
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      - 'traefik.enable=true'
      - 'traefik.http.services.gitness.loadbalancer.server.port=3000'
      - 'traefik.http.routers.gitness.rule=Host(`gitness.localhost`)'
      - 'traefik.http.routers.gitness.entrypoints=web'

volumes:
  gitness_data:
    name: 'gitness_data'

networks:
  my_net:
    name: my_net

traefik confile file is a basic one, nothing special

# API and dashboard configuration
api:
  # Dashboard
  dashboard: true
  insecure: false

# Docker configuration backend
providers:
  docker:
    watch: true
    exposedByDefault: false
    swarmMode: false

# Traefik Logging & Access Logging
log:
  level: ERROR
  filePath: /logs/traefik.log
accesslog:
  filePath: /logs/traefik_access.log

# Entrypoint
entryPoints:
  web:
    address: ':80'

With this setup I can create project/repo/pipeline, clone, commit etc. All is working fine except running the pipeline failing at the clone step.

Cloning with 0 retries Initialized empty Git repository in /gitness/.git/ + git fetch origin +refs/heads/main: fatal: unable to access 'http://gitness.localhost/git/playground/go-hello.git/': Failed to connect to gitness port 80 after 2 ms: Connection refused 

I tried severals values for GITNESS_URL_CONTAINER but no way. E.g.

- GITNESS_URL_CONTAINER=http://gitness.localhost
- GITNESS_URL_CONTAINER=http://<container_name>
- GITNESS_URL_CONTAINER=http://<container_name>:3000
- GITNESS_URL_CONTAINER=http://127.0.0.1:3000
- GITNESS_URL_CONTAINER=http://<internal_container_ip>:3000

I tried to set the GITNESS_URL_INTERNAL env variable too

gitness/types/config.go

Lines 95 to 97 in a989595

	// Internal defines the internal URL via which the service is reachable.
	// Value is derived from HTTP.Server unless explicitly specified (e.g. http://localhost:3000).
	Internal string `envconfig:"GITNESS_URL_INTERNAL"`

Who can help? Thanks

[vistaarjuneja]

@ignaciolg @indaco @cozyGalvinism thanks for trying out Gitness and for your insight!
I think I understand the problem - currently we didn't have a way in gitness so that all created containers get added to a specific network or list of networks (this functionality does exist in drone: https://docs.drone.io/runner/docker/configuration/reference/drone-runner-networks/).

I think that small bit should solve this issue where that env variable can be added to the gitness container docker-compose (say GITNESS_CI_CONTAINER_NETWORKS=my_net) and then gitness and all created containers would run on the same network. So that, along with the set value of GITNESS_URL_CONTAINER should allow all containers to interact with gitness.

Let me know if the above makes sense - I do have a PR up for this and have done a basic sanity check using the above traefik config as reference but would be great to hear from you if you think there's a use case that's not being solved. Thanks!

[vistaarjuneja]

Hi folks, the above has been merged and will be available in the next release. We'll update the documentation with this use case. Let me know if you have any thoughts - thanks!

[ignaciolg]

Hi @vistaarjuneja

First, thank you for helping with a solution.

I've tried with the latest tag, the unstablegitnessdemo and the 3.0.0-beta.5 under podman with no succeed. It may be because of how Podman works with networks and spawning new containers, so I will check it later this week with a proper docker environment.

Is there any way to check if the CI runner is connected to the right network?

Here is my docker-compose

❯ cat docker-compose.yml
version: "3"
networks:
  homelab:
     name: homelab

services:
  gitness:
    container_name: gitness
    image: docker.io/harness/gitness
    networks:
      - homelab

    environment:
        - GITNESS_CI_CONTAINER_NETWORKS="homelab"
        - GITNESS_URL_CONTAINER=http://gitness:3000
        - GITNESS_USER_SIGNUP_ENABLED=false
        - GITNESS_URL_BASE=https://my.fancy.domain
        - GITNESS_ENCRYPTER_SECRET=random_encrypter_secret

    volumes:
      - /home/dockerContainers/data/gitness:/data
      - /run/user/1000/podman/podman.sock:/var/run/docker.sock

    restart: unless-stopped

And this is what I get on the pipeline

[alex-dna-tech]

To fix my issue #3485 i use GITNESS_URL_CONTAINER to change route to external domain.

version: "3"
services:
  gitness:
    image: harness/gitness
    restart: unless-stopped
    volumes:
      - ./data/gitness:/data
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - GITNESS_URL_BASE=https://gitness.${DOMAIN}
      - GITNESS_URL_CONTAINER=https://gitness.${DOMAIN}
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.gitness.rule=Host(`gitness.${DOMAIN}`)"
      - "traefik.http.routers.gitness.entrypoints=websecure"
      - "traefik.http.routers.gitness.service=gitness-svc"
      - "traefik.http.services.gitness-svc.loadbalancer.server.port=3000"

[jimsheldon]

Gitness v3.0.0-beta.6 has been released.

Docs have been updated with GITNESS_CI_CONTAINER_NETWORKS and GITNESS_URL_CONTAINER variables.

[ignaciolg]

Working on Gitness v3.0.0-beta.6

A note for podman-compose users

I have created a new network called gitness on my compose.yaml. Not sure why, but podman-compose creates it as gitness_gitness as far as I was able to check using podman network ls

After using podlet to create quadlets (🤦 ) and enabling the service to get gitness up&&running on boot, the network name has changed to systemd-gitness

Using those value on the GITNESS_CI_CONTAINER_NETWORKS worked without problems as you can see on the image.

Keep this in mind

Thank you all! Its great to have a self hosted CI environment integrated on the git platform.

❤️

[vistaarjuneja]

thanks for trying @ignaciolg ! I'll go ahead and close the ticket, let me know if you face any other issues.