riemers · guenhter · Feb 5, 2026 · Feb 2, 2026 · Feb 3, 2026 · Feb 3, 2026
diff --git a/.gitignore b/.gitignore
@@ -2,3 +2,4 @@ ansible.cfg
 .idea
 .vscode
 *.pyc
+/.venv
diff --git a/meta/main.yml b/meta/main.yml
@@ -1,7 +1,8 @@
 ---
 galaxy_info:
-  author: Erik-jan Riemers
+  role_name: gitlab_runner
   namespace: riemers
+  author: Erik-jan Riemers
   description: GitLab Runner
   license: MIT
   min_ansible_version: "2.13"

diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
@@ -0,0 +1,15 @@
+---
+- name: Converge (apply role with selected vars)
+  hosts: runner
+  become: true
+
+  vars_files:
+    - vars/common.yml
+
+  pre_tasks:
+    - name: Load extra vars
+      ansible.builtin.include_vars: "{{ lookup('env', 'TEST_VARS_FILE') }}"
+      when: lookup('env', 'TEST_VARS_FILE') is defined
+
+  roles:
+    - role: riemers.gitlab_runner
diff --git a/molecule/default/expected/initial.toml b/molecule/default/expected/initial.toml
@@ -0,0 +1,21 @@
+concurrent = 8
+check_interval = 0
+
+[[runners]]
+  name = "Example Docker GitLab Runner"
+  limit = 0
+  output_limit = 4096
+  url = "http://mock:8000"
+  environment = []
+  id = 0
+  token_expires_at = 0001-01-01T00:00:00Z
+  executor = "docker"
+  [runners.docker]
+    image = ""
+    disable_cache = false
+    volumes = ["/cache"]
+    pull_policy = "if-not-present"
+    shm_size = 0
+  [runners.feature_flags]
+    FF_TIMESTAMPS = true
+  [runners.cache]
diff --git a/molecule/default/expected/updated.toml b/molecule/default/expected/updated.toml
@@ -0,0 +1,21 @@
+concurrent = 8
+check_interval = 0
+
+[[runners]]
+  name = "Example Docker GitLab Runner"
+  limit = 0
+  url = "http://mock:8000"
+  environment = []
+  output_limit = 32768
+  id = 0
+  token_expires_at = 0001-01-01T00:00:00Z
+  executor = "docker"
+  [runners.cache]
+  [runners.docker]
+    image = "alpine"
+    privileged = true
+    shm_size = 0
+    disable_cache = false
+    pull_policy = "always"
+    volumes = ["/cache"]
+
diff --git a/molecule/default/mock/requirements.txt b/molecule/default/mock/requirements.txt
@@ -0,0 +1 @@
+flask
diff --git a/tests/files/mock_gitlab_runner_ci.py → molecule/default/mock/server.py b/tests/files/mock_gitlab_runner_ci.py → molecule/default/mock/server.py
@@ -49,21 +49,8 @@ def verify_runner():
 
 
 if __name__ == '__main__':
-    pid = str(os.getpid())
-    pidfile = os.path.expanduser(sys.argv[1])
-
-    if os.path.isfile(pidfile):
-        print("{} already exists, exiting".format(pidfile))
-        sys.exit(1)
-
     port = int(sys.argv[2])
 
-    with open(pidfile, 'w') as f:
-        f.write(pid)
-
     logging.basicConfig(level=logging.DEBUG)
 
-    try:
-        app.run(port=port, debug=False)
-    finally:
-        os.unlink(pidfile)
+    app.run(port=port, host="0.0.0.0", debug=True)
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -0,0 +1,60 @@
+---
+dependency:
+  name: galaxy
+  options:
+    ignore-errors: true
+
+driver:
+  name: docker
+  docker_networks:
+    - name: testnet
+      ipam_config:
+        - subnet: "172.28.0.0/16"
+      dns:
+        - 127.0.0.11
+
+platforms:
+  - name: mock
+    image: python:3.11-slim
+    pre_build_image: true
+    networks:
+      - name: testnet
+    command: >
+      bash -lc "pip install -r /srv/mock/requirements.txt && python /srv/mock/server.py 8000"
+    volumes:
+      - "${MOLECULE_SCENARIO_DIRECTORY}/mock:/srv/mock:ro"
+    published_ports:
+      - "8000:8000"
+
+  - name: runner
+    image: geerlingguy/docker-ubuntu2204-ansible
+    pre_build_image: true
+    networks:
+      - name: testnet
+    privileged: true
+    cgroupns_mode: host
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /run
+      - /run/lock
+    command: /sbin/init
+
+provisioner:
+  name: ansible
+  playbooks:
+    converge: ${MOLECULE_PLAYBOOK:-converge.yml}
+  env:
+    TEST_VARS_FILE: "${TEST_VARS_FILE}"
+    EXPECTED_TOML: "${EXPECTED_TOML}"
+  inventory:
+    hosts:
+      all:
+        hosts:
+          mock:
+          runner:
+
+verifier:
+  name: testinfra
+  options:
+    v: true
diff --git a/molecule/default/tests/test_config.py b/molecule/default/tests/test_config.py
@@ -0,0 +1,47 @@
+import os
+import pytest
+import tomllib
+import testinfra.utils.ansible_runner
+
+EXPECTED_ENV = "EXPECTED_TOML"
+CONFIG_PATH = "/etc/gitlab-runner/config.toml"
+IGNORED_CONFIG_FIELDS = ("token_obtained_at", "token")
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('runner')
+
+
+def _load_toml_string(content: str):
+    return tomllib.loads(content)
+
+def _load_toml_file(path: str):
+    with open(path, "rb") as f:
+        return tomllib.loads(f.read().decode("utf-8"))
+
+def _normalize(cfg: dict):
+    cfg = dict(cfg)  # płytka kopia
+    if "runners" in cfg and isinstance(cfg["runners"], list):
+        cleaned = []
+        for r in cfg["runners"]:
+            r = dict(r)
+            for k in IGNORED_CONFIG_FIELDS:
+                r.pop(k, None)
+            cleaned.append(r)
+        cfg["runners"] = cleaned
+    return cfg
+
+def test_config_matches_expected(host):
+    expected_path = os.environ.get(EXPECTED_ENV)
+    assert expected_path, f"{EXPECTED_ENV} variable not set"
+
+    f = host.file(CONFIG_PATH)
+    assert f.exists, f"{CONFIG_PATH} does not exist on host"
+    assert f.is_file, f"{CONFIG_PATH} is not a file"
+
+    got = _normalize(_load_toml_string(f.content_string))
+    expected = _normalize(_load_toml_file(expected_path))
+
+    assert got == expected, (
+        "config.toml is different than expected\n"
+        f"Expected: {expected_path}"
+    )
diff --git a/molecule/default/vars/common.yml b/molecule/default/vars/common.yml
@@ -0,0 +1,4 @@
+gitlab_runner_coordinator_url: http://mock:8000
+gitlab_runner_no_log_secrets: true
+gitlab_runner_config_update_mode: 'by_template'
+gitlab_runner_registration_token_type: "authentication-token"
diff --git a/molecule/default/vars/initial.yml b/molecule/default/vars/initial.yml
@@ -0,0 +1,14 @@
+gitlab_runner_runners:
+  - name: 'Example Docker GitLab Runner'
+    token: ABCD
+    executor: docker
+    docker_pull_policy: if-not-present
+    privileged: false
+    docker_disable_cache: false
+    docker_shm_size: 0
+    tags:
+      - docker
+    docker_volumes:
+      - /cache
+    feature_flags:
+      FF_TIMESTAMPS: true
diff --git a/molecule/default/vars/updated.yml b/molecule/default/vars/updated.yml
@@ -0,0 +1,15 @@
+gitlab_runner_runners:
+  - name: 'Example Docker GitLab Runner'
+    token: ABCD
+    executor: docker
+    docker_pull_policy: always
+    docker_image: "alpine"
+    docker_privileged: true
+    docker_disable_cache: false
+    docker_shm_size: 0
+    output_limit: 32768
+    tags:
+      - docker
+      - privileged
+    docker_volumes:
+      - /cache
diff --git a/molecule/pytest.ini b/molecule/pytest.ini
@@ -0,0 +1,2 @@
+[pytest]
+addopts = -vv --maxfail=1 --tb=short
diff --git a/molecule/requirements.txt b/molecule/requirements.txt
@@ -0,0 +1,5 @@
+ansible-core
+molecule
+molecule-plugins[docker]
+pytest
+testinfra
diff --git a/run_tests.sh b/run_tests.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+set -euox pipefail
+
+molecule create
+
+
+TEST_VARS_FILE=vars/initial.yml molecule converge
+EXPECTED_TOML=expected/initial.toml molecule verify
+
+TEST_VARS_FILE=vars/updated.yml molecule converge
+EXPECTED_TOML=expected/updated.toml molecule verify
+
+molecule destroy
diff --git a/tasks/template_config/load_existing_fields.yml b/tasks/template_config/load_existing_fields.yml
@@ -5,7 +5,7 @@
 
 - name: "(Update config: template) Load runner values from config.toml"
   when:
-    - runner_name | default(False)
+    - runner_name | default('') | length > 0
     - runner_name != 'None'
   block:
     - name: "(Update config: template) Set variables for runner {{ runner_name }}"

diff --git a/tests/inventory b/tests/inventory
diff --git a/tests/test.yml b/tests/test.yml
diff --git a/tests/travis-bootstrap-ansible.ps1 b/tests/travis-bootstrap-ansible.ps1
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,3 +2,4 @@ ansible.cfg @@
     .idea
     .vscode
     *.pyc
+    /.venv