Missing sudo rights

[easbar]

Thanks for providing this role!
Unfortunately, I am getting this error:

TASK [riemers.gitlab-runner : (Debian) Install GitLab Runner] *************************************************************************************************************************************************************************************************
fatal: [78.46.244.166]: FAILED! => {"cache_update_time": 1571013460, "cache_updated": false, "changed": false, "msg": "'/usr/bin/apt-get -y -o \"Dpkg::Options::=--force-confdef\" -o \"Dpkg::Options::=--force-confold\"      install 'gitlab-runner'' failed: E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)\nE: Unable to lock the administration directory (/var/lib/dpkg/), are you root?\n", "rc": 100, "stderr": "E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)\nE: Unable to lock the administration directory (/var/lib/dpkg/), are you root?\n", "stderr_lines": ["E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)", "E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?"], "stdout": "", "stdout_lines": []}

To me it looks like you are missing become: true for the Install GitLab Runner play in install-debian.yml (and in install-redhat.yml too).
Even when I fix this there seem to be more missing become: true lines in a few places where /etc/gitlab-runner/config.toml is modified:

• At Get existing config.toml in tasks/config-runners.yml
• In all of the three plays in tasks/global-setup.yml

Am I supposed to run the whole role with become: true ? And if yes why are there some become: true lines in your role then (e.g. in the Install Gitlab repository play in install-debian.yml) ?

[riemers]

Well normally it does run under root, if you have docker options in gitlab runnner it needs it. So yes in my ansible jobs i have become: true.

If there are still some becomes it might be because the role has had so many adjustments over time that it could be from that part. However you could install gitlabr runner under its own user account and not add things like a gitlab runner docker which requires root. Perhaps that is why they are still there, have not tried that though.

[easbar]

Thanks for the quick response. I am not worried about installing gitlab-runner under root, but it would be cleaner to set become: true only for the plays that need it ? Would you be interested in a PR adding these ?

[riemers]

since most people would use it with become:true for the whole playbook anyway. I don't see any downsides if you want to do a PR for that. Only plus sides :)