CI Issues

fatal: No names found, cannot describe anything.

When git describe –tags is used to detect version name but repository doesn't contain tags.

Possible reasons of failure:

• shallow clone, to unshallow run sudo git fetch –unshallow
• gitlab ???

Synchronizing submodule url for 'xxx'
Cloning into 'xxx'...
error: cannot run ssh: No such file or directory
fatal: unable to fork
fatal: clone of 'git@gitlab.xxx:xxx/xxx.git' into submodule path 'xxx' failed

Looks like SSH client is not installed in Job image (install openssh-clients).

Reason: During clone operation Gitlab Runner is using small helper (around 66MB) image where ssh client is not installed:

docker run --rm -it registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:alpine-latest-x86_64-000bc602 ssh

It is possible to chose flavour of helper image: helper-image

Images source: runner-helper

Ubuntu helper flavour contains ssh client:

docker run --rm -it gitlab/gitlab-runner-helper:ubuntu-x86_64-bleeding ssh
docker run --rm -it gitlab/gitlab-runner-helper:ubuntu-x86_64-v15.11.1 ssh

Solution: use Ubuntu based helper image:

config.toml

  [runners.docker]
    helper_image = "gitlab/gitlab-runner-helper:ubuntu-x86_64-v16.0.2"
    helper_image_flavor = "ubuntu"

Workaround 1: use relative submodules as described in Using relative URLs. Gitlab runner will use https to clone submodules.

Workaround 2: Rewrite submodule URLs to HTTPS

Error:

fatal: detected dubious ownership in repository at

fatal: unsafe repository ('/builds/rPrca3qv/0/group/project' is owned by someone else)
To add an exception for this directory, call:
	git config --global --add safe.directory /builds/rPrca3qv/0/group/project

Workaround:

git config --global --add safe.directory ${CI_PROJECT_DIR}

Workarounds:

• Configure project clone directory as safe by default
• Mark project working directory as safe for Git

Best workaround: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29022#note_1356788508

config.toml

[[runners]]
  environment = ["GIT_CONFIG_COUNT=1", "GIT_CONFIG_KEY_0=safe.directory", "GIT_CONFIG_VALUE_0=*", "GIT_CONFIG_PARAMETERS='safe.directory=*'"]

or re-register runner with args:

gitlab-runner register \
      --env "GIT_CONFIG_COUNT=1" \
      --env "GIT_CONFIG_KEY_0=safe.directory" \
      --env "GIT_CONFIG_VALUE_0=*" \
      --env "GIT_CONFIG_PARAMETERS="'safe.directory=*'"

Note: According to bitbake.conf: mark all directories as safe for git to read :

This can be set globally via the
internal environment variable GIT_CONFIG_PARAMETERS, we can't use
GIT_CONFIG_*_KEY/VALUE as that isn't present in all the releases which
have the ownership check.

fatal: unable to access 'https://gitlab-ci-token:[MASKED]@gitlab.example.com/superproject/sandbox.git/': server certificate verification failed. CAfile: none CRLfile: none

Problem test:

git clone https://gitlab.example.com
 
fatal: unable to access 'https://gitlab.example.com/': server certificate verification failed. CAfile: none CRLfile: none

Solution:

sudo apt update; sudo apt install -yq libgnutls30 ca-certificates

Dockerfile fix:

RUN apt-get update && apt-get install -yq --no-install-recommends \
    ca-certificates \
    libgnutls30 \
    && apt-get clean && rm -rf /var/lib/apt/lists/*