Administration

This section provides documentation to support administering runners and servers targeting HPC environments. The information provided here is meant to supplement GitLab’s official documentation in areas where it may not address HPC-focused questions, while also providing comprehensive details on all Jacamar CI related enhancements and applications. For details on using the runners themselves, please see the Project Developer documentation or your site-local resources.

Jacamar CI

Jacamar CI is the HPC-focused CI/CD driver using GitLab’s custom executor model. The core goal of this project is to establish a maintainable, yet extensively configurable tool that will allow for the use of GitLab’s robust testing on unique resources, allowing code teams to integrate existing pipelines on powerful scientific development environments.

• Introduction
• Admin Tutorial
• Deployment
• Configurations
• Jacamar-Auth
• Supported Executors
• Troubleshooting

Server

GitLab offers a comprehensive development platform all within a single application. A major benefit to using this tool is that it’s both predominantly open source and allows for management of self-hosted instances. However, there are a number of features that necessitate the purchase of a license.

The documentation organized here is not written to replace any existing official documentation offered. We only seek to highlight specifics that are directly related to HPC centers.

• Server Administration
  • Security Considerations

Guides

This section highlights best practices as well as potential workflows you may wish to leverage when supporting CI on facility HPC/test resources.

Title	Jacamar CI	Server	Description
Non-Root Jacamar CI Downscoping (with Capabilities) via SetUID	Yes	No	How to deploy, configure, and run Jacamar CI with setuid downscoping as a non-root user.
Non-Root Jacamar CI Downscoping via Sudo	Yes	No	How to deploy, configure, and run Jacamar CI with sudo downscoping as a non-root user.
Tracing CI Jobs with Administrative Tools	Yes	No	Using recommended configurations for Jacamar CI along with server logs to properly trace job execution.
Seccomp Plugin Support - Introduction	Yes	No	Introduction to using Golang plugins to create deployment-specific seccomp filters.
Configuring and Troubleshooting Seccomp	Yes	No	Details on how Seccomp can be configured to meet deployment requirements.
Migrating to new id_tokens from CI_JOB_JWT	Yes	Yes	Prepare for breaking changes in GitLab server v17.0 with new id_tokens.
Deploying and Using the Podman Run Mechanism	Yes	No	Overview of the optional Podman run_mechanism, configurations, and user examples.
Deploying and Using the Charliecloud Run Mechanism	Yes	No	Overview of the optional Charliecloud run_mechanism, configurations, and user examples.

Latest Releases

Notes for all releases can be found here.

• Jacamar CI v0.27.1
• Jacamar CI v0.27.0
• Jacamar CI v0.26.2
• Jacamar CI v0.26.1
• Jacamar CI v0.26.0