Administration

Documentation to support administrating runners and servers targeting HPC environments. The information provided here is meant to supplement the official documentation in areas where it may not address HPC focused questions while also providing comprehensive details on all ECP CI related enhancements and applications. For details on using the runners themselves please see the Project Developer documentation or your site local resources.

Jacamar CI

Jacamar is a HPC focused CI/CD driver that work’s in the GitLab custom executor model. The core goal of this project is to establish a maintainable, yet extensively configurable tool that will allow for the use of GitLab’s robust CI model on unique HPC test resources. Allowing code teams to integrate potentially existing pipelines on powerful scientific development environments.

• Introduction
• Admin Tutorial
• Deployment
• Configurations
• Jacamar-Auth
• Supported Executors
• Troubleshooting

Server

GitLab offers a comprehensive development platform all within a single application. A major benefit to using this tool is its both predominately open source and allows for management of self-hosted instances. However, there are a number of features that necessitate the purchase of a license.

All documentation organized here is not written to replace any exiting official documentation offered. We only seek to highlight specifics that are directly related to HPC centers.

• Server Administration
  • Security Considerations

Guides

Highlights best practices as well as potential workflows you may wish to leverage when supporting ECP CI on facility test resources.

Title	Jacamar CI	Server	Description
Non-Root Jacamar CI Downscoping (with Capabilities) via SetUID	√	x	How to deploy, configure, and run Jacamar CI with setuid downscoping as a non-root user.
Non-Root Jacamar CI Downscoping via Sudo	√	x	How to deploy, configure, and run Jacamar CI with sudo downscoping as a non-root user.
Tracing CI Jobs with Administrative Tools	√	x	Using recommended configurations for Jacamar CI along with server logs to proper trace job execution.
Seccomp Plugin Support - Introduction	√	x	Introduction to using Golang plugins to create deployment specific seccomp filters.
Configuring and Troubleshooting Seccomp	√	x	Details on how Seccomp can be configured to meet deployment requirements.
Migrating to new id_tokens from CI_JOB_JWT	√	√	Prepare for breaking changes in GitLab server 16.0 with new id_tokens.
Deploying and Using the Podman Run Mechanism	√	x	Overview of the optional Podman run_mechanism, configurations, and examples.

Latest Releases

Notes for all releases can be found here.

• Jacamar CI v0.19.1
• Jacamar CI v0.19.0
• Jacamar CI v0.18.0