feat: support self-signed certificates

[baolsen]

Description

This change simply allows the Gitlab runner to register and run with a self-signed gitlab instance. The runner helper image can access such an instance.

Closes #563

Migrations required

NO

Verification

I've verified that the iniital change works in my own environment where I have self-signed certificates in use.
I have not verified that the changes after enabling pre-commit and tf docs etc work, but they should...

[baolsen]

@kayman-mk please take a look.
I closed the linked PR as it was easier to create a new branch.

[baolsen]

Just a note, I could only get this to work with the docker executor.

With docker+machine I tried but could not find a way to install the certs on the child runners, I think it is not natively supported and no longer maintained either.

Perhaps if someone else in future wants this functionality they can provide a PR for it.

[kayman-mk]

I will do a quick check in my environment. Code looks good.

[kayman-mk]

Verified that my runners in a complex scenario are still running (without using the new feature): Success

[npalm]

Tested the PR on the default branch, docker machines are not starting healthy. Build are not starting.

NAME                                        ACTIVE   DRIVER      STATE     URL                    SWARM   DOCKER    ERRORS
runner-gksonazu-npalm-1670767825-0f2da2d9   -        amazonec2   Running   tcp://10.0.1.93:2376           Unknown   Unable to query dockerversion: Cannot connect to the docker engine endpoint

So seems the change in the start scripts breaks the runners.

[npalm]

Tested the PR on the default branch, docker machines are not starting healthy. Build are not starting.

NAME                                        ACTIVE   DRIVER      STATE     URL                    SWARM   DOCKER    ERRORS
runner-gksonazu-npalm-1670767825-0f2da2d9   -        amazonec2   Running   tcp://10.0.1.93:2376           Unknown   Unable to query dockerversion: Cannot connect to the docker engine endpoint

So seems the change in the start scripts breaks the runners.

Another run, now it seems working. Would like to check the PR in a bit more detail

The base branch was changed.

[jpooler]

@npalm any chance this one can get merged in? being able to customize certs makes dind possible, among other things.

[kayman-mk]

@baolsen @npalm Same here. Merged the current main in, but the pipelines are no longer starting. Seems to be a problem with the cloud init script.

EDIT: Sorry, my fault. Merge conflict not solved.

[kayman-mk]

@npalm Could you please recheck? Looks good here. Tested the "no own certificate" path only. So nobody should be affected by this change.

[npalm]

@baolsen sorry for the late response. But it seems the PR is not merged correctly. I made on one place a comment, but it seems there are multiple places where the reabase went wrong. Please can you fix the rebase?

[npalm]

@kayman-mk I also checked the default example. For me the PR is OK. But the only thing that is strange is. When I do a local rebase with main, I got merge conflicts. But form reason they are not shown here.

[npalm]

@baolsen thank you for you contribution!