2

I have a Gitlab runner that runs all kind of jobs using Docker executors (host is Ubuntu 20, guests are various Linux images). The runner runs containers as unprivileged.

I am stumped on an apparently simple requirement - I need to deploy some artifacts on a Windows machine that exposes the target path as an authenticated share (\\myserver\myapp). Nothing more than replacing files on the target with the ones on the source - a simple rsync would be fine.

Gitlab Runner does not allow specifying mounts in the CI config (see https://gitlab.com/gitlab-org/gitlab-runner/-/issues/28121), so I tried using mount.cifs, but I discovered that by default Docker does not allow mounting anything inside the container unless running privileged, which I would like to avoid.

I also tried the suggestion to use --cap-add as described at Mount SMB/CIFS share within a Docker container but they do not seem to be enough for my host, there are probably other required capabilities and I have no idea how to identify them. Also, this looks just slightly less ugly than running privileged.

Now, I do not strictly need to mount the remote folder - if there were an SMB-aware rsync command for example I would be more than happy to use that. Unfortunately I cannot install or run anything on the Windows machine (no SSH, no SCP, no FTP), I have to use the file share mechanism.

Do you have any idea on how achieve this?

Luca Leonardo Scorcia
  • 445
  • 6
  • 16

2 Answers2

1

You can use smbclient to copy files from or to a CIFS/Samba/SMB share without creating a mount:

smbclient '//myfileserver.domain.tld/sharename' --directory dir1/subdir1 -c 'put /path/to/local/file' -U '<USERNAME>%<PASSWORD>' -W <DOMAIN_WORKGROUP>

put will copy a local file to the remote share and get will copy a remote file from the share to your local system.

stackprotector
  • 10,498
  • 4
  • 35
  • 64
0

Unfortunately I cannot install anything on the Windows machine (no SSH, no SCP, no FTP).

You could simply copy an executable (that you can build anywhere else) in Go, listening to a port, ready to receive a file.
This this implementation for instance: file-receive.go. It listens on port 8080 (can be changed) and copies the file content to a local folder.

No installation or setup required: just copy the exe to the target machine and run it.

From your GitLab runner, you can 'curl' send a file to the remote PC machine, port 8080.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Thanks for your reply. When I wrote "I cannot install anything on the machine" what I really meant is "I can't run any executable on the target machine" - it that weren't the case I would have just copied over rsync or something like that. I will edit the question to reflect this. – Luca Leonardo Scorcia Mar 15 '23 at 21:03
  • @LucaLeonardoScorcia OK, I hope someone will propose a better option for your use case. – VonC Mar 15 '23 at 21:48