From 206f8e4c50ae439133aaa78aa49eb8599235927b Mon Sep 17 00:00:00 2001
From: Remy Moll <me@moll.re>
Date: Tue, 21 May 2024 11:27:21 +0200
Subject: [PATCH] try k8s-native actions once more

---
 infrastructure/gitea/actions.deployment.yaml | 73 +++++++++++++-------
 infrastructure/gitea/kustomization.yaml      |  2 +-
 2 files changed, 49 insertions(+), 26 deletions(-)

diff --git a/infrastructure/gitea/actions.deployment.yaml b/infrastructure/gitea/actions.deployment.yaml
index 8670c35..6abe7ec 100644
--- a/infrastructure/gitea/actions.deployment.yaml
+++ b/infrastructure/gitea/actions.deployment.yaml
@@ -12,7 +12,7 @@ spec:
         app: actions-runner
     spec:
       hostname: kube-runner
-      # serviceAccountName: actions-runner
+      serviceAccountName: actions-runner
       containers:
       - name: actions-runner
         image: actions-runner
@@ -37,33 +37,56 @@ spec:
             secretKeyRef:
               name: actions-runner-secret
               key: runner-token
+        # - name: GITEA_RUNNER_LABELS
+        #   value: ubuntu-latest:docker://node:16-bullseye,ubuntu-22.04:docker://node:16-bullseye
+        - name: ACTIONS_RUNNER_POD_NAME
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: ACTIONS_RUNNER_REQUIRE_JOB_CONTAINER
+          value: "true"
+        - name: ACTIONS_RUNNER_CONTAINER_HOOKS
+          value: /home/runner/k8s/index.js
+        - name: ACTIONS_RUNNER_CLAIM_NAME
+          value: runner-workdir
         - name: GITEA_RUNNER_LABELS
-          value: ubuntu-latest:docker://node:16-bullseye,ubuntu-22.04:docker://node:16-bullseye
+          value: k8s
         volumeMounts:
+        - name: runner-workdir
+          mountPath: /home/runner/_work
         - name: runner-data
           mountPath: /data
-        - name: docker-certs
-          mountPath: /certs
-      - name: daemon
-        image: docker:23.0.6-dind
-        env:
-        - name: DOCKER_TLS_CERTDIR
-          value: /certs
-        securityContext:
-          privileged: true
-        volumeMounts:
-        - name: docker-certs
-          mountPath: /certs
-        resources:
-          requests:
-            memory: "128Mi"
-            cpu: "500m"
-          limits:
-            memory: "2Gi"
-            cpu: "2"
-
+    
       volumes:
+      - name: runner-workdir
+        persistentVolumeClaim:
+          claimName: runner-workdir
       - name: runner-data
-        emptyDir: {}
-      - name: docker-certs
-        emptyDir: {}
+        persistentVolumeClaim:
+          claimName: runner-data
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: runner-data
+spec:
+  resources:
+    requests:
+      storage: 5Gi
+  storageClassName: "nfs-client"
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: runner-workdir
+spec:
+  resources:
+    requests:
+      storage: 5Gi
+  storageClassName: "nfs-client"
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany
diff --git a/infrastructure/gitea/kustomization.yaml b/infrastructure/gitea/kustomization.yaml
index 364ab36..cf63840 100644
--- a/infrastructure/gitea/kustomization.yaml
+++ b/infrastructure/gitea/kustomization.yaml
@@ -17,7 +17,7 @@ namespace: gitea
 
 images:
   - name: actions-runner
-    newName: gitea/act_runner
+    newName: ghcr.io/christopherhx/gitea-actions-runner
     newTag: nightly