try k8s-native actions once more

2024-05-21 11:27:21 +02:00
parent 03df5e4663
commit 206f8e4c50
2 changed files with 49 additions and 26 deletions
--- a/infrastructure/gitea/actions.deployment.yaml
+++ b/infrastructure/gitea/actions.deployment.yaml
@@ -12,7 +12,7 @@ spec:
        app: actions-runner
    spec:
      hostname: kube-runner
-      # serviceAccountName: actions-runner
+      serviceAccountName: actions-runner
      containers:
      - name: actions-runner
        image: actions-runner
@@ -37,33 +37,56 @@ spec:
            secretKeyRef:
              name: actions-runner-secret
              key: runner-token
+        # - name: GITEA_RUNNER_LABELS
+        #   value: ubuntu-latest:docker://node:16-bullseye,ubuntu-22.04:docker://node:16-bullseye
+        - name: ACTIONS_RUNNER_POD_NAME
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: ACTIONS_RUNNER_REQUIRE_JOB_CONTAINER
+          value: "true"
+        - name: ACTIONS_RUNNER_CONTAINER_HOOKS
+          value: /home/runner/k8s/index.js
+        - name: ACTIONS_RUNNER_CLAIM_NAME
+          value: runner-workdir
        - name: GITEA_RUNNER_LABELS
-          value: ubuntu-latest:docker://node:16-bullseye,ubuntu-22.04:docker://node:16-bullseye
+          value: k8s
        volumeMounts:
+        - name: runner-workdir
+          mountPath: /home/runner/_work
        - name: runner-data
          mountPath: /data
-        - name: docker-certs
-          mountPath: /certs
-      - name: daemon
-        image: docker:23.0.6-dind
-        env:
-        - name: DOCKER_TLS_CERTDIR
-          value: /certs
-        securityContext:
-          privileged: true
-        volumeMounts:
-        - name: docker-certs
-          mountPath: /certs
-        resources:
-          requests:
-            memory: "128Mi"
-            cpu: "500m"
-          limits:
-            memory: "2Gi"
-            cpu: "2"
-
+    
      volumes:
+      - name: runner-workdir
+        persistentVolumeClaim:
+          claimName: runner-workdir
      - name: runner-data
-        emptyDir: {}
-      - name: docker-certs
-        emptyDir: {}
+        persistentVolumeClaim:
+          claimName: runner-data
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: runner-data
+spec:
+  resources:
+    requests:
+      storage: 5Gi
+  storageClassName: "nfs-client"
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: runner-workdir
+spec:
+  resources:
+    requests:
+      storage: 5Gi
+  storageClassName: "nfs-client"
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany