try once more
This commit is contained in:
@@ -17,15 +17,8 @@ spec:
|
|||||||
restartPolicy: Always
|
restartPolicy: Always
|
||||||
containers:
|
containers:
|
||||||
- name: runner
|
- name: runner
|
||||||
image: runner
|
image: vegardit/gitea-act-runner:dind-latest
|
||||||
command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"]
|
|
||||||
env:
|
env:
|
||||||
- name: DOCKER_HOST
|
|
||||||
value: tcp://localhost:2376
|
|
||||||
- name: DOCKER_CERT_PATH
|
|
||||||
value: /certs/client
|
|
||||||
- name: DOCKER_TLS_VERIFY
|
|
||||||
value: "1"
|
|
||||||
- name: GITEA_INSTANCE_URL
|
- name: GITEA_INSTANCE_URL
|
||||||
value: "https://git.kluster.moll.re"
|
value: "https://git.kluster.moll.re"
|
||||||
- name: GITEA_RUNNER_REGISTRATION_TOKEN
|
- name: GITEA_RUNNER_REGISTRATION_TOKEN
|
||||||
@@ -37,36 +30,18 @@ spec:
|
|||||||
valueFrom:
|
valueFrom:
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: metadata.name
|
fieldPath: metadata.name
|
||||||
volumeMounts:
|
- name: GITEA_RUNNER_UID
|
||||||
- name: docker-certs
|
value: '1000'
|
||||||
mountPath: /certs
|
- name: GITEA_RUNNER_GID
|
||||||
- name: runner-data
|
value: '1000'
|
||||||
mountPath: /data
|
- name: GITEA_RUNNER_JOB_CONTAINER_PRIVILEGED
|
||||||
resources:
|
value: 'true'
|
||||||
limits:
|
|
||||||
memory: "1Gi"
|
|
||||||
cpu: "1"
|
|
||||||
|
|
||||||
- name: daemon
|
|
||||||
image: daemon
|
|
||||||
env:
|
|
||||||
- name: DOCKER_TLS_CERTDIR
|
|
||||||
value: /certs
|
|
||||||
securityContext:
|
securityContext:
|
||||||
privileged: true
|
privileged: true
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: docker-certs
|
- name: runner-data
|
||||||
mountPath: /certs
|
mountPath: /data
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
memory: "128Mi"
|
|
||||||
cpu: "500m"
|
|
||||||
limits:
|
|
||||||
memory: "4Gi"
|
|
||||||
cpu: "4"
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: docker-certs
|
|
||||||
emptyDir: {}
|
|
||||||
- name: runner-data
|
- name: runner-data
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: runner-data
|
claimName: runner-data
|
||||||
|
|||||||
@@ -1,27 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
name: builder-service-account
|
|
||||||
namespace: gitea
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: RoleBinding
|
|
||||||
metadata:
|
|
||||||
name: builder-rolebinding
|
|
||||||
namespace: target
|
|
||||||
roleRef:
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
kind: ClusterRole
|
|
||||||
name: edit
|
|
||||||
subjects:
|
|
||||||
- namespace: gitea
|
|
||||||
kind: ServiceAccount
|
|
||||||
name: builder-service-account
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: builder-service-account-secret
|
|
||||||
annotations:
|
|
||||||
kubernetes.io/service-account.name: builder-service-account
|
|
||||||
type: kubernetes.io/service-account-token
|
|
||||||
@@ -1,19 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Config
|
|
||||||
clusters:
|
|
||||||
- name: default-cluster
|
|
||||||
cluster:
|
|
||||||
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUzTVRFME9ESXhNak13SGhjTk1qUXdNekkyTVRrME1qQXpXaGNOTXpRd016STBNVGswTWpBegpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUzTVRFME9ESXhNak13V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFSaU9Pbi9VbTdjODFrN3ZuVmg4L2djaHk4blpFdTBCQkFiSjdZLzluVE8KMGJEV2ZYYU9TaTgrU1FHM09pYjBlYXNvWGVwSU8zWmNJTHhjNFRsRk9LQWpvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVW43TDJHblhVOFNMUHhHMkpxazlsClZ2SXFRbzh3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUloQUpuVEhaYlRXcWw0NzVvNWZCczYwV0dwRXQ5TytnM2wKTnVucE5GUGR2Qld1QWlCSDhhRFZhMlI3YklkaWxRUlVlVG9Lb1VsaSsya0tJZGNqdWVjVVNmZHFodz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
|
|
||||||
|
|
||||||
server: https://192.168.1.201:6443
|
|
||||||
contexts:
|
|
||||||
- name: default-context
|
|
||||||
context:
|
|
||||||
cluster: default-cluster
|
|
||||||
namespace: gitea
|
|
||||||
user: default-user
|
|
||||||
current-context: default-context
|
|
||||||
users:
|
|
||||||
- name: default-user
|
|
||||||
user:
|
|
||||||
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IjdvVVZLWkRwWERHTEl0RWV0S0hZYVlGRy1tQWF5T01BcVp6OXdmTml4QmcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJnaXRlYSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJidWlsZGVyLXNlcnZpY2UtYWNjb3VudC1zZWNyZXQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiYnVpbGRlci1zZXJ2aWNlLWFjY291bnQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI2MjliYTA5Yy03ZDZlLTQxNTctOGYxYS01ZjRmM2NiYTc0MDQiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6Z2l0ZWE6YnVpbGRlci1zZXJ2aWNlLWFjY291bnQifQ.DW-GQVhZfY4YPzPDcXVHVzQZu-kT3ryVy2NHdk2sIP-G4hBurcLQduCTILJxr1xMwaUKhQ-yp9xjaGb4kTcKvSA7oLmAMeOhoWWsxE7c
|
|
||||||
@@ -7,19 +7,11 @@ resources:
|
|||||||
- gitea.servicemonitor.yaml
|
- gitea.servicemonitor.yaml
|
||||||
- actions.deployment.yaml
|
- actions.deployment.yaml
|
||||||
- actions.sealedsecret.yaml
|
- actions.sealedsecret.yaml
|
||||||
- actions.rbac.yaml
|
# - actions.rbac.yaml
|
||||||
|
|
||||||
|
|
||||||
namespace: gitea
|
namespace: gitea
|
||||||
|
|
||||||
images:
|
|
||||||
- name: runner
|
|
||||||
newName: gitea/act_runner
|
|
||||||
newTag: nightly
|
|
||||||
- name: daemon
|
|
||||||
newName: docker
|
|
||||||
newTag: 23.0.6-dind
|
|
||||||
|
|
||||||
|
|
||||||
helmCharts:
|
helmCharts:
|
||||||
- name: gitea
|
- name: gitea
|
||||||
|
|||||||
Reference in New Issue
Block a user