gitea runner

gitea-runner/kustomization.yaml

@@ -0,0 +1,6 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - main.yaml

gitea-runner/main.yaml

@@ -0,0 +1,112 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app.kubernetes.io/instance: gitea-runner
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: act-runner
+    app.kubernetes.io/version: 0.2.11
+    helm.sh/chart: act-runner-0.2.0
+  name: gitea-runner-act-runner
+  namespace: gitea-runner
+---
+apiVersion: v1
+data:
+  config.yaml: |-
+    log:
+      level: info
+    runner:
+      labels:
+        - ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest
+        - ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04
+        - ubuntu-20.04:docker://docker.gitea.com/runner-images:ubuntu-20.04
+        - x64
+    container:
+      force_pull: true
+kind: ConfigMap
+metadata:
+  annotations:
+    checksum/config: 47c62c7084284f915799a694bfead1e221df249e7fa9043ed480992271c13cc8
+  labels:
+    app.kubernetes.io/instance: gitea-runner
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: act-runner
+    app.kubernetes.io/version: 0.2.11
+    helm.sh/chart: act-runner-0.2.0
+  name: gitea-runner-act-runner-config
+  namespace: gitea-runner
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    app.kubernetes.io/instance: gitea-runner
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: act-runner
+    app.kubernetes.io/version: 0.2.11
+    helm.sh/chart: act-runner-0.2.0
+  name: gitea-runner-act-runner
+  namespace: gitea-runner
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: gitea-runner
+      app.kubernetes.io/name: act-runner
+  template:
+    metadata:
+      annotations:
+        checksum/config: 47c62c7084284f915799a694bfead1e221df249e7fa9043ed480992271c13cc8
+        checksum/secret: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
+      labels:
+        app.kubernetes.io/instance: gitea-runner
+        app.kubernetes.io/name: act-runner
+    spec:
+      containers:
+      - env:
+        - name: GITEA_INSTANCE_URL
+          value: https://git.borninpain.de
+        - name: GITEA_RUNNER_REGISTRATION_TOKEN
+          valueFrom:
+            secretKeyRef:
+              key: token
+              name: gitea-runner
+        - name: CONFIG_FILE
+          value: /config/config.yaml
+        - name: DOCKER_HOST
+          value: tcp://localhost:2376
+        - name: DOCKER_CERT_PATH
+          value: /certs/client
+        - name: DOCKER_TLS_VERIFY
+          value: "1"
+        image: docker.io/gitea/act_runner:0.2.11-dind-rootless
+        imagePullPolicy: IfNotPresent
+        name: act-runner
+        securityContext:
+          privileged: true
+        volumeMounts:
+        - mountPath: /data
+          name: data
+        - mountPath: /config
+          name: config
+      restartPolicy: Always
+      securityContext:
+        fsGroup: 1000
+      serviceAccountName: gitea-runner-act-runner
+      terminationGracePeriodSeconds: 10
+      volumes:
+      - configMap:
+          name: gitea-runner-act-runner-config
+        name: config
+  updateStrategy:
+    type: RollingUpdate
+  volumeClaimTemplates:
+  - metadata:
+      name: data
+    spec:
+      accessModes:
+      - ReadWriteOnce
+      resources:
+        requests:
+          storage: 1Gi
+      storageClassName: openebs-3-replicas

gitea-runner/src/kustomization.yaml

@@ -0,0 +1,12 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+helmCharts:
+  - name: act-runner
+    repo: https://gringolito.github.io/helm-charts/
+    version: 0.2.0
+    releaseName: gitea-runner
+    includeCRDs: true
+    namespace: gitea-runner
+    valuesFile: values.yaml

gitea-runner/src/values.yaml

@@ -0,0 +1,207 @@
+# Global values
+global:
+  # -- Override the name of the app.
+  nameOverride: ""
+  # -- Override the fully qualified app name.
+  fullnameOverride: ""
+  # -- Apply labels to all resources.
+  commonLabels: {}
+    # enviornment: production
+
+image:
+  # -- Specify the image name to use (relative to `image.repository`).
+  name: gitea/act_runner
+  # -- Overrides the image tag whose default is the chart appVersion.
+  tag: "0.2.11"
+  # -- Specify the image repository to use.
+  repository: docker.io
+  # -- Specify the image pull policy. Valid values are `Always`, `Never`, `IfNotPresent`.
+  # [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy).
+  pullPolicy: IfNotPresent
+  # -- Specify the image pull secrets if pulling from private registry
+  # [imagePullSecrets](https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod).
+  pullSecrets: []
+  #  - name: <REGISTRY_SECRET>
+
+runner:
+  updateStrategy:
+    # -- Specify the update strategy used to replace old Pods by new ones valid options are `RollingUpdate`, `OnDelete`.
+    # [strategy](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies)
+    type: RollingUpdate  # @schema enum:[RollingUpdate, OnDelete]
+
+  # Docker in Docker configuration for running Docker commands inside the runner.
+  dockerDind:
+    # -- Enable Docker in Docker with root user.
+    enabled: false
+    # -- Docker DinD image repository and tag.
+    image: docker:23.0.6-dind
+
+  # -- Gitea instance URL where the runner will register.
+  instanceURL: https://git.borninpain.de
+
+  # Runner registration token configuration.
+  token:
+    # -- Set the Runner registration token value. If existing secret is specified this value is not used.
+    value: ""
+    # Specify an existing secret containing the Runner registration token.
+    fromSecret:
+      # -- Specify the secret name containing the Runner registration token.
+      name: gitea-runner
+      # -- Specify the key in the secret that contains the Runner registration token.
+      key: token
+
+  # Runner custom configuration settings.
+  config:
+    # -- Enable custom configuration for the runner deployment.
+    enabled: true
+    # -- Specify runner's custom configuration in YAML format.
+    # @default -- See [values.yaml](./values.yaml) for default configuration
+    data: |
+      log:
+        level: info
+      runner:
+        labels:
+          - ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest
+          - ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04
+          - ubuntu-20.04:docker://docker.gitea.com/runner-images:ubuntu-20.04
+          - x64
+      container:
+        force_pull: true
+
+# -- Define environment variables for the runner container.
+# @default -- See [values.yaml](./values.yaml) for default configuration
+env:
+  - name: DOCKER_HOST
+    value: tcp://localhost:2376
+  - name: DOCKER_CERT_PATH
+    value: /certs/client
+  - name: DOCKER_TLS_VERIFY
+    value: "1"
+  # - name: GITEA_RUNNER_LABELS
+  #   value: ""
+
+# Persistent storage configuration for runner data.
+persistence:
+  # -- Enable persistent storage for runner data.
+  enabled: true
+  # -- Storage class name for the PersistentVolumeClaim.
+  storageClassName: openebs-3-replicas
+  # -- Access modes for the PersistentVolumeClaim.
+  accessModes: ReadWriteOnce
+  # -- Size of the PersistentVolumeClaim.
+  size: 1Gi
+  # -- Path inside the container where the volume will be mounted.
+  mountPath: "/data"
+  # -- Label selectors for the PersistentVolumeClaim.
+  selector: {}
+
+# Service account configuration for the runner pods.
+serviceAccount:
+  # -- Specifies whether a service account should be created.
+  create: true
+  # -- Annotations to add to the service account.
+  annotations: {}
+  # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template.
+  name: ""
+
+# Horizontal Pod Autoscaler configuration.
+autoscaling:
+  # -- Enable horizontal pod autoscaling.
+  enabled: false
+  # -- Minimum number of replicas.
+  minReplicas: 1  # @schema minimum:1
+  # -- Maximum number of replicas.
+  maxReplicas: 100  # @schema minimum:1
+  # -- Target CPU utilization percentage for scaling.
+  targetCPUUtilizationPercentage: 80  # @schema minimum:0;maximum:100
+  # -- Target memory utilization percentage for scaling.
+  targetMemoryUtilizationPercentage: 80  # @schema minimum:0;maximum:100
+
+# -- Define environment variables from existing ConfigMap or Secret data.
+envFrom: []
+#  - configMapRef:
+#      name: <CONFIGMAP_NAME>
+#  - secretRef:
+#     name: <SECRET_NAME>
+
+# -- Number of runner replicas.
+replicas: 1  # @schema minimum:1
+
+# -- Annotations to add to the runner pods.
+podAnnotations: {}
+
+# -- Labels to add to the runner pods.
+podLabels: {}
+
+# -- Priority class name for the runner pods.
+# [priorityClassName](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass).
+podPriorityClassName: ""
+
+# -- Pod security context configuration. Only applied when using rootless container.
+# [PodSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/).
+podSecurityContext:
+  fsGroup: 1000
+
+# -- Security context configuration for the runner container.
+# [SecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/).
+securityContext: {}
+  # privileged: true
+
+# -- Resource requests and limits for the runner container.
+# [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
+resources: {}
+  # requests:
+  #   cpu: 200m
+  #   memory: 256Mi
+  # limits:
+  #   cpu: 200m
+  #   memory: 256Mi
+
+# -- Lifecycle hooks for the runner container.
+# [Lifecycle](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/).
+lifecycle: {}
+  # preStop:
+  #   exec:
+  #     command:
+  #     - /bin/sleep
+  #     - "10"
+
+# -- Termination grace period in seconds for the runner pods.
+terminationGracePeriodSeconds: 10  # @schema minimum:0
+
+# -- Node selector for scheduling runner pods on specific nodes.
+# [nodeSelector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector).
+nodeSelector: {}
+
+# -- Tolerations for scheduling runner pods on nodes with taints.
+# [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/).
+tolerations: []
+
+# -- Affinity and anti-affinity rules for runner pod scheduling.
+# [Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity).
+affinity: {}
+
+# -- Topology spread constraints for distributing runner pods across zones/nodes.
+# [TopologySpreadConstraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/).
+topologySpreadConstraints: []
+
+# -- Additional volumes to attach to the runner pods.
+extraVolumes: []
+
+# -- Additional volume mounts for the runner container.
+extraVolumeMounts: []
+
+# -- Init containers to run before the main runner container.
+initContainers: []
+
+# -- Additional sidecar containers to run alongside the runner container.
+extraContainers: []
+
+# -- Liveness probe configuration for the runner container.
+# [LivenessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes).
+livenessProbe: {}
+
+# -- Readiness probe configuration for the runner container.
+# [ReadinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes).
+readinessProbe: {}
+