blob: 4c08f2a9c271b25cc4849f23dc45a9acb8eac82d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
apiVersion: onepassword.com/v1
kind: OnePasswordItem
metadata:
name: runner-secret
spec:
itemPath: "vaults/Kubernetes/items/Gitea Runner Secrets"
---
apiVersion: v1
kind: ConfigMap
metadata:
name: docker-daemon-config
data:
daemon.json: |
{
"registry-mirrors": ["https://pt-dh.int.xeserv.us"]
}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
app.kubernetes.io/name: act-runner
name: act-runner
annotations:
keel.sh/policy: all
keel.sh/trigger: poll
keel.sh/pollSchedule: "@hourly"
spec:
selector:
matchLabels:
app.kubernetes.io/name: act-runner
template:
metadata:
labels:
app.kubernetes.io/name: act-runner
spec:
restartPolicy: Always
volumes:
- name: docker-certs
emptyDir: {}
- name: runner-data
emptyDir: {}
- name: docker-daemon-config
configMap:
name: docker-daemon-config
containers:
- name: runner
image: gitea/act_runner:nightly-dind
imagePullPolicy: Always
env:
- name: GITEA_INSTANCE_URL
value: http://git.gitea.svc.alrest.xeserv.us
- name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
secretKeyRef:
name: runner-secret
key: token
securityContext:
privileged: true
runAsUser: 0
volumeMounts:
- name: runner-data
mountPath: /data
subPath: "actions"
- name: docker-daemon-config
mountPath: "/etc/docker"
|
