init

runner/config.yml

@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: gitea-runner
+data:
+  config: |
+    log:
+      level: info
+    runner:
+      # Where to store the registration result.
+      file: /data/.runner
+      # Execute how many tasks concurrently at the same time.
+      capacity: 1
+      # Extra environment variables to run jobs.
+      envs:
+        ACT_RUNNER_SEC: test-runner-1
+      env_file: .env
+      timeout: 3h
+      insecure: true
+      fetch_timeout: 5s
+      fetch_interval: 3s
+      labels: []
+    cache:
+      enabled: false
+      dir: ""
+      host: ""
+      port: 0
+      external_server: ""
+    container:
+      network: ""
+      privileged: false
+      options:
+      workdir_parent:
+      valid_volumes: []
+      docker_host: ""
+      force_pull: false
+    host:
+      workdir_parent:

runner/deployment.yml

@@ -0,0 +1,75 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: gitea-runner
+spec:
+  serviceName: "gitea-runner-service"
+  selector:
+    matchLabels:
+      app: gitea-runner
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: gitea-runner
+    spec:
+      containers:
+        - name: gitea-runner-dind
+          securityContext:
+            privileged: true
+          image: docker:dind
+          env:
+            - name: DOCKER_DRIVER
+              value: "overlay2"
+            - name: DOCKER_TLS_CERTDIR
+              value: ""
+          volumeMounts:
+          - name: docker-socket
+            mountPath: "/var/run"
+        - name: gitea-runner
+          image: gitea/act_runner:nightly
+          env:
+            # FIXME: use secret
+            - name: GITEA_RUNNER_REGISTRATION_TOKEN
+              value: "MPAEFqYGNTXhkmgJFMyakT58epIpQMfxQ6d20yyb"
+            - name: GITEA_INSTANCE_URL
+              value: "http://gitea.k8s.example.com:30429/"
+            - name: CONFIG_FILE
+              value: "/config/config.yaml"
+          volumeMounts:
+          - name: config
+            mountPath: "/config"
+            readOnly: true
+          - name: runner-data
+            mountPath: "/data"
+          - name: docker-socket
+            mountPath: "/var/run"
+          # FIXME: use socat
+          startupProbe:
+            exec:
+              command: ["/bin/sh", "-c", "sleep 10"]
+            timeoutSeconds: 12
+      volumes:
+        - name: config
+          configMap:
+            name: gitea-runner
+            items:
+            - key: "config"
+              path: "config.yaml"
+  volumeClaimTemplates:
+  - metadata:
+      name: runner-data
+    spec:
+      accessModes: 
+        - "ReadWriteOncePod"
+      resources:
+        requests:
+          storage: 256Mi
+  - metadata:
+      name: docker-socket
+    spec:
+      accessModes: 
+        - "ReadWriteOncePod"
+      resources:
+        requests:
+          storage: 256Mi

runner/storage.yml

@@ -0,0 +1,11 @@
+# runner cache
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: gitea-runner-storage
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 4Gi