apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "gitea-act-runner.fullname" . }}
labels:
{{- include "gitea-act-runner.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "gitea-act-runner.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "gitea-act-runner.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "gitea-act-runner.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
containers:
- name: {{ .Chart.Name }}-runner
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
command: ["/bin/sh"]
args: ["-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"]
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: DOCKER_HOST
value: tcp://localhost:2376
- name: DOCKER_CERT_PATH
value: /certs/client
- name: DOCKER_TLS_VERIFY
value: "0"
- name: GITEA_INSTANCE_URL
value: {{ .Values.giteaInstance }}
- name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
secretKeyRef:
name: {{ include "gitea-act-runner.fullname" . }}-token
key: token
{{- if .Values.configAsCode.enabled }}
- name: CONFIG_FILE
value: /data/config.yaml
{{- end }}
ports:
- name: http
containerPort: {{ .Values.service.port }}
protocol: TCP
#livenessProbe:
# httpGet:
# path: /
# port: http
#readinessProbe:
# httpGet:
# path: /
# port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- name: gitea-act-runner-data
mountPath: /data
{{- if .Values.configAsCode.enabled }}
- name: gitea-act-runner-config
mountPath: /data/config.yaml
subPath: config.yaml
{{- end }}
- name: docker-certs
mountPath: /certs
resources:
{{- toYaml .Values.resources | nindent 12 }}
- name: {{ .Chart.Name }}-daemon
image: docker:23.0.6-dind
env:
- name: DOCKER_TLS_CERTDIR
value: /certs
securityContext:
privileged: true
volumeMounts:
- name: gitea-act-runner-data
mountPath: /data
- name: docker-certs
mountPath: /certs
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:
- name: docker-certs
emptyDir: {}
- name: gitea-act-runner-data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (include "gitea-act-runner.fullname" .) }}-data
{{- else }}
emptyDir: {}
{{- end }}
{{- if .Values.configAsCode.enabled }}
- name: gitea-act-runner-config
configMap:
name: {{ include "gitea-act-runner.fullname" . }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}