Skip to content

Commit

Permalink
Re-deploying gitea; adding Runner test code
Browse files Browse the repository at this point in the history
  • Loading branch information
danmanners committed Sep 23, 2023
1 parent 939d88a commit 9c90d86
Show file tree
Hide file tree
Showing 6 changed files with 109 additions and 17 deletions.
4 changes: 2 additions & 2 deletions infrastructure-provisioning/on-prem/talos/talconfig.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
clusterName: opcluster

talosVersion: v1.5.1
kubernetesVersion: 1.28.0
talosVersion: v1.5.2
kubernetesVersion: 1.28.2
endpoint: "https://opcluster.homelab.danmanners.com:6443"

cniConfig:
Expand Down
2 changes: 1 addition & 1 deletion manifests/workloads/gitea/database/git-cluster.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ spec:
instances: 2
primaryUpdateStrategy: unsupervised
storage:
size: 30Gi
size: 40Gi
storageClass: ceph-rbd
superuserSecret:
name: gitdb-superuser
Expand Down
85 changes: 85 additions & 0 deletions manifests/workloads/gitea/runners/deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
apiVersion: v1
kind: Pod
metadata:
name: gitea-runner
namespace: git
labels:
gitea-runner: ''
spec:
serviceAccountName: grt
restartPolicy: OnFailure
initContainers:
- name: fetch-runner-token
image: init-container-image
command: ["ash", "-c"]
args:
- |
apk add --no-cache curl 2>&1 >/dev/null
export ARCH=$(uname -m | awk '{print ($1=="x86_64" ? "amd64" : ($1=="aarch64" ? "arm64" : "unknown"))}')
curl -sLO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${ARCH}/kubectl" 2>&1 >/dev/null
chmod +x ./kubectl 2>&1 >/dev/null
./kubectl exec -n git deployments/gitea -c gitea -- gitea actions grt > /token/GITEA_RUNNER_REGISTRATION_TOKEN
echo "Registration Token: $(cat /token/GITEA_RUNNER_REGISTRATION_TOKEN)"
resources: {}
volumeMounts:
- name: token
mountPath: /token
containers:
- name: runner
image: runner-image
command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"]
env:
- name: DOCKER_HOST
value: tcp://localhost:2376
- name: DOCKER_CERT_PATH
value: /certs/client
- name: DOCKER_TLS_VERIFY
value: "1"
- name: GITEA_INSTANCE_URL
value: http://gitea-http.git.svc.cluster.local:3000
- name: GITEA_RUNNER_REGISTRATION_TOKEN_FILE
value: /token/GITEA_RUNNER_REGISTRATION_TOKEN
resources: {}
volumeMounts:
- name: token
mountPath: /token
- name: docker-certs
mountPath: /certs
- name: runner-data
mountPath: /data
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
- name: daemon
image: docker-daemon-image
resources: {}
env:
- name: DOCKER_TLS_CERTDIR
value: /certs
securityContext:
privileged: true
volumeMounts:
- name: docker-certs
mountPath: /certs
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
volumes:
- name: docker-certs
emptyDir: {}
- name: runner-data
persistentVolumeClaim:
claimName: act-runner-vol
- name: token
emptyDir: {}
terminationGracePeriodSeconds: 30
securityContext: {}
tolerations:
- key: node.kubernetes.io/not-ready
operator: Exists
effect: NoExecute
tolerationSeconds: 300
- key: node.kubernetes.io/unreachable
operator: Exists
effect: NoExecute
tolerationSeconds: 300
11 changes: 11 additions & 0 deletions manifests/workloads/gitea/runners/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,14 @@ resources:
- pod.yaml
- pvc.yaml
- rbac-test-job.yaml

images:
- name: init-container-image
newName: core.harbor.homelab.danmanners.com/docker.io/library/alpine
newTag: latest
- name: runner-image
newName: core.harbor.homelab.danmanners.com/docker.io/gitea/act_runner
newTag: nightly
- name: docker-daemon-image
newName: core.harbor.homelab.danmanners.com/docker.io/library/docker
newTag: 23.0.6-dind
8 changes: 4 additions & 4 deletions manifests/workloads/gitea/runners/pod.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ spec:
restartPolicy: OnFailure
initContainers:
- name: fetch-runner-token
image: core.harbor.homelab.danmanners.com/docker.io/library/alpine:latest
image: init-container-image
command: ["ash", "-c"]
args:
- |
Expand All @@ -19,13 +19,14 @@ spec:
curl -sLO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${ARCH}/kubectl" 2>&1 >/dev/null
chmod +x ./kubectl 2>&1 >/dev/null
./kubectl exec -n git deployments/gitea -c gitea -- gitea actions grt > /token/GITEA_RUNNER_REGISTRATION_TOKEN
echo "Registration Token: $(cat /token/GITEA_RUNNER_REGISTRATION_TOKEN)"
resources: {}
volumeMounts:
- name: token
mountPath: /token
containers:
- name: runner
image: core.harbor.homelab.danmanners.com/docker.io/gitea/act_runner:nightly
image: runner-image
command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"]
env:
- name: DOCKER_HOST
Expand All @@ -38,7 +39,6 @@ spec:
value: http://gitea-http.git.svc.cluster.local:3000
- name: GITEA_RUNNER_REGISTRATION_TOKEN_FILE
value: /token/GITEA_RUNNER_REGISTRATION_TOKEN
# Mount the secret from the init container
resources: {}
volumeMounts:
- name: token
Expand All @@ -51,7 +51,7 @@ spec:
terminationMessagePolicy: File
imagePullPolicy: Always
- name: daemon
image: core.harbor.homelab.danmanners.com/docker.io/library/docker:23.0.6-dind
image: docker-daemon-image
resources: {}
env:
- name: DOCKER_TLS_CERTDIR
Expand Down
16 changes: 6 additions & 10 deletions manifests/workloads/gitea/values.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
replicaCount: 2
replicaCount: 1 # Without a RWX storageclass, we can't run more than one replica. RIParoni-Pepperoni.

global:
imageRegistry: core.harbor.homelab.danmanners.com/docker.io
Expand All @@ -8,24 +8,20 @@ global:
# rootless: false

persistence:
storageClass: cephfs
size: 40Gi
storageClass: ceph-rbd
size: 60Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce

strategy:
type: RollingUpdate
maxUnavailable: 1
# type: Recreate
type: Recreate # Cant use RollingUpdate because we only have one replica.
maxUnavailable: 0 # Can't use 1 because we only have one replica.

gitea:
admin:
existingSecret: gitea-creds
config:
APP_NAME: "Not Your Mommas's GitHub"
# server:
# SSH_PORT: 2222
# SSH_LISTEN_PORT: 2222
cron.GIT_GC_REPOS:
ENABLED: false
additionalConfigSources:
Expand Down

0 comments on commit 9c90d86

Please sign in to comment.