remove act runner
This commit is contained in:
parent
8318756742
commit
601f02dd2f
|
@ -1,33 +0,0 @@
|
|||
# Act Runner
|
||||
|
||||
## Create Kubeconfig
|
||||
|
||||
```
|
||||
server=https://zurrli.tbrnt.ch:6443
|
||||
name=buildx-sa-token
|
||||
|
||||
ca=$(kubectl -n act-runner get secret/$name -o jsonpath='{.data.ca\.crt}')
|
||||
token=$(kubectl -n act-runner get secret/$name -o jsonpath='{.data.token}' | base64 --decode)
|
||||
namespace=$(kubectl -n act-runner get secret/$name -o jsonpath='{.data.namespace}' | base64 --decode)
|
||||
|
||||
echo "
|
||||
apiVersion: v1
|
||||
kind: Config
|
||||
clusters:
|
||||
- name: default-cluster
|
||||
cluster:
|
||||
certificate-authority-data: ${ca}
|
||||
server: ${server}
|
||||
contexts:
|
||||
- name: default-context
|
||||
context:
|
||||
cluster: default-cluster
|
||||
namespace: default
|
||||
user: default-user
|
||||
current-context: default-context
|
||||
users:
|
||||
- name: default-user
|
||||
user:
|
||||
token: ${token}
|
||||
" > sa.kubeconfig
|
||||
```
|
|
@ -1,62 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: act-runner
|
||||
name: act-runner
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: act-runner
|
||||
strategy: {}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: act-runner
|
||||
spec:
|
||||
restartPolicy: Always
|
||||
containers:
|
||||
- name: runner
|
||||
image: gitea/act_runner:nightly
|
||||
command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"]
|
||||
env:
|
||||
- name: DOCKER_HOST
|
||||
value: tcp://localhost:2376
|
||||
- name: DOCKER_CERT_PATH
|
||||
value: /certs/client
|
||||
- name: DOCKER_TLS_VERIFY
|
||||
value: "1"
|
||||
- name: GITEA_INSTANCE_URL
|
||||
value: https://git.tbrnt.ch/
|
||||
- name: GITEA_RUNNER_REGISTRATION_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: runner-secret
|
||||
key: token
|
||||
volumeMounts:
|
||||
- name: docker-certs
|
||||
mountPath: /certs
|
||||
- name: runner-data
|
||||
mountPath: /data
|
||||
- name: daemon
|
||||
image: docker:24.0.8-dind
|
||||
env:
|
||||
- name: DOCKER_TLS_CERTDIR
|
||||
value: /certs
|
||||
securityContext:
|
||||
privileged: true
|
||||
volumeMounts:
|
||||
- name: docker-certs
|
||||
mountPath: /certs
|
||||
- name: docker-data
|
||||
mountPath: /var/lib/docker
|
||||
volumes:
|
||||
- name: docker-certs
|
||||
emptyDir: {}
|
||||
- name: runner-data
|
||||
persistentVolumeClaim:
|
||||
claimName: act-runner-vol
|
||||
- name: docker-data
|
||||
persistentVolumeClaim:
|
||||
claimName: docker
|
|
@ -1,8 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- pvc.yaml
|
||||
- deployment.yaml
|
||||
- rbac-buildx.yaml
|
||||
generators:
|
||||
- secret-generator.yaml
|
|
@ -1,23 +0,0 @@
|
|||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: act-runner-vol
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
storageClassName: local-path
|
||||
---
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: docker
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
storageClassName: local-path
|
|
@ -1,25 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: buildx
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
annotations:
|
||||
kubernetes.io/service-account.name: buildx
|
||||
name: buildx-sa-token
|
||||
type: kubernetes.io/service-account-token
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: admin
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: admin
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: buildx
|
||||
namespace: act-runner
|
|
@ -1,6 +0,0 @@
|
|||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
name: secret-generator
|
||||
files:
|
||||
- secret.sops.yaml
|
|
@ -1,27 +0,0 @@
|
|||
kind: Secret
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: runner-secret
|
||||
type: Opaque
|
||||
stringData:
|
||||
token: ENC[AES256_GCM,data:dH0rgbTRixhFE1dt1lVcngIdy+P9yzA7UEiwIjXiqSBgnCFH+A/QzQ==,iv:OfNeobqL1eIg8giUOtyNqxVdePAfjbrGGLa5uryoSi0=,tag:r0J79l4xNILNQMJEsYYrbA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1dfk8euu7afvw7ge5l2qek45z23hdq5anjd56cy4d7kcsf0e0e5pqfjylx8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIdytENEw5Qzd5bmV6MTdo
|
||||
a2JOWHIwRWFSKzZXeVkxSGJQdlh4L3F1V1Y0ClUzbndNVW5IV2RJMXFTUy9sVkE2
|
||||
a244TkZrYmd2ZXg4L0hsZFFHME9KM0UKLS0tIEZNK2tmVWorWkxqdnFycHBqMUk4
|
||||
L3JGdVNFRWxoVlVwK2hoRVhKVExjcE0K7GkoqGpz6bCw38PhQMv+GjEAWrQFjTqx
|
||||
1UImFXVMAiliaE50nSftbkEFJYOCS1phvH2dEr24+mtY3OAzZNcOYA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-11-07T20:11:23Z"
|
||||
mac: ENC[AES256_GCM,data:FLmesbaOcPp884Ettj2yJsZU0sJRNK2fTVcQg7uKCqTjwbpHiCEpF56pp/Y2UJk0DJPaRS2utNWwsGjfaXS0GV6+UXrPZr6TvONbVMH3FRsFz0JDR/lcIKSBwSrz/Jn+IMefb6fpjI5fNGzWkxRcJ5g+rHYVrUyR55KCGFYV1pU=,iv:AkvJAPPoeSJf/HdCvMwQ74VbtfXJA7MgIw1BVguHads=,tag:b/FXKhPGl6ZARn9F95rwaQ==,type:str]
|
||||
pgp: []
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.8.1
|
|
@ -1,19 +0,0 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: act-runner
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: apps
|
||||
source:
|
||||
path: apps/zurrli/act-runner
|
||||
repoURL: https://git.tbrnt.ch/tobru/gitops-zurrli.git
|
||||
targetRevision: HEAD
|
||||
destination:
|
||||
namespace: act-runner
|
||||
server: https://kubernetes.default.svc
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
Loading…
Reference in a new issue