forked from evryfs/github-actions-runner-operator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
garo_v1alpha1_githubactionrunner.yaml
112 lines (112 loc) · 3.18 KB
/
garo_v1alpha1_githubactionrunner.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
apiVersion: garo.tietoevry.com/v1alpha1
kind: GithubActionRunner
metadata:
name: runner-pool
namespace: actions-runner
spec:
# minimum running pods
minRunners: 1
# max number of pods
maxRunners: 6
organization: yourOrg
# How often it will reconcile
reconciliationPeriod: 1m
# if runner for repo
# repository: "theRepoName"
tokenRef:
key: GH_TOKEN
name: actions-runner
podTemplateSpec:
metadata:
annotations:
"prometheus.io/scrape": "true"
"prometheus.io/port": "3903"
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
topologyKey: kubernetes.io/hostname
labelSelector:
matchExpressions:
- key: garo.tietoevry.com/pool
operator: In
values:
- runner-pool
containers:
- name: runner
env:
- name: RUNNER_DEBUG
value: "true"
- name: DOCKER_TLS_CERTDIR
value: /certs
- name: DOCKER_HOST
value: tcp://localhost:2376
- name: DOCKER_TLS_VERIFY
value: "1"
- name: DOCKER_CERT_PATH
value: /certs/client
- name: GH_ORG
value: yourOrg
# if runner for repo:
# - name: GH_REPO
# value: theRepoName
envFrom:
- secretRef:
name: actions-runner
image: quay.io/evryfs/github-actions-runner:latest
imagePullPolicy: Always
lifecycle:
preStop:
exec:
command:
- /bin/bash
- -c
- /remove_runner.sh
resources: {}
volumeMounts:
- mountPath: /certs
name: docker-certs
- mountPath: /home/runner/_diag
name: runner-diag
- mountPath: /home/runner/.m2
name: mvn-repo
- mountPath: /home/runner/.m2/settings.xml
name: settings-xml
- name: docker
env:
- name: DOCKER_TLS_CERTDIR
value: /certs
image: docker:stable-dind
imagePullPolicy: Always
resources: {}
securityContext:
privileged: true
volumeMounts:
- mountPath: /var/lib/docker
name: docker-storage
- mountPath: /certs
name: docker-certs
- name: exporter
image: quay.io/evryfs/github-actions-runner-metrics:v0.0.3
ports:
- containerPort: 3903
protocol: TCP
volumeMounts:
- name: runner-diag
mountPath: /_diag
readOnly: true
volumes:
- emptyDir: {}
name: runner-diag
- emptyDir: {}
name: mvn-repo
- emptyDir: {}
name: docker-storage
- emptyDir: {}
name: docker-certs
- configMap:
defaultMode: 420
name: settings-xml
name: settings-xml