feat: add forgejo-runner

This commit is contained in:
SeanOMik 2024-06-13 21:20:05 -04:00
parent 1ae8b633a1
commit a2d688657c
Signed by: SeanOMik
GPG Key ID: FEC9E2FC15235964
4 changed files with 158 additions and 0 deletions

View File

@ -0,0 +1,82 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.29.4/deployment.json
apiVersion: apps/v1
kind: Deployment
metadata:
name: forgejo-runner
namespace: dev
labels:
app: forgejo-runner
spec:
replicas: 5
selector:
matchLabels:
app: forgejo-runner
template:
metadata:
labels:
app: forgejo-runner
spec:
restartPolicy: Always
volumes:
- name: docker-certs
emptyDir: {}
- name: runner-data
emptyDir: {}
initContainers:
- name: runner-config-generation
image: code.forgejo.org/forgejo/runner:3.3.0
command:
- sh
- -c
- forgejo-runner register --no-interactive --instance $FORGEJO_INSTANCE_URL --token $RUNNER_TOKEN
env:
- name: RUNNER_TOKEN
valueFrom:
secretKeyRef:
name: forgejo-runner-token
key: token
- name: FORGEJO_INSTANCE_URL
value: https://${SECRET_NEW_DOMAIN}
volumeMounts:
- name: runner-data
mountPath: /data
containers:
- name: runner
image: code.forgejo.org/forgejo/runner:3.3.0
command:
- sh
- -c
- while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; forgejo-runner daemon
env:
- name: DOCKER_HOST
value: tcp://localhost:2376
- name: DOCKER_CERT_PATH
value: /certs/client
- name: DOCKER_TLS_VERIFY
value: '1'
volumeMounts:
- name: docker-certs
mountPath: /certs
- name: runner-data
mountPath: /data
- name: dind
image: docker:dind
env:
- name: DOCKER_TLS_CERTDIR
value: /certs
securityContext:
privileged: true
volumeMounts:
- name: docker-certs
mountPath: /certs

View File

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./reg-token.sops.yaml
- ./deploy.yaml

View File

@ -0,0 +1,70 @@
apiVersion: v1
kind: Secret
metadata:
name: forgejo-runner-token
stringData:
token: ENC[AES256_GCM,data:xXuPompbwJ5Zl+zq7AjvKFCG6rgJsxdFlfqL3N0Ubi4j7H93CeLEVQ==,iv:pXhG21u2FjGXzEN1I/9Qf7gioaXpvVRCZ+raZo/P0UM=,tag:TziGY67O9NsJ/xKaqijjyg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-06-14T00:24:43Z"
mac: ENC[AES256_GCM,data:MiPOGoTu83o9gqKlkzAk3xGAcq8bdCRALfHAPQErKySCpKYE+f2uEdLp/cISvcm9QjpTMM9GSi8tzfi16seuDEjlMLVrkZqW6GJGrKKVzLXBbvSYj1WRPeT8fFYeclGrl55Wgox4QDyZgWaSLBaA563iyEXX1fsge0JXnqL0I/I=,iv:waShP0WAGkoTWKtgdVvI7Z/UasxqIrttOhtqo/U8yDA=,tag:eak3qGstA3gCI8e64e1EbA==,type:str]
pgp:
- created_at: "2024-06-14T00:24:43Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAyqlIeyoxYovAQ/8DTb+Ow1rarhmcZ2uBFWwhoqVDZps9ZrgpTLeQf8OVRFC
VZl5h4Rqn+BMDdliT1mLY/snCl7UhFyeR+w7KOL8iH2D3CzoQ/aiU3hPXqlg9ETL
gMo5csbn/98rLPpVK/YXZDuN0c8Ku1GEpz9yUQUCMBsm6QTOmM6H5jicIn/6cPtn
KmipAVqAT1G7I5RWqsKLseGigGIt/Kwt+LHM12ZjuNGWN7/h+3B33Oh6l4SELL54
az9m5ETioMFHtH7Qv7fv5FTHTyGQQI79LKbKJUQNqJ7IEhvXe6MWyGkmN8zMemDH
OaFQFWLxFE65gNAykbMccWWYG/aTng4nc8QlFiqsPhl1zpnXi651eAtEHrvME3Gs
xvV1VDCbuTx22K6TY98+nJruraK9J07kfvEOQTXJSXN3whiNFti7F+NTaqDNlmF4
pme0n1HvUHTyf4mox+bIGtRpcZ16kipHGq2deRYIFsmNk5pJ1A/cegiIxEjIfwXf
7e5WKp5YQcwUvo2BifpXlkFTn5fV50a6vBUHnhQWWZWUYoN5LRGjdfivPKblj20k
OS3CGFLd6sy2CYw/UnIrTCIQ0cyMMFfOY48F6y5WJGaCquc3SThJRL+oIfJ91g5n
mItauzi2ED3hbizfQWTULck8NAdFBCrJFqk8lbQSOfF0331NHS56nqB8xeQaeCiF
AgwDXjg0p2IN1X8BEADNpS2YdmGcSYErIWV5MlmFbbTWqWmxXnbsPu7V/PhTueu5
rVKLiNzy4f3EUZ5UtwiSGZkg4W0XjlzoHP7zPLp61YGWD18TRxT+VLtSJNAPbPy1
2i13oQ62W9NAkVhBNwRyvoxZor+M1PKqrpE9kz05085GsvBduAdyl4S35T7TRxHC
CMgR9IvGYW/lbzbTzxCpuIapeywuqRpEyAM/bljtgG8vk8u8YajU8dvrshccPvoC
bqis+aM4LKw5hSTdvw1imgRuh8wqQ42eteSGp45Uf5SJhTPSNeZlEZqOP1kWqv9s
01f41DliCaSiYF5Y+pT6WheOIxLSQ6jwv74jsKctr9e34Y452e0OVH9ZxlDIHeHH
7C9ddCFNJuGheIQ0ehPa6xxh+MYh/NQSr/OT9kmzcQUeXdPdqYgs26aZZwXwFRpw
GkpArqt2pu29y0+YAvVvqFNejRpJ+zY0cmK78pkwKZph3WVu470VCv2LSRRdtElH
XmLWcQQpOFd3Ej44oYpF4X1LSLU4lYOtCgHlKl1GmjbTMfrGrVxJ9I6jTuXXS+qP
gmZ79TNjXnw0pLknP59St2Zn4WisNNHGImGcVjMnKVFv+f0HsTSIZ9/4dTY1ozu4
2jlsbA2Hsgo05U28b9iNDuTdcJBwv3wJp1t3cOyHWPa5o17J42Da2VsP+Sd659Ro
AQkCEFmE+rxBNwOqAsEHY3mdB0do9tpLt2dCbmQX3zlU+9LvIfhnkYYTNBz51m8L
fgj93SRxlzHZzg+V130CmhsT2kO7kZg6N6iBFXQ4i06XN4RlBO+ndSjCLEZsTyLE
vcQG6RLUGUY=
=hYDf
-----END PGP MESSAGE-----
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
- created_at: "2024-06-14T00:24:43Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAy5t8IMoPu4VARAAo7s9EnV7kMtJdhiSGjVaoCC6Rtren9ekDmf2MsvRFa8o
btlF3g6YyteGolHPX7n16OfkzYqZm3qbDV8/yr2ZjDd22fM1Px1OLAiiCSnGXq40
HKGe3uteOnOj55jGloAuYb/LZ7P3cMNjY3N0y2yGlkprXoXfEtSSnuOXeRWPCaB5
j8UmcqmVWbbTNPqfkq/Du0ZErgHiuiQ9FwlOjLKMdDpXX6YZgB8uTzwvZhlr+D6j
MZByg54yYDW5labvbRQcyFOvKBTzsW+tPZScqc+zuk4Rbmd/jwTXh/2gS+l7RMGN
yjTOUSka6xSq9G8P4AswuoGoh1hulfUyHM9v2OD/42RK9HIGVOQ23bqw9QWhae4D
DpC3h+gzbPnUb9uA2YxaFaJbijlEESgScxpfaiAblGCpz3RM1ShV2xG14VNNsj/N
dSK9/eiMWB9GL6z5wZrT4LU/vO0e7ZY7ZgdKX6weCXocPZvLkxMbQn7wFLbcEGph
T005JdVlRkLWVDPckGVEeCdddNH3sMiJ2z4SEC6gYyP+kmlrqQ+a5Bfi2cjcVfhZ
SofjTaC9WQnaFTD2NdO/+va0YP33fV4tSlJR/OZPGRqELHskjohIker4h7+plCah
eWwY3z8NSS8RQJsuFH5zfjwO5y82cnSLz2w9xnQTIN2PazPzZ9BETVvag/EYponU
aAEJAhAY8Yw3btYF82UOKdLdRGhsspeILY7rJ6p1qaPb7tUCVmZEpVdFbCGr7/Oh
+0/aEGUdg2RHODpYXCIso28gnHiSJm8VqDgCiAu2tDR/wxA0Aaxn21rPv1vfca6C
y0FAQCs50OYA
=J1NH
-----END PGP MESSAGE-----
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
encrypted_regex: ^(data|stringData)$
version: 3.8.1

View File

@ -3,3 +3,4 @@ kind: Kustomization
resources: resources:
- ./namespace.yaml - ./namespace.yaml
- ./woodpecker - ./woodpecker
- ./forgejo-runner