lunny/helm-chart
1
0
Fork 0
Code Issues 36 Pull Requests 14 Actions Packages Projects Releases 93 Wiki Activity

Fixed mistakes

Browse Source
This commit is contained in:
dementhorr 2024-01-12 20:27:02 +01:00 committed by Vince Montalbano
parent 19b6916f35
commit 07633d08bb
12 changed files with 61 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/token.sh
View File

@ -2,6 +2,8 @@
set -eu
timeout_delay=15
check_token() {
set +e
@ -15,7 +17,7 @@ check_token() {
create_token() {
echo "Waiting for new token to be generated..."
begin=$(date +%s)
end=$((begin + 300)) # 5 minutes
end=$((begin + timeout_delay))
while true; do
[ -f /data/actions/token ] && return 0
[ "$(date +%s)" -gt $end ] && return 1
@ -34,7 +36,7 @@ if check_token; then
fi
if ! create_token; then
echo "Timed out waiting for a token to appear."
echo "Checking for an existing act runner token in secret $SECRET_NAME timed out after $timeout_delay"
exit 1
fi

14
templates/_helpers.tpl
View File

@ -100,6 +100,15 @@ version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{- define "gitea.labels.actRunner" -}}
helm.sh/chart: {{ include "gitea.chart" . }}
app: {{ include "gitea.name" . }}-act-runner
{{ include "gitea.selectorLabels.actRunner" . }}
app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Selector labels
*/}}
@ -108,6 +117,11 @@ app.kubernetes.io/name: {{ include "gitea.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "gitea.selectorLabels.actRunner" -}}
app.kubernetes.io/name: {{ include "gitea.name" . }}-act-runner
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "postgresql-ha.dns" -}}
{{- if (index .Values "postgresql-ha").enabled -}}
{{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}}

9
templates/gitea/actions/config-act-runner.yaml → templates/gitea/act_runner/config-act-runner.yaml
View File

@ -7,9 +7,16 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
data:
{{- if .Values.actions.statefulset.config }}
config.yaml: |
{{- with .Values.actions.statefulset.config -}}
{{ . | nindent 4}}
{{- end -}}
{{- else }}
config.yaml: |
log:
level: debug
cache:
enabled: false
enabled: false
{{- end }}
{{- end }}

3
templates/gitea/actions/config-scripts.yaml → templates/gitea/act_runner/config-scripts.yaml
View File

@ -6,9 +6,6 @@ metadata:
name: {{ include "gitea.fullname" . }}-scripts
labels:
{{- include "gitea.labels" . | nindent 4 }}
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
data:
{{ (.Files.Glob "scripts/*.sh").AsConfig | indent 2 }}
{{- end }}

25
templates/gitea/actions/job.yaml → templates/gitea/act_runner/job.yaml
View File

@ -12,9 +12,6 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
{{- with .Values.actions.job.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
@ -26,9 +23,19 @@ spec:
{{- include "gitea.labels" . | nindent 8 }}
app.kubernetes.io/component: token-job
spec:
initContainers:
- name: init-gitea
image: busybox:1.36.1
command:
- sh
- -c
- |
while ! nc -z {{ include "gitea.fullname" . }}-http {{ .Values.service.http.port }}; do
sleep 5
done
containers:
- name: actions-token-create
image: "{{ .Values.actions.job.tokenImage.repository }}:{{ .Values.actions.job.tokenImage.tag | default "latest-rootless" }}"
image: "{{ .Values.actions.job.tokenImage.repository }}:{{ .Values.actions.job.tokenImage.tag | default (printf "%s-rootless" .Chart.AppVersion) }}"
imagePullPolicy: {{ .Values.actions.job.tokenImage.pullPolicy }}
env:
- name: GITEA_APP_INI
@ -37,11 +44,7 @@ spec:
- sh
- -c
- |
while ! nc -z gitea-http 3000; do
sleep 5
done
echo "Generating token..."
echo "Generating act_runner token via 'gitea actions generate-runner-token'..."
mkdir -p /data/actions/
gitea actions generate-runner-token | grep -E '^.{40}$' | tr -d '\n' > /data/actions/token
resources:
@ -53,7 +56,7 @@ spec:
subPath: {{ .Values.persistence.subPath }}
{{- end }}
- name: actions-token-upload
image: "{{ .Values.actions.job.publishImage.repository }}:{{ .Values.actions.job.publishImage.tag | default "latest" }}"
image: "{{ .Values.actions.job.publishImage.repository }}:{{ .Values.actions.job.publishImage.tag }}"
imagePullPolicy: {{ .Values.actions.job.publishImage.pullPolicy }}
env:
- name: SECRET_NAME
@ -62,7 +65,7 @@ spec:
- sh
- -c
- |
printf "Checking rights to update secret... "
printf "Checking rights to update kubernetes act_runner secret..."
kubectl auth can-i update secret/${SECRET_NAME}
/scripts/token.sh
resources:

3
templates/gitea/actions/role-job.yaml → templates/gitea/act_runner/role-job.yaml
View File

@ -9,9 +9,6 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
rules:
- apiGroups:
- ""

3
templates/gitea/actions/rolebinding-job.yaml → templates/gitea/act_runner/rolebinding-job.yaml
View File

@ -9,9 +9,6 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

5
templates/gitea/actions/secret-token.yaml → templates/gitea/act_runner/secret-token.yaml
View File

@ -5,11 +5,6 @@
apiVersion: v1
kind: Secret
metadata:
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: never
argocd.argoproj.io/hook: Skip
argocd.argoproj.io/hook-delete-policy: Never
name: {{ $secretName }}
labels:
{{- include "gitea.labels" . | nindent 4 }}

3
templates/gitea/actions/serviceaccount-job.yaml → templates/gitea/act_runner/serviceaccount-job.yaml
View File

@ -8,7 +8,4 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
{{- end }}

31
templates/gitea/actions/statefulset.yaml → templates/gitea/act_runner/statefulset.yaml
View File

@ -5,39 +5,30 @@ apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.actions.statefulset.labels }}
{{- toYaml .Values.actions.statefulset.labels | nindent 4 }}
{{- end }}
{{- include "gitea.labels.actRunner" . | nindent 4 }}
name: {{ include "gitea.fullname" . }}-act-runner
spec:
selector:
matchLabels:
{{- include "gitea.selectorLabels" . | nindent 6 }}
{{- if .Values.actions.statefulset.labels }}
{{- toYaml .Values.actions.statefulset.labels | nindent 6 }}
{{- end }}
{{- include "gitea.selectorLabels.actRunner" . | nindent 6 }}
template:
metadata:
labels:
{{- include "gitea.labels" . | nindent 8 }}
{{- if .Values.actions.statefulset.labels }}
{{- toYaml .Values.actions.statefulset.labels | nindent 8 }}
{{- end }}
{{- include "gitea.labels.actRunner" . | nindent 8 }}
spec:
initContainers:
- name: init-gitea
image: busybox:latest
image: busybox:1.36.1
command:
- sh
- -c
- |
while ! nc -z gitea-http 3000; do
while ! nc -z {{ include "gitea.fullname" . }}-http {{ .Values.service.http.port }}; do
sleep 5
done
containers:
- name: act-runner
image: "{{ .Values.actions.statefulset.actRunnerImage.repository }}:{{ .Values.actions.statefulset.actRunnerImage.tag | default "latest" }}"
image: "{{ .Values.actions.statefulset.actRunnerImage.repository }}:{{ .Values.actions.statefulset.actRunnerImage.tag }}"
imagePullPolicy: {{ .Values.actions.statefulset.actRunnerImage.pullPolicy }}
workingDir: /data
env:
@ -50,12 +41,12 @@ spec:
- name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
secretKeyRef:
name: {{ $secretName }}
key: token
name: "{{ .Values.actions.existingSecret | default $secretName }}"
key: "{{ .Values.actions.existingSecret | default "token" }}"
- name: GITEA_INSTANCE_URL
value: http://gitea-http:3000
value: "http://{{ include "gitea.fullname" . }}-http:{{ .Values.service.http.port }}"
- name: GITEA_RUNNER_LABELS
value: ubuntu-latest
value: "{{ .Values.actions.statefulset.runnerLabels | default "ubuntu-latest" }}"
- name: CONFIG_FILE
value: /actrunner/config.yaml
volumeMounts:
@ -67,7 +58,7 @@ spec:
- mountPath: /data
name: data-act-runner
- name: dind
image: "{{ .Values.actions.statefulset.dindImage.repository }}:{{ .Values.actions.statefulset.dindImage.tag | default "24.0.7-dind" }}"
image: "{{ .Values.actions.statefulset.dindImage.repository }}:{{ .Values.actions.statefulset.dindImage.tag }}"
imagePullPolicy: {{ .Values.actions.statefulset.dindImage.pullPolicy }}
env:
- name: DOCKER_HOST

2
unittests/actions/config-act-runner.yaml
View File

@ -5,7 +5,7 @@ release:
templates:
- templates/gitea/actions/config-act-runner.yaml
tests:
- it: renders a deployment
- it: renders a ConfigMap
template: templates/gitea/actions/config-act-runner.yaml
set:
actions:

13
values.yaml
View File

@ -345,6 +345,8 @@ signing:
## @section GiteaActions
#
## @param actions.statefulset.enabled Create an act-runner StatefulSet.
## @param actions.statefulset.config Act runner custom configuration.
## @param actions.statefulset.runnerLabels Act runner labels.
## @param actions.statefulset.actRunnerImage.repository The Gitea act runner image
## @param actions.statefulset.actRunnerImage.tag The Gitea act runner tag
## @param actions.statefulset.actRunnerImage.pullPolicy The Gitea act runner pullPolicy
@ -368,14 +370,17 @@ actions:
labels: {}
resources: {}
config: ""
runnerLabels: ""
actRunnerImage:
repository: gitea/act_runner
# tag: latest
tag: 0.2.6
pullPolicy: IfNotPresent
dindImage:
repository: docker
# tag: 24.0.7-dind
tag: 24.0.7-dind
pullPolicy: IfNotPresent
job:
@ -386,12 +391,12 @@ actions:
tokenImage:
repository: gitea/gitea
# tag: latest-rootless
tag: ""
pullPolicy: IfNotPresent
publishImage:
repository: bitnami/kubectl
# tag: latest
tag: 1.29.0
pullPolicy: IfNotPresent
## Specify an existing token secret