lunny/helm-chart
1
0
Fork 0
Code Issues 36 Pull Requests 14 Actions Packages Projects Releases 93 Wiki Activity

rebased: Add Gitea Actions act runner #666

Merged
vjm merged 27 commits from gitea-actions into main 2024-11-10 13:35:57 +00:00
Conversation 27 Commits 27 Files Changed 24 +61 -56
12 changed files with 61 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 07633d08bb - Show all commits

6
scripts/token.sh
View File

@ -2,6 +2,8 @@
set -eu
timeout_delay=15
check_token() {
set +e
@ -15,7 +17,7 @@ check_token() {
create_token() {
echo "Waiting for new token to be generated..."
begin=$(date +%s)
end=$((begin + 300)) # 5 minutes
end=$((begin + timeout_delay))
while true; do
[ -f /data/actions/token ] && return 0
[ "$(date +%s)" -gt $end ] && return 1
@ -34,7 +36,7 @@ if check_token; then
fi
if ! create_token; then
echo "Timed out waiting for a token to appear."
echo "Checking for an existing act runner token in secret $SECRET_NAME timed out after $timeout_delay"
exit 1
fi

14
templates/_helpers.tpl
View File

@ -100,6 +100,15 @@ version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{- define "gitea.labels.actRunner" -}}
helm.sh/chart: {{ include "gitea.chart" . }}
app: {{ include "gitea.name" . }}-act-runner
{{ include "gitea.selectorLabels.actRunner" . }}
app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Selector labels
*/}}
@ -108,6 +117,11 @@ app.kubernetes.io/name: {{ include "gitea.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "gitea.selectorLabels.actRunner" -}}
app.kubernetes.io/name: {{ include "gitea.name" . }}-act-runner
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "postgresql-ha.dns" -}}
{{- if (index .Values "postgresql-ha").enabled -}}
{{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}}

9
templates/gitea/actions/config-act-runner.yaml → templates/gitea/act_runner/config-act-runner.yaml
View File

@ -7,9 +7,16 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
data:
{{- if .Values.actions.statefulset.config }}
config.yaml: |
{{- with .Values.actions.statefulset.config -}}
{{ . | nindent 4}}
{{- end -}}
{{- else }}
config.yaml: |
log:
level: debug
cache:
enabled: false
enabled: false
{{- end }}
{{- end }}

3
templates/gitea/actions/config-scripts.yaml → templates/gitea/act_runner/config-scripts.yaml
View File

@ -6,9 +6,6 @@ metadata:
name: {{ include "gitea.fullname" . }}-scripts
labels:
{{- include "gitea.labels" . | nindent 4 }}
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
data:
{{ (.Files.Glob "scripts/*.sh").AsConfig | indent 2 }}
{{- end }}

25
templates/gitea/actions/job.yaml → templates/gitea/act_runner/job.yaml
View File

@ -12,9 +12,6 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
{{- with .Values.actions.job.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
@ -26,9 +23,19 @@ spec:
{{- include "gitea.labels" . | nindent 8 }}
app.kubernetes.io/component: token-job
spec:
initContainers:
- name: init-gitea
image: busybox:1.36.1
command:
- sh
- -c
- |
while ! nc -z {{ include "gitea.fullname" . }}-http {{ .Values.service.http.port }}; do
sleep 5
done
containers:
- name: actions-token-create
image: "{{ .Values.actions.job.tokenImage.repository }}:{{ .Values.actions.job.tokenImage.tag | default "latest-rootless" }}"
image: "{{ .Values.actions.job.tokenImage.repository }}:{{ .Values.actions.job.tokenImage.tag | default (printf "%s-rootless" .Chart.AppVersion) }}"
imagePullPolicy: {{ .Values.actions.job.tokenImage.pullPolicy }}
env:
- name: GITEA_APP_INI
@ -37,11 +44,7 @@ spec:
- sh
- -c
- |
while ! nc -z gitea-http 3000; do
sleep 5
done
echo "Generating token..."
echo "Generating act_runner token via 'gitea actions generate-runner-token'..."
mkdir -p /data/actions/
gitea actions generate-runner-token | grep -E '^.{40}$' | tr -d '\n' > /data/actions/token
resources:
@ -53,7 +56,7 @@ spec:
subPath: {{ .Values.persistence.subPath }}
{{- end }}
- name: actions-token-upload
image: "{{ .Values.actions.job.publishImage.repository }}:{{ .Values.actions.job.publishImage.tag | default "latest" }}"
image: "{{ .Values.actions.job.publishImage.repository }}:{{ .Values.actions.job.publishImage.tag }}"
imagePullPolicy: {{ .Values.actions.job.publishImage.pullPolicy }}
env:
- name: SECRET_NAME
@ -62,7 +65,7 @@ spec:
- sh
- -c
- |
printf "Checking rights to update secret... "
printf "Checking rights to update kubernetes act_runner secret..."
kubectl auth can-i update secret/${SECRET_NAME}
/scripts/token.sh
resources:

3
templates/gitea/actions/role-job.yaml → templates/gitea/act_runner/role-job.yaml
View File

@ -9,9 +9,6 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
rules:
- apiGroups:
- ""

3
templates/gitea/actions/rolebinding-job.yaml → templates/gitea/act_runner/rolebinding-job.yaml
View File

@ -9,9 +9,6 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

5
templates/gitea/actions/secret-token.yaml → templates/gitea/act_runner/secret-token.yaml
View File

@ -5,11 +5,6 @@
apiVersion: v1
kind: Secret
metadata:
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: never
argocd.argoproj.io/hook: Skip
argocd.argoproj.io/hook-delete-policy: Never
name: {{ $secretName }}
labels:
{{- include "gitea.labels" . | nindent 4 }}

3
templates/gitea/actions/serviceaccount-job.yaml → templates/gitea/act_runner/serviceaccount-job.yaml
View File

@ -8,7 +8,4 @@ metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
annotations:
# helm.sh/hook: post-install
# helm.sh/hook-delete-policy: hook-succeeded
{{- end }}

31
templates/gitea/actions/statefulset.yaml → templates/gitea/act_runner/statefulset.yaml
View File

@ -5,39 +5,30 @@ apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
{{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.actions.statefulset.labels }}
{{- toYaml .Values.actions.statefulset.labels | nindent 4 }}
{{- end }}
{{- include "gitea.labels.actRunner" . | nindent 4 }}
name: {{ include "gitea.fullname" . }}-act-runner
spec:
selector:
matchLabels:
{{- include "gitea.selectorLabels" . | nindent 6 }}
{{- if .Values.actions.statefulset.labels }}
{{- toYaml .Values.actions.statefulset.labels | nindent 6 }}
{{- end }}
{{- include "gitea.selectorLabels.actRunner" . | nindent 6 }}
template:
metadata:
labels:
{{- include "gitea.labels" . | nindent 8 }}
{{- if .Values.actions.statefulset.labels }}
{{- toYaml .Values.actions.statefulset.labels | nindent 8 }}
{{- end }}
{{- include "gitea.labels.actRunner" . | nindent 8 }}
spec:
initContainers:
- name: init-gitea
image: busybox:latest
image: busybox:1.36.1
command:
- sh
- -c
- |
while ! nc -z gitea-http 3000; do
while ! nc -z {{ include "gitea.fullname" . }}-http {{ .Values.service.http.port }}; do
sleep 5
done
containers:
- name: act-runner
image: "{{ .Values.actions.statefulset.actRunnerImage.repository }}:{{ .Values.actions.statefulset.actRunnerImage.tag | default "latest" }}"
image: "{{ .Values.actions.statefulset.actRunnerImage.repository }}:{{ .Values.actions.statefulset.actRunnerImage.tag }}"
imagePullPolicy: {{ .Values.actions.statefulset.actRunnerImage.pullPolicy }}
workingDir: /data
env:
@ -50,12 +41,12 @@ spec:
- name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
secretKeyRef:
name: {{ $secretName }}
key: token
name: "{{ .Values.actions.existingSecret | default $secretName }}"
key: "{{ .Values.actions.existingSecret | default "token" }}"
- name: GITEA_INSTANCE_URL
value: http://gitea-http:3000
value: "http://{{ include "gitea.fullname" . }}-http:{{ .Values.service.http.port }}"
- name: GITEA_RUNNER_LABELS
value: ubuntu-latest
value: "{{ .Values.actions.statefulset.runnerLabels | default "ubuntu-latest" }}"
- name: CONFIG_FILE
value: /actrunner/config.yaml
volumeMounts:
@ -67,7 +58,7 @@ spec:
- mountPath: /data
name: data-act-runner
- name: dind
image: "{{ .Values.actions.statefulset.dindImage.repository }}:{{ .Values.actions.statefulset.dindImage.tag | default "24.0.7-dind" }}"
image: "{{ .Values.actions.statefulset.dindImage.repository }}:{{ .Values.actions.statefulset.dindImage.tag }}"
imagePullPolicy: {{ .Values.actions.statefulset.dindImage.pullPolicy }}
env:
- name: DOCKER_HOST

2
unittests/actions/config-act-runner.yaml
View File

@ -5,7 +5,7 @@ release:
templates:
- templates/gitea/actions/config-act-runner.yaml
tests:
- it: renders a deployment
- it: renders a ConfigMap
template: templates/gitea/actions/config-act-runner.yaml
set:
actions:

13
values.yaml
View File

@ -345,6 +345,8 @@ signing:
## @section GiteaActions
#
## @param actions.statefulset.enabled Create an act-runner StatefulSet.
## @param actions.statefulset.config Act runner custom configuration.
## @param actions.statefulset.runnerLabels Act runner labels.
## @param actions.statefulset.actRunnerImage.repository The Gitea act runner image
## @param actions.statefulset.actRunnerImage.tag The Gitea act runner tag
## @param actions.statefulset.actRunnerImage.pullPolicy The Gitea act runner pullPolicy
@ -368,14 +370,17 @@ actions:
labels: {}
resources: {}
config: ""
runnerLabels: ""
actRunnerImage:
repository: gitea/act_runner
# tag: latest
tag: 0.2.6
pullPolicy: IfNotPresent
dindImage:
repository: docker
# tag: 24.0.7-dind
tag: 24.0.7-dind
pullPolicy: IfNotPresent
job:
@ -386,12 +391,12 @@ actions:
tokenImage:
repository: gitea/gitea
# tag: latest-rootless
tag: ""
pullPolicy: IfNotPresent
publishImage:
repository: bitnami/kubectl
# tag: latest
tag: 1.29.0
pullPolicy: IfNotPresent
## Specify an existing token secret