f7c66c0336
Co-authored-by: dementhorr <dementhorr@proton.me> Co-authored-by: Vince Montalbano <vince.montalbano@gmail.com> Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/666 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: vjm <vjm@noreply.gitea.com> Co-committed-by: vjm <vjm@noreply.gitea.com>
1.8 KiB
Gitea Actions
In order to use the Gitea Actions act-runner you must either:
- enable persistence (used for automatic deployment to be able to store the token in a place accessible for the Job)
- create a secret containing the act runner token and reference it as a
existingSecret
In order to use Gitea Actions, you must log on the server that's running Gitea and run the command:
gitea actions generate-runner-token
This command will out a token that is needed by the act-runner to register with the Gitea backend.
Because this is a manual operation, we automated this using a Kubernetes Job using the following containers:
actions-token-create: it uses the currentgitea-rootlessimage, mounts the persistent directory to/data/then it saves the output fromgitea actions generate-runner-tokento/data/actions/tokenactions-token-upload: it uses abitnami/kubectlimage, mounts the scripts directory (/scripts) and the persistent directory (/data/), and using the script from/scripts/token.shstores the token in a Kubernetes secret
After the token is stored in a Kubernetes secret we can create the statefulset that contains the following containers:
act-runner: authenticates with Gitea using the token that was stored in the secretdind: DockerInDocker image that is used to run the actions
If you are not using persistent volumes, you cannot use the Job to automatically generate the token.
In this case, you can use either the Web UI to generate the token or run a shell into a Gitea pod and invoke
the command gitea actions generate-runner-token. After generating the token, you must create a secret and use it via:
actions:
provisioning:
enabled: false
existingSecret: "secret-name"
existingSecretKey: "secret-key"