Merge branch 'main' of git.martin98.com:MartinFarm/act_runner

k3s-canton.yaml

@@ -0,0 +1,175 @@
+
+---
+kind: StatefulSet
+apiVersion: apps/v1
+metadata:
+  name: k3s-canton-act-runner
+  namespace: gitea
+  labels:
+    app: act-runner
+    k8s.kuboard.cn/name: act-runner
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: act-runner
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: act-runner
+    spec:
+      volumes:
+        - name: docker-certs
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: action
+            items:
+              - key: config
+                path: config.yaml
+            defaultMode: 420
+      containers:
+        - name: runner
+          image: 'docker.martin98.com/library/gitea/act_runner:nightly'
+          command:
+            - sh
+            - '-c'
+            - >
+              while ! nc -z localhost 2376 </dev/null; do echo 'waiting for
+              docker daemon...'; sleep 5; done; /sbin/tini -- run.sh
+          env:
+            - name: DOCKER_HOST
+              value: 'tcp://localhost:2376'
+            - name: DOCKER_CERT_PATH
+              value: /certs/client
+            - name: DOCKER_TLS_VERIFY
+              value: '1'
+            - name: GITEA_INSTANCE_URL
+              value: 'https://git.martin98.com'
+            - name: GITEA_RUNNER_REGISTRATION_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: runner-secret
+                  key: token
+            - name: CONFIG_FILE
+              value: /config.yaml
+            - name: GITEA_RUNNER_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+          resources: {}
+          volumeMounts:
+            - name: docker-certs
+              mountPath: /certs
+            - name: runner-data
+              mountPath: /data
+            - name: config
+              readOnly: true
+              mountPath: /config.yaml
+              subPath: config.yaml
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: IfNotPresent
+        - name: daemon
+          image: 'docker.martin98.com/library/docker:23.0.6-dind'
+          env:
+            - name: DOCKER_TLS_CERTDIR
+              value: /certs
+          resources: {}
+          volumeMounts:
+            - name: docker-certs
+              mountPath: /certs
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            privileged: true
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst
+      securityContext: {}
+      schedulerName: default-scheduler
+  volumeClaimTemplates:
+    - kind: PersistentVolumeClaim
+      apiVersion: v1
+      metadata:
+        name: runner-data
+        creationTimestamp: null
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        resources:
+          requests:
+            storage: 50Gi
+        volumeMode: Filesystem
+      status:
+        phase: Pending
+  serviceName: act-runner
+  podManagementPolicy: OrderedReady
+  updateStrategy:
+    type: RollingUpdate
+    rollingUpdate:
+      partition: 0
+  revisionHistoryLimit: 10
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: action
+  namespace: gitea
+data:
+  config: |-
+    runner:
+      # 注册结果的存储位置。
+      file: .runner
+      # 同时执行的任务数量。
+      capacity: 1
+      # 运行任务时的额外环境变量。
+      envs:
+        A_TEST_ENV_NAME_1: a_test_env_value_1
+        A_TEST_ENV_NAME_2: a_test_env_value_2
+      # 从文件中读取的额外环境变量。
+      # 如果为空或文件不存在，则忽略。
+      env_file: .env
+      # 任务完成的超时时间。
+      # 请注意，Gitea 实例也有一个任务超时时间（默认为 3 小时）。
+      # 因此，如果 Gitea 实例的超时时间比此时间短，任务可能会被 Gitea 实例停止。
+      timeout: 3h
+      # 关闭时等待正在运行的任务完成的超时时间。
+      # 在此超时时间后仍未完成的任务将被取消。
+      shutdown_timeout: 0s
+      # 是否跳过验证 Gitea 实例的 TLS 证书。
+      insecure: false
+      # 从 Gitea 实例获取任务的超时时间。
+      fetch_timeout: 5s
+      # 从 Gitea 实例获取任务的间隔时间。
+      fetch_interval: 2s
+      # Runner 的标签用于确定 Runner 可以运行哪些任务以及如何运行它们。
+      # 例如："macos-arm64:host" 或 "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest"
+      # 更多 Gitea 提供的镜像可以在 https://gitea.com/gitea/runner-images 找到。
+      # 如果注册时为空，则会要求输入标签。
+      # 如果执行 `daemon` 时为空，则会使用 `.runner` 文件中的标签。
+      labels:
+        # 特有镜像(标记环境) CN = 国内 canton = 局域网设备 hk = 香港 global = 墙外设备
+        - "cn:docker://docker.martin98.com/gitea/runner-images:ubuntu-latest"
+        - "canton:docker://docker.martin98.com/gitea/runner-images:ubuntu-latest"
+        # - "hk:docker://docker.gitea.com/runner-images:ubuntu-latest"
+        # - "global:docker://docker.gitea.com/runner-images:ubuntu-latest"
+        # - "us:docker://docker.gitea.com/runner-images:ubuntu-latest"
+
+---
+kind: Secret
+apiVersion: v1
+metadata:
+  name: runner-secret
+  namespace: gitea
+data:
+  token: MUxNR055bVM1enZsb2dOd3VwaVpnWmpscjhFWmVIcXpFblQzdG53TA==
+type: Opaque
+

k3s-de.yaml

@@ -0,0 +1,175 @@
+
+---
+kind: StatefulSet
+apiVersion: apps/v1
+metadata:
+  name: k3s-de-act-runner
+  namespace: gitea
+  labels:
+    app: act-runner
+    k8s.kuboard.cn/name: act-runner
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: act-runner
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: act-runner
+    spec:
+      volumes:
+        - name: docker-certs
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: action
+            items:
+              - key: config
+                path: config.yaml
+            defaultMode: 420
+      containers:
+        - name: runner
+          image: 'gitea/act_runner:nightly'
+          command:
+            - sh
+            - '-c'
+            - >
+              while ! nc -z localhost 2376 </dev/null; do echo 'waiting for
+              docker daemon...'; sleep 5; done; /sbin/tini -- run.sh
+          env:
+            - name: DOCKER_HOST
+              value: 'tcp://localhost:2376'
+            - name: DOCKER_CERT_PATH
+              value: /certs/client
+            - name: DOCKER_TLS_VERIFY
+              value: '1'
+            - name: GITEA_INSTANCE_URL
+              value: 'https://git.martin98.com'
+            - name: GITEA_RUNNER_REGISTRATION_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: runner-secret
+                  key: token
+            - name: CONFIG_FILE
+              value: /config.yaml
+            - name: GITEA_RUNNER_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+          resources: {}
+          volumeMounts:
+            - name: docker-certs
+              mountPath: /certs
+            - name: runner-data
+              mountPath: /data
+            - name: config
+              readOnly: true
+              mountPath: /config.yaml
+              subPath: config.yaml
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: IfNotPresent
+        - name: daemon
+          image: 'docker:23.0.6-dind'
+          env:
+            - name: DOCKER_TLS_CERTDIR
+              value: /certs
+          resources: {}
+          volumeMounts:
+            - name: docker-certs
+              mountPath: /certs
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            privileged: true
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst
+      securityContext: {}
+      schedulerName: default-scheduler
+  volumeClaimTemplates:
+    - kind: PersistentVolumeClaim
+      apiVersion: v1
+      metadata:
+        name: runner-data
+        creationTimestamp: null
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        resources:
+          requests:
+            storage: 50Gi
+        volumeMode: Filesystem
+      status:
+        phase: Pending
+  serviceName: act-runner
+  podManagementPolicy: OrderedReady
+  updateStrategy:
+    type: RollingUpdate
+    rollingUpdate:
+      partition: 0
+  revisionHistoryLimit: 10
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: action
+  namespace: gitea
+data:
+  config: |-
+    runner:
+      # 注册结果的存储位置。
+      file: .runner
+      # 同时执行的任务数量。
+      capacity: 1
+      # 运行任务时的额外环境变量。
+      envs:
+        A_TEST_ENV_NAME_1: a_test_env_value_1
+        A_TEST_ENV_NAME_2: a_test_env_value_2
+      # 从文件中读取的额外环境变量。
+      # 如果为空或文件不存在，则忽略。
+      env_file: .env
+      # 任务完成的超时时间。
+      # 请注意，Gitea 实例也有一个任务超时时间（默认为 3 小时）。
+      # 因此，如果 Gitea 实例的超时时间比此时间短，任务可能会被 Gitea 实例停止。
+      timeout: 3h
+      # 关闭时等待正在运行的任务完成的超时时间。
+      # 在此超时时间后仍未完成的任务将被取消。
+      shutdown_timeout: 0s
+      # 是否跳过验证 Gitea 实例的 TLS 证书。
+      insecure: false
+      # 从 Gitea 实例获取任务的超时时间。
+      fetch_timeout: 5s
+      # 从 Gitea 实例获取任务的间隔时间。
+      fetch_interval: 2s
+      # Runner 的标签用于确定 Runner 可以运行哪些任务以及如何运行它们。
+      # 例如："macos-arm64:host" 或 "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest"
+      # 更多 Gitea 提供的镜像可以在 https://gitea.com/gitea/runner-images 找到。
+      # 如果注册时为空，则会要求输入标签。
+      # 如果执行 `daemon` 时为空，则会使用 `.runner` 文件中的标签。
+      labels:
+        # 特有镜像(标记环境) CN = 国内 canton = 局域网设备 hk = 香港 global = 墙外设备
+        # - "cn:docker://docker.martin98.com/gitea/runner-images:ubuntu-latest"
+        # - "canton:docker://docker.martin98.com/gitea/runner-images:ubuntu-latest"
+        - "de:docker://docker.gitea.com/runner-images:ubuntu-latest"
+        - "global:docker://docker.gitea.com/runner-images:ubuntu-latest"
+        # - "us:docker://docker.gitea.com/runner-images:ubuntu-latest"
+
+---
+kind: Secret
+apiVersion: v1
+metadata:
+  name: runner-secret
+  namespace: gitea
+data:
+  token: MUxNR055bVM1enZsb2dOd3VwaVpnWmpscjhFWmVIcXpFblQzdG53TA==
+type: Opaque
+

k3s-hk.yaml

@@ -0,0 +1,175 @@
+
+---
+kind: StatefulSet
+apiVersion: apps/v1
+metadata:
+  name: k3s-hk-act-runner
+  namespace: gitea
+  labels:
+    app: act-runner
+    k8s.kuboard.cn/name: act-runner
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: act-runner
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: act-runner
+    spec:
+      volumes:
+        - name: docker-certs
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: action
+            items:
+              - key: config
+                path: config.yaml
+            defaultMode: 420
+      containers:
+        - name: runner
+          image: 'gitea/act_runner:nightly'
+          command:
+            - sh
+            - '-c'
+            - >
+              while ! nc -z localhost 2376 </dev/null; do echo 'waiting for
+              docker daemon...'; sleep 5; done; /sbin/tini -- run.sh
+          env:
+            - name: DOCKER_HOST
+              value: 'tcp://localhost:2376'
+            - name: DOCKER_CERT_PATH
+              value: /certs/client
+            - name: DOCKER_TLS_VERIFY
+              value: '1'
+            - name: GITEA_INSTANCE_URL
+              value: 'https://git.martin98.com'
+            - name: GITEA_RUNNER_REGISTRATION_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: runner-secret
+                  key: token
+            - name: CONFIG_FILE
+              value: /config.yaml
+            - name: GITEA_RUNNER_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+          resources: {}
+          volumeMounts:
+            - name: docker-certs
+              mountPath: /certs
+            - name: runner-data
+              mountPath: /data
+            - name: config
+              readOnly: true
+              mountPath: /config.yaml
+              subPath: config.yaml
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: IfNotPresent
+        - name: daemon
+          image: 'docker:23.0.6-dind'
+          env:
+            - name: DOCKER_TLS_CERTDIR
+              value: /certs
+          resources: {}
+          volumeMounts:
+            - name: docker-certs
+              mountPath: /certs
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            privileged: true
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst
+      securityContext: {}
+      schedulerName: default-scheduler
+  volumeClaimTemplates:
+    - kind: PersistentVolumeClaim
+      apiVersion: v1
+      metadata:
+        name: runner-data
+        creationTimestamp: null
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        resources:
+          requests:
+            storage: 50Gi
+        volumeMode: Filesystem
+      status:
+        phase: Pending
+  serviceName: act-runner
+  podManagementPolicy: OrderedReady
+  updateStrategy:
+    type: RollingUpdate
+    rollingUpdate:
+      partition: 0
+  revisionHistoryLimit: 10
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: action
+  namespace: gitea
+data:
+  config: |-
+    runner:
+      # 注册结果的存储位置。
+      file: .runner
+      # 同时执行的任务数量。
+      capacity: 1
+      # 运行任务时的额外环境变量。
+      envs:
+        A_TEST_ENV_NAME_1: a_test_env_value_1
+        A_TEST_ENV_NAME_2: a_test_env_value_2
+      # 从文件中读取的额外环境变量。
+      # 如果为空或文件不存在，则忽略。
+      env_file: .env
+      # 任务完成的超时时间。
+      # 请注意，Gitea 实例也有一个任务超时时间（默认为 3 小时）。
+      # 因此，如果 Gitea 实例的超时时间比此时间短，任务可能会被 Gitea 实例停止。
+      timeout: 3h
+      # 关闭时等待正在运行的任务完成的超时时间。
+      # 在此超时时间后仍未完成的任务将被取消。
+      shutdown_timeout: 0s
+      # 是否跳过验证 Gitea 实例的 TLS 证书。
+      insecure: false
+      # 从 Gitea 实例获取任务的超时时间。
+      fetch_timeout: 5s
+      # 从 Gitea 实例获取任务的间隔时间。
+      fetch_interval: 2s
+      # Runner 的标签用于确定 Runner 可以运行哪些任务以及如何运行它们。
+      # 例如："macos-arm64:host" 或 "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest"
+      # 更多 Gitea 提供的镜像可以在 https://gitea.com/gitea/runner-images 找到。
+      # 如果注册时为空，则会要求输入标签。
+      # 如果执行 `daemon` 时为空，则会使用 `.runner` 文件中的标签。
+      labels:
+        # 特有镜像(标记环境) CN = 国内 canton = 局域网设备 hk = 香港 global = 墙外设备
+        # - "cn:docker://docker.martin98.com/gitea/runner-images:ubuntu-latest"
+        # - "canton:docker://docker.martin98.com/gitea/runner-images:ubuntu-latest"
+        - "hk:docker://docker.gitea.com/runner-images:ubuntu-latest"
+        - "global:docker://docker.gitea.com/runner-images:ubuntu-latest"
+        # - "us:docker://docker.gitea.com/runner-images:ubuntu-latest"
+
+---
+kind: Secret
+apiVersion: v1
+metadata:
+  name: runner-secret
+  namespace: gitea
+data:
+  token: MUxNR055bVM1enZsb2dOd3VwaVpnWmpscjhFWmVIcXpFblQzdG53TA==
+type: Opaque
+