bapung/gitea-runner-operator
1
0
Fork 0
mirror of https://github.com/bapung/gitea-runner-operator.git synced 2026-06-21 23:48:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ce5c7644025d46b69315c12a4e36924eea7a08f9
gitea-runner-operator/README.md
Bapung ce5c764402 add user scope
2026-01-12 21:07:05 +08:00

2.5 KiB
Raw Blame History

Overview

Operator to manage gitea Act runner on Kubernetes

How it works?

  1. It installs a set of CRDs: kind: RunnerGroup in Kubernetes
apiVersion: gitea.bpg.pw/v1alpha1
kind: RunnerGroup
metadata:
  name: my-repo-runner-1
  namespace: gitea-runner-system
spec:
  scope: repo # valid options: global, org or user, repo
  org: myorg # optional; ommited if scope == global; mutually exclusive with user
  user: myusername # optional; ommited if scope == global; mutually exclusive with org
  repo: myreponame # optional; ommited if scope == org || scope == global
  gitea:
    url: https://gitea.bpg.pw
  labels:
    - default
    - app:infra
  maxActiveRunners: 5 #
  registrationToken: # registration token for runner
    secretRef:
      name: gitea-runner-secret-0
      key: registrationToken
  authToken: # token to get list of job status
    secretRef:
      name: gitea-runner-secret-0
      key: authToken
  1. The RunnerGroup controller will continuously watch for queued jobs based on its scope: global, org, or repo. If a new workflow run is detected with status: queued, based on the RunnerGroup's labels, the controller will spawn a new ephemeral runner as a Job.
apiVersion: batch/v1
kind: Job
metadata:
  name: my-repo-runner-1-275f1b8f
  labels:
    app: my-repo-runner-1
    # tags to determine that this resource is managed by the Operator
spec:
  # Optional: Automatically clean up the job after it finishes (e.g., 100 seconds)
  ttlSecondsAfterFinished: 600
  template:
    metadata:
      labels:
        app: act-my-repo-runner-1
    spec:
      restartPolicy: OnFailure
      securityContext:
        fsGroup: 1000
      volumes:
        - name: runner-data
          persistentVolumeClaim:
            claimName: act-runner-vol
      containers:
        - name: runner
          image: gitea/act_runner:nightly-dind-rootless
          imagePullPolicy: Always
          env:
            - name: DOCKER_HOST
              value: tcp://localhost:2376
            - name: DOCKER_CERT_PATH
              value: /certs/client
            - name: DOCKER_TLS_VERIFY
              value: "1"
            - name: GITEA_INSTANCE_URL
              value: https://gitea.bpg.pw
            - name: GITEA_RUNNER_EPHEMERAL # always ephemeral
              value: "1"
            - name: GITEA_RUNNER_REGISTRATION_TOKEN
              valueFrom:
                secretKeyRef:
                  name: gitea-runner-secret-0
                  key: registrationToken
          securityContext:
            privileged: true
Reference in New Issue View Git Blame Copy Permalink