Fixed forgejo-runner helm chart

2024-11-22 13:01:46 +01:00 · 2024-11-22 13:01:46 +01:00 · 0361226bde
commit 0361226bde
parent edfdc8561c
9 changed files with 257 additions and 3 deletions
--- a/kind/forgejo-runner/.helmignore
+++ b/kind/forgejo-runner/.helmignore
@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/kind/forgejo-runner/Chart.yaml
+++ b/kind/forgejo-runner/Chart.yaml
@ -0,0 +1,24 @@
+apiVersion: v2
+name: forgejo-runner
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
--- a/kind/forgejo-runner/templates/NOTES.txt
+++ b/kind/forgejo-runner/templates/NOTES.txt
@ -0,0 +1,7 @@
+{{- if not .Values.registration.enabled}}
+You will have to manually create a secret with the registration token, since you have not specified the registration token in the values.yaml file.
+
+To create a secret with the registration token, run the following command:
+
+  kubectl create secret generic {{ include "forgejo-runner.fullname" . }}-token --from-literal=token=<token>
+{{- end}}
--- a/kind/forgejo-runner/templates/_helpers.tpl
+++ b/kind/forgejo-runner/templates/_helpers.tpl
@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "forgejo-runner.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "forgejo-runner.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "forgejo-runner.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "forgejo-runner.labels" -}}
+helm.sh/chart: {{ include "forgejo-runner.chart" . }}
+{{ include "forgejo-runner.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "forgejo-runner.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "forgejo-runner.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "forgejo-runner.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "forgejo-runner.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
--- a/kind/forgejo-runner/templates/deployment.yaml
+++ b/kind/forgejo-runner/templates/deployment.yaml
@ -0,0 +1,82 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    {{- include "forgejo-runner.labels" . | nindent 4 }}
+  name: {{ include "forgejo-runner.fullname" . }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "forgejo-runner.selectorLabels" . | nindent 6 }}
+  strategy: {}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "forgejo-runner.labels" . | nindent 8 }}
+	{{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      volumes:
+      - name: docker-certs
+        emptyDir: {}
+      - name: runner-data
+        emptyDir: {}
+      initContainers:
+        - name: runner-register
+          image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+          command: ["forgejo-runner", "register", "--no-interactive", "--token", $(RUNNER_SECRET), "--name", $(RUNNER_NAME), "--instance", $(FORGEJO_INSTANCE_URL)]
+          env:
+            - name: RUNNER_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: RUNNER_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "forgejo-runner.fullname" . }}-token
+                  key: token
+            - name: FORGEJO_INSTANCE_URL
+              value: {{ .Values.forgejoUrl }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+      containers:
+      - name: runner
+        image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+        command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; forgejo-runner daemon"]
+        env:
+        - name: DOCKER_HOST
+          value: tcp://localhost:2376
+        - name: DOCKER_CERT_PATH
+          value: /certs/client
+        - name: DOCKER_TLS_VERIFY
+          value: "1"
+        volumeMounts:
+        - name: docker-certs
+          mountPath: /certs
+        - name: runner-data
+          mountPath: /data
+      - name: daemon
+        image: docker:23.0.6-dind
+        env:
+        - name: DOCKER_TLS_CERTDIR
+          value: /certs
+        securityContext:
+          privileged: true
+        volumeMounts:
+        - name: docker-certs
+          mountPath: /certs
--- a/kind/forgejo-runner/templates/secret.yaml
+++ b/kind/forgejo-runner/templates/secret.yaml
@ -0,0 +1,13 @@
+{{- if .Values.registration.enabled }}
+# Secret data.
+# You will need to retrive this from the web UI, and your Forgejo instance must be running v1.21+
+# Alternatively, create this with
+# kubectl create secret generic runner-secret --from-literal=token=your_offline_token_here
+apiVersion: v1
+stringData:
+  token: {{ .Values.registration.token }}
+kind: Secret
+metadata:
+  name: {{ include "forgejo-runner.fullname" . }}-token
+  namespace: {{ .Release.Namespace }}
+{{- end }}
--- a/kind/forgejo-runner/values.yaml
+++ b/kind/forgejo-runner/values.yaml
@ -0,0 +1,45 @@
+replicaCount: 2
+
+image:
+  repository: code.forgejo.org/forgejo/runner
+  pullPolicy: IfNotPresent
+  tag: "3.5.1"
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+podAnnotations: {}
+podLabels: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+
+resources:
+  limits:
+    cpu: 500m
+    memory: 128Mi
+  requests:
+    cpu: 100m
+    memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+registration:
+  enabled: false
+  token: ""
+
+forgejoUrl: http://forgejo-http.forgejo.svc.cluster.local:3000
--- a/kind/stacks/core/forgejo-runner.yaml
+++ b/kind/stacks/core/forgejo-runner.yaml
@ -16,7 +16,7 @@ spec:
    name: in-cluster
    namespace: gitea
  sources:
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW/forgejo-runner.git
+    - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot
      path: forgejo-runner
      targetRevision: HEAD
      helm:
--- a/kind/stacks/core/forgejo-runner/values.yaml
+++ b/kind/stacks/core/forgejo-runner/values.yaml
@ -2,5 +2,3 @@ registration:
  enabled: false
  token: ""
  # kubectl create secret generic forgejo-runner-token --from-literal=token=TOKENID
-
-forgejoUrl: http://forgejo-http.gitea.svc.cluster.local:3000