{{- if .Values.enabled }} {{- $secretName := include "gitea.actions.workername" (dict "global" . "worker" "actions-token") }} --- apiVersion: apps/v1 kind: StatefulSet metadata: labels: {{- include "gitea.actions.labels.actRunner" . | nindent 4 }} {{- with .Values.statefulset.labels }} {{- toYaml . | nindent 4 }} {{- end }} annotations: {{- with .Values.statefulset.annotations }} {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "gitea.actions.fullname" . }}-act-runner namespace: {{ .Values.namespace | default .Release.Namespace }} spec: replicas: {{ .Values.statefulset.replicas | default 1 }} selector: matchLabels: {{- include "gitea.actions.selectorLabels.actRunner" . | nindent 6 }} template: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-act-runner.yaml") . | sha256sum }} labels: {{- include "gitea.actions.labels.actRunner" . | nindent 8 }} {{- with .Values.statefulset.labels }} {{- toYaml . | nindent 8 }} {{- end }} spec: restartPolicy: Always {{- if .Values.statefulset.serviceAccountName }} serviceAccountName: {{ .Values.statefulset.serviceAccountName }} {{- end }} securityContext: {{- toYaml .Values.statefulset.securityContext | nindent 8 }} initContainers: {{- if .Values.preExtraInitContainers }} {{- toYaml .Values.preExtraInitContainers | nindent 8 }} {{- end }} - name: init-gitea image: "{{ include "gitea.actions.init.image" . }}" command: - sh - -c - | echo 'Trying to reach Gitea on {{ include "gitea.actions.local_root_url" . }}' until timeout 10 wget --no-check-certificate --spider {{ include "gitea.actions.local_root_url" . }}; do sleep 3 echo "Trying again in 3 seconds..." done echo "Gitea has been reached!" - name: dind image: "{{ include "gitea.actions.dind.image" . }}" restartPolicy: Always imagePullPolicy: {{ .Values.statefulset.dind.pullPolicy }} {{- if .Values.statefulset.dind.extraEnvs }} env: {{- toYaml .Values.statefulset.dind.extraEnvs | nindent 12 }} {{- end }} securityContext: privileged: true startupProbe: exec: command: - /usr/bin/test - -S {{- if .Values.statefulset.dind.rootless }} - /run/user/{{ .Values.statefulset.dind.uid | default 1000 }}/docker.sock {{- else }} - /var/run/docker.sock {{- end }} livenessProbe: exec: command: - /usr/bin/test - -S {{- if .Values.statefulset.dind.rootless }} - /run/user/{{ .Values.statefulset.dind.uid | default 1000 }}/docker.sock {{- else }} - /var/run/docker.sock {{- end }} resources: {{- toYaml .Values.statefulset.resources | nindent 12 }} volumeMounts: {{- if .Values.statefulset.dind.rootless }} - mountPath: /run/user/{{ .Values.statefulset.dind.uid | default 1000 }}/ {{- else }} - mountPath: /var/run/ {{- end }} name: docker-socket {{- with .Values.statefulset.dind.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} {{- if .Values.postExtraInitContainers }} {{- toYaml .Values.postExtraInitContainers | nindent 8 }} {{- end }} containers: - name: act-runner image: "{{ include "gitea.actions.actRunner.image" . }}" imagePullPolicy: {{ .Values.statefulset.actRunner.pullPolicy }} workingDir: /data env: - name: GITEA_RUNNER_REGISTRATION_TOKEN valueFrom: secretKeyRef: name: "{{ (tpl .Values.existingSecret . ) | default $secretName }}" key: "{{ (tpl .Values.existingSecretKey . ) | default "token" }}" - name: GITEA_INSTANCE_URL value: {{ include "gitea.actions.local_root_url" . }} - name: CONFIG_FILE value: /actrunner/config.yaml - name: TZ value: {{ .Values.statefulset.timezone | default "Etc/UTC" }} {{- if .Values.statefulset.actRunner.extraEnvs }} {{- toYaml .Values.statefulset.actRunner.extraEnvs | nindent 12 }} {{- end }} resources: {{- toYaml .Values.statefulset.resources | nindent 12 }} volumeMounts: - mountPath: /actrunner/config.yaml name: act-runner-config subPath: config.yaml - mountPath: /var/run/docker.sock name: docker-socket subPath: docker.sock - mountPath: /data name: data-act-runner {{- with .Values.statefulset.actRunner.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} {{- if .Values.global.imagePullSecrets }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - name: {{ . }} {{- end }} {{- end }} {{- range $key, $value := .Values.statefulset.nodeSelector }} nodeSelector: {{ $key }}: {{ $value | quote }} {{- end }} {{- with .Values.statefulset.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.statefulset.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: act-runner-config configMap: name: {{ include "gitea.actions.fullname" . }}-act-runner-config - name: docker-socket emptyDir: {} {{- with .Values.statefulset.extraVolumes }} {{- toYaml . | nindent 8 }} {{- end }} volumeClaimTemplates: - metadata: name: data-act-runner spec: accessModes: [ "ReadWriteOnce" ] {{- if .Values.global.storageClass }} {{- include "gitea.actions.persistence.storageClass" . | indent 8 }} {{- end }} resources: requests: storage: {{ .Values.statefulset.persistence.size }} {{- end }}