infra: configure act_runner with host networking so job containers reach dind

2026-05-11 21:11:49 +00:00 · 2026-05-11 21:11:49 +00:00 · 9727c66d8d
parent b4df833efb
commit 9727c66d8d
1 changed files with 67 additions and 0 deletions
--- a/platform/gitea/runner.yaml
+++ b/platform/gitea/runner.yaml
@ -0,0 +1,67 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: act-runner-config
+  namespace: gitea
+data:
+  config.yaml: |
+    container:
+      network: "host"
+      privileged: false
+      options:
+    docker_host: "tcp://localhost:2375"
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gitea-runner
+  namespace: gitea
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gitea-runner
+  template:
+    metadata:
+      labels:
+        app: gitea-runner
+    spec:
+      containers:
+      - name: runner
+        image: gitea/act_runner:latest
+        env:
+        - name: GITEA_INSTANCE_URL
+          value: http://gitea.gitea.svc.cluster.local:3000
+        - name: GITEA_RUNNER_REGISTRATION_TOKEN
+          value: wTLWFq5PSkIVGRBceCD9cKLtIWGTtGkFNelmJY3I
+        - name: GITEA_RUNNER_NAME
+          value: cluster-runner
+        - name: DOCKER_HOST
+          value: tcp://localhost:2375
+        - name: CONFIG_FILE
+          value: /etc/act-runner/config.yaml
+        volumeMounts:
+        - name: runner-data
+          mountPath: /data
+        - name: runner-config
+          mountPath: /etc/act-runner
+      - name: dind
+        image: docker:dind
+        securityContext:
+          privileged: true
+        env:
+        - name: DOCKER_TLS_CERTDIR
+          value: ""
+        ports:
+        - containerPort: 2375
+        volumeMounts:
+        - name: docker-graph-storage
+          mountPath: /var/lib/docker
+      volumes:
+      - name: runner-data
+        emptyDir: {}
+      - name: docker-graph-storage
+        emptyDir: {}
+      - name: runner-config
+        configMap:
+          name: act-runner-config