fix(forgejo-runner): use initContainer to make .runner writeable

2023-12-21 02:09:53 +01:00 · 2023-12-21 02:09:53 +01:00 · 7a46cdc082
commit 7a46cdc082
parent 0c068f9b5a
3 changed files with 25 additions and 6 deletions
--- a/forgejo-runner/Chart.yaml
+++ b/forgejo-runner/Chart.yaml
@ -2,6 +2,6 @@ apiVersion: v2
 name: forgejo-runner
 description: Deploy runner for an forgejo instance (default codeberg.org)
 type: application
-version: 0.1.3
+version: 0.1.4

 appVersion: "3.2.0"
--- a/forgejo-runner/templates/deployment.yaml
+++ b/forgejo-runner/templates/deployment.yaml
@ -30,13 +30,25 @@ spec:
      serviceAccountName: {{ include "forgejo-runner.serviceAccountName" . }}
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      initContainers:
+        - name: make-config-writeable
+          image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          command: [ "/bin/cp", "/etc/runner/.runner", "/data/.runner" ]
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+            - name: runner-config
+              mountPath: /etc/runner
      containers:
        - name: runner
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          command: [ "/bin//forgejo-runner", "daemon" ]
+          command: [ "/bin/forgejo-runner", "daemon" ]
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          env:
@ -51,8 +63,6 @@ spec:
              mountPath: /certs
            - name: runner-data
              mountPath: /data
-            - name: runner-cache
-              mountPath: /data/.cache
        - name: dind
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
@ -72,9 +82,9 @@ spec:
      volumes:
        - name: docker-certs
          emptyDir: {}
-        - name: runner-cache
-          emptyDir: {}
        - name: runner-data
+          emptyDir: {}
+        - name: runner-config
          secret:
            secretName: {{ .Values.runner.config.existingSecret | default (print ( include "forgejo-runner.fullname" . ) "-config") | quote }}
        {{- with .Values.volumes }}
--- a/forgejo-runner/templates/jobs.yaml
+++ b/forgejo-runner/templates/jobs.yaml
@ -9,6 +9,9 @@ metadata:
  labels:
    app.kubernetes.io/component: config-generate-job
    {{- include "forgejo-runner.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
@ -17,6 +20,9 @@ metadata:
  labels:
    app.kubernetes.io/component: config-generate-job
    {{- include "forgejo-runner.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
 rules:
  - apiGroups:
      - ""
@ -36,6 +42,9 @@ metadata:
  labels:
    app.kubernetes.io/component: config-generate-job
    {{- include "forgejo-runner.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role