wrenix/helm-charts
1
0
Fork 0
Code Issues 8 Pull requests 8 Projects Packages Activity

fix(forgejo-runner): use configfile with values from helm-chart

Browse source 
Co-authored-by: Lukas <info@devls.de>
This commit is contained in:
WrenIX 2024-05-17 15:27:44 +02:00
parent c4ab2ae7e1
commit 9b48a048d4
Signed by: wrenix
GPG key ID: 7AFDB012974B1BB5
7 changed files with 322 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
forgejo-runner/Chart.yaml
View file

@ -2,7 +2,7 @@ apiVersion: v2
name: forgejo-runner
description: Deploy runner for an forgejo instance (default codeberg.org)
type: application
version: 0.1.19
version: 0.2.0
# renovate: image=code.forgejo.org/forgejo/runner
appVersion: "3.4.1"
maintainers:

161
forgejo-runner/README.adoc
View file

@ -2,7 +2,7 @@
= forgejo-runner
image::https://img.shields.io/badge/Version-0.1.19-informational?style=flat-square[Version: 0.1.19]
image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-3.4.1-informational?style=flat-square[AppVersion: 3.4.1]
== Maintainers
@ -16,6 +16,38 @@ image::https://img.shields.io/badge/AppVersion-3.4.1-informational?style=flat-sq
| <https://wrenix.eu>
|===
== Accessing docker socket inside job containers
To access the docker socket inside the job containers, the following example values may be used (see `values-dind-bypass.yaml`):
[source,yaml]
----
runner:
config:
create: true
existingSecret: ""
file:
log:
level: "info"
runner:
file: ".runner"
capacity: 1
envs:
A_TEST_ENV_NAME_1: null
A_TEST_ENV_NAME_2: null
DOCKER_HOST: tcp://127.0.0.1:2376
DOCKER_TLS_VERIFY: 1
DOCKER_CERT_PATH: /certs/client
container:
network: host
enable_ipv6: false
privileged: false
options: -v /certs/client:/certs/client
valid_volumes:
- /certs/client
----
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
@ -43,7 +75,131 @@ helm uninstall forgejo-runner-release
== Values
.Values
.Values Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
|===
| Key | Type | Default | Description
| runner.config.file.cache.dir
| string
| `""`
| The directory to store the cache data. If it's empty, the cache data will be stored in $HOME/.cache/actcache.
| runner.config.file.cache.enabled
| bool
| `true`
| Enable cache server to use actions/cache.
| runner.config.file.cache.external_server
| string
| `""`
| The external cache server URL. Valid only when enable is true. If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself. The URL should generally end with "/".
| runner.config.file.cache.host
| string
| `""`
| The host of the cache server. It's not for the address to listen, but the address to connect from job containers. So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
| runner.config.file.cache.port
| int
| `0`
| The port of the cache server. 0 means to use a random available port.
| runner.config.file.container.docker_host
| string
| `""`
| overrides the docker client host with the specified one. If it's empty, act_runner will find an available docker host automatically. If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers. If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work.
| runner.config.file.container.enable_ipv6
| bool
| `false`
| Whether to create networks with IPv6 enabled. Requires the Docker daemon to be set up accordingly. Only takes effect if "network" is set to "".
| runner.config.file.container.force_pull
| bool
| `false`
| Pull docker image(s) even if already present
| runner.config.file.container.network
| string
| `""`
| Specifies the network to which the container will connect. Could be host, bridge or the name of a custom network. If it's empty, create a network automatically.
| runner.config.file.container.options
| string
| `nil`
| And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`).
| runner.config.file.container.privileged
| bool
| `false`
| And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`).
| runner.config.file.container.valid_volumes
| list
| `[]`
| Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob You can specify multiple volumes. If the sequence is empty, no volumes can be mounted. For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to: valid_volumes: - data - /src/*.json If you want to allow any volume, please use the following configuration: valid_volumes: - '**'
| runner.config.file.container.workdir_parent
| string
| `nil`
| The parent directory of a job's working directory. If it's empty, /workspace will be used.
| runner.config.file.host.workdir_parent
| string
| `nil`
| The parent directory of a job's working directory. If it's empty, $HOME/.cache/act/ will be used.
| runner.config.file.log.level
| string
| `"info"`
| The level of logging, can be trace, debug, info, warn, error, fatal
| runner.config.file.runner.capacity
| int
| `1`
| Execute how many tasks concurrently at the same time.
| runner.config.file.runner.env_file
| string
| `".env"`
| Extra environment variables to run jobs from a file. It will be ignored if it's empty or the file doesn't exist.
| runner.config.file.runner.envs
| object
| `{"A_TEST_ENV_NAME_1":"a_test_env_value_1","A_TEST_ENV_NAME_2":"a_test_env_value_2"}`
| Extra environment variables to run jobs.
| runner.config.file.runner.fetch_interval
| string
| `"2s"`
| The interval for fetching the job from the Forgejo instance.
| runner.config.file.runner.fetch_timeout
| string
| `"5s"`
| The timeout for fetching the job from the Forgejo instance.
| runner.config.file.runner.file
| string
| `".runner"`
| Runner config which contains id and token of this runner (autogenerate with create)
| runner.config.file.runner.insecure
| bool
| `false`
| Whether skip verifying the TLS certificate of the Forgejo instance.
| runner.config.file.runner.labels
| list
| `[]`
| The labels of a runner are used to determine which jobs the runner can run, and how to run them. Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"] If it's empty when registering, it will ask for inputting labels. If it's empty when execute `deamon`, will use labels in `.runner` file.
| runner.config.file.runner.timeout
| string
| `"3h"`
| The timeout for a job to be finished. Please note that the Forgejo instance also has a timeout (3h by default) for the job. So the job could be stopped by the Forgejo instance if it's timeout is shorter than this.
|===
.Values Other Values
|===
| Key | Type | Default | Description
@ -244,3 +400,4 @@ helm uninstall forgejo-runner-release
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

11
forgejo-runner/_docs.gotmpl
View file

@ -0,0 +1,11 @@
{{ define "chart.prerequirements" -}}
== Accessing docker socket inside job containers
To access the docker socket inside the job containers, the following example values may be used (see `values-dind-bypass.yaml`):
[source,yaml]
----
{{ .Files.Get "values-dind-bypass.yaml" }}
----
{{ end }}

7
forgejo-runner/templates/deployment.yaml
View file

@ -56,7 +56,7 @@ spec:
echo 'waiting for docker daemon...';
sleep 5;
done
/bin/forgejo-runner daemon
/bin/forgejo-runner --config /etc/runner/config.yaml daemon
resources:
{{- toYaml .Values.resources | nindent 12 }}
env:
@ -67,6 +67,8 @@ spec:
- name: DOCKER_TLS_VERIFY
value: "1"
volumeMounts:
- name: runner-configfile
mountPath: /etc/runner
- name: docker-certs
mountPath: /certs
- name: runner-data
@ -95,6 +97,9 @@ spec:
- name: runner-config
secret:
secretName: {{ .Values.runner.config.existingSecret | default (print ( include "forgejo-runner.fullname" . ) "-config") | quote }}
- name: runner-configfile
secret:
secretName: {{ include "forgejo-runner.fullname" . }}-configfile
{{- with .Values.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}

11
forgejo-runner/templates/secrets.yaml Normal file
View file

@ -0,0 +1,11 @@
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "forgejo-runner.fullname" . }}-configfile
labels:
{{- include "forgejo-runner.labels" . | nindent 4 }}
annotations:
config-hash: {{ toYaml .Values.runner.config.file | sha256sum }}
data:
config.yaml: {{ toYaml .Values.runner.config.file | b64enc }}

23
forgejo-runner/values-dind-bypass.yaml Normal file
View file

@ -0,0 +1,23 @@
runner:
config:
create: true
existingSecret: ""
file:
log:
level: "info"
runner:
file: ".runner"
capacity: 1
envs:
A_TEST_ENV_NAME_1: null
A_TEST_ENV_NAME_2: null
DOCKER_HOST: tcp://127.0.0.1:2376
DOCKER_TLS_VERIFY: 1
DOCKER_CERT_PATH: /certs/client
container:
network: host
enable_ipv6: false
privileged: false
options: -v /certs/client:/certs/client
valid_volumes:
- /certs/client

111
forgejo-runner/values.yaml
View file

@ -24,7 +24,118 @@ runner:
instance: https://codeberg.org
name:
token:
# based on https://code.forgejo.org/forgejo/runner/commit/1139bb7d12ff7889694b24731707e153678ab960
file:
log:
# -- The level of logging, can be trace, debug, info, warn, error, fatal
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
level: "info"
runner:
# -- Runner config which contains id and token of this runner (autogenerate with create)
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
file: ".runner"
# -- Execute how many tasks concurrently at the same time.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
capacity: 1
# -- Extra environment variables to run jobs.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
envs:
A_TEST_ENV_NAME_1: a_test_env_value_1
A_TEST_ENV_NAME_2: a_test_env_value_2
# -- Extra environment variables to run jobs from a file.
# It will be ignored if it's empty or the file doesn't exist.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
env_file: .env
# -- The timeout for a job to be finished.
# Please note that the Forgejo instance also has a timeout (3h by default) for the job.
# So the job could be stopped by the Forgejo instance if it's timeout is shorter than this.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
timeout: 3h
# -- Whether skip verifying the TLS certificate of the Forgejo instance.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
insecure: false
# -- The timeout for fetching the job from the Forgejo instance.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
fetch_timeout: 5s
# -- The interval for fetching the job from the Forgejo instance.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
fetch_interval: 2s
# -- The labels of a runner are used to determine which jobs the runner can run, and how to run them.
# Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"]
# If it's empty when registering, it will ask for inputting labels.
# If it's empty when execute `deamon`, will use labels in `.runner` file.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
labels: []
cache:
# -- Enable cache server to use actions/cache.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
enabled: true
# -- The directory to store the cache data.
# If it's empty, the cache data will be stored in $HOME/.cache/actcache.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
dir: ""
# -- The host of the cache server.
# It's not for the address to listen, but the address to connect from job containers.
# So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
host: ""
# -- The port of the cache server.
# 0 means to use a random available port.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
port: 0
# -- The external cache server URL. Valid only when enable is true.
# If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself.
# The URL should generally end with "/".
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
external_server: ""
container:
# -- Specifies the network to which the container will connect.
# Could be host, bridge or the name of a custom network.
# If it's empty, create a network automatically.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
network: ""
# -- Whether to create networks with IPv6 enabled. Requires the Docker daemon to be set up accordingly.
# Only takes effect if "network" is set to "".
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
enable_ipv6: false
# -- And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`).
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
privileged: false
# -- And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`).
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
options:
# -- The parent directory of a job's working directory.
# If it's empty, /workspace will be used.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
workdir_parent:
# -- Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob
# You can specify multiple volumes. If the sequence is empty, no volumes can be mounted.
# For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to:
# valid_volumes:
# - data
# - /src/*.json
# If you want to allow any volume, please use the following configuration:
# valid_volumes:
# - '**'
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
valid_volumes: []
# -- overrides the docker client host with the specified one.
# If it's empty, act_runner will find an available docker host automatically.
# If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers.
# If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
docker_host: ""
# -- Pull docker image(s) even if already present
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
force_pull: false
host:
# -- The parent directory of a job's working directory.
# If it's empty, $HOME/.cache/act/ will be used.
# @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
workdir_parent:
dind:
image:
registry: docker.io