apiVersion: v1 kind: Namespace metadata: name: forgejo-runners --- apiVersion: v1 kind: Secret metadata: name: forgejo-runner-secret namespace: forgejo-runners type: Opaque stringData: token: "RPAjk4Jdc42By5vSxnULPPPrjU0goPLQIiKgwOIo" --- apiVersion: apps/v1 kind: StatefulSet metadata: name: forgejo-runner namespace: forgejo-runners spec: replicas: 3 serviceName: forgejo-runner selector: matchLabels: app: forgejo-runner template: metadata: labels: app: forgejo-runner spec: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchLabels: app: forgejo-runner topologyKey: kubernetes.io/hostname initContainers: - name: register image: gitea/act_runner:latest command: - sh - -c - | if [ ! -f /data/.runner ]; then act_runner register --no-interactive \ --instance https://git.juntekim.com \ --token "RPAjk4Jdc42By5vSxnULPPPrjU0goPLQIiKgwOIo" \ --name "$(hostname)" \ --labels "self-hosted,linux,x64" else echo "Runner already registered, skipping." fi workingDir: /data volumeMounts: - name: runner-data mountPath: /data containers: - name: runner image: gitea/act_runner:latest command: ["act_runner", "daemon"] workingDir: /data env: - name: DOCKER_HOST value: tcp://localhost:2375 volumeMounts: - name: runner-data mountPath: /data - name: dind image: docker:dind securityContext: privileged: true env: - name: DOCKER_TLS_CERTDIR value: "" volumeMounts: - name: runner-data mountPath: /data volumeClaimTemplates: - metadata: name: runner-data spec: accessModes: - ReadWriteOnce storageClassName: rook-ceph-block resources: requests: storage: 1Gi