Gitea act runner setup

Setup some quick gitea act runners with docker support

Fri, 08 Mar 2024

Gitea has their own runner service that is a drop in replacement for github actions. While I was using Gitea actions it ran workflows directly from github actions without having to alter most of the steps. I was quite happy about it. In order to use Gitea Actions you do need to turn it in, I made a post on Monday about how to add that to your Gitea config

apiVersion: v1
stringData:
  token: "" # your registration token, can be found in the admin page
kind: Secret
metadata:
  name: runner-secret
  namespace: gitea
type: Opaque
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  labels:
    app: act-runner
  name: act-runner
  namespace: gitea
spec:
  replicas: 3 # will create 3 instances on separate nodes 
  selector:
    matchLabels:
      app: act-runner
  template:
    metadata:
      labels:
        app: act-runner
    spec:
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 100
              podAffinityTerm:
                labelSelector:
                  matchExpressions:
                    - key: app.kubernetes.io/name
                      operator: In
                      values:
                        - act-runner
                topologyKey: kubernetes.io/hostname
      volumes:
        - name: docker-certs
          emptyDir: {}
      securityContext:
        fsGroup: 1000
      containers:
      - name: act-runner
        image: gitea/act_runner:nightly
        command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"]
        resources:
          limits:
            memory: "2Gi"
          requests:
            memory: "2Gi"
        env:
        - name: DOCKER_HOST
          value: tcp://localhost:2376
        - name: DOCKER_CERT_PATH
          value: /certs/client
        - name: DOCKER_TLS_VERIFY
          value: "1"
        - name: GITEA_RUNNER_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: GITEA_INSTANCE_URL
          value: http://gitea-http:3000
        - name: GITEA_RUNNER_REGISTRATION_TOKEN
          valueFrom:
            secretKeyRef:
              name: runner-secret
              key: token
        volumeMounts:
          - name: docker-certs
            mountPath: /certs
      - name: daemon
        image: docker:24.0.7-dind
        env:
          - name: DOCKER_TLS_CERTDIR
            value: /certs
        securityContext:
          privileged: true
        volumeMounts:
          - name: docker-certs
            mountPath: /certs
  volumeClaimTemplates:
  - metadata:
      name: gitea
      namespace: gitea
    spec:
      accessModes:
        - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: nfs-client

The start command is mostly there as a workaround for docker in docker as its not properly supported yet.

Buy Me A CoffeeDigitalOcean Referral Badge
Loading...
Edward Beazer

Edward Beazer - I just like to build shit. Sometimes I get stuck for hours, even days while trying to figure out how to solve an issue or implement a new feature. Hope my tips and tutorials can save you some time.

DigitalOcean Referral Badge