apiVersion: v1 kind: PersistentVolumeClaim metadata: name: gitea-runner-data namespace: gitea spec: accessModes: - ReadWriteOnce storageClassName: longhorn resources: requests: storage: 5Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: gitea-runner namespace: gitea spec: replicas: 1 selector: matchLabels: app: gitea-runner template: metadata: labels: app: gitea-runner spec: containers: - name: runner image: gitea/act_runner:latest imagePullPolicy: IfNotPresent env: - name: GITEA_INSTANCE_URL value: "http://gitea.gitea.svc.cluster.local" - name: GITEA_RUNNER_NAME value: "k3s-runner-1" - name: GITEA_RUNNER_LABELS value: "linux-x64:host,ubuntu-latest:docker://node:20-bookworm,alpine:docker://alpine:3.20" - name: GITEA_RUNNER_REGISTRATION_TOKEN valueFrom: secretKeyRef: name: gitea-runner-secret key: GITEA_RUNNER_REGISTRATION_TOKEN - name: DOCKER_HOST value: "tcp://localhost:2375" command: - /bin/sh - -c args: - | set -e if [ ! -f /data/.runner ]; then act_runner register \ --no-interactive \ --instance "${GITEA_INSTANCE_URL}" \ --token "${GITEA_RUNNER_REGISTRATION_TOKEN}" \ --name "${GITEA_RUNNER_NAME}" \ --labels "${GITEA_RUNNER_LABELS}" fi exec act_runner daemon volumeMounts: - name: runner-data mountPath: /data - name: dind image: docker:27-dind imagePullPolicy: IfNotPresent securityContext: privileged: true env: - name: DOCKER_TLS_CERTDIR value: "" volumeMounts: - name: docker-lib mountPath: /var/lib/docker volumes: - name: runner-data persistentVolumeClaim: claimName: gitea-runner-data - name: docker-lib emptyDir: {}