blob: 73b26b9b2331ee07d3a6d1d10d70aa212947e023 [file] [log] [blame]
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gitlab-runner
namespace: mulk
labels:
name: gitlab-runner
k8s-app: gitlab-runner
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
selector:
matchLabels:
k8s-app: gitlab-runner
name: gitlab-runner
template:
metadata:
labels:
name: gitlab-runner
k8s-app: gitlab-runner
spec:
imagePullSecrets:
- name: portus-token
runtimeClassName: kata
initContainers:
- name: init
image: docker.io/library/busybox:latest
command:
- sh
- -c
- cp -v /conf/gitlab-runner/* /etc/gitlab-runner/
volumeMounts:
- name: config-ro
mountPath: /conf/gitlab-runner
- name: config-rw
mountPath: /etc/gitlab-runner
containers:
- name: master
image: docker.benkard.de/mulk/gitlab-runner:hz62pcfdlpcbxygksisxjznj8bj27v42
securityContext:
# In a Kata container, this only gives the container full
# access to the guest VM rather than the host. (To ensure
# this, it is important to set privileged_without_host_devices
# = true in the [plugins.cri.containerd.runtimes.kata] section
# of containerd's config.toml.)
privileged: true
volumeMounts:
# Configuration data.
- name: config-rw
mountPath: /etc/gitlab-runner
# State.
- name: docker-data
mountPath: /vol/docker-data
- name: tmp
mountPath: /tmp
resources:
requests:
memory: 128Mi
limits:
memory: 8Gi
volumes:
- name: config-ro
secret:
secretName: gitlab-runner-config
- name: config-rw
emptyDir: {}
- name: docker-data
persistentVolumeClaim:
claimName: gitlab-runner-docker
- name: tmp
emptyDir: {}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitlab-runner-docker
namespace: mulk
annotations:
volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
volume.kubernetes.io/selected-node: ifirn
spec:
storageClassName: local-path
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi