From 1d908965a8dbb3dd33fa078b4cd4a74d3dc2cfe2 Mon Sep 17 00:00:00 2001 From: grandmou Date: Tue, 28 Jan 2025 17:17:57 +0000 Subject: [PATCH] feat(act_runner): allow to mount volumes (#756) ### Description of the change In the act_runner StatefulSet, this allows to mount volumes. ### Benefits It allows to mount some volumes in any of the two containers, e.g. certificates for a private registry. ### Possible drawbacks I can't think of any. ### Applicable issues - Fixes #744 ### Checklist - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [X] Helm templating unittests are added (required when changing anything in `templates` folder) Co-authored-by: Xav Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/756 Reviewed-by: justusbunsi Co-authored-by: grandmou Co-committed-by: grandmou --- README.md | 67 +++++++++++---------- templates/gitea/act_runner/statefulset.yaml | 9 +++ unittests/helm/act_runner/statefulset.yaml | 52 ++++++++++++++++ values.yaml | 7 +++ 4 files changed, 103 insertions(+), 32 deletions(-) diff --git a/README.md b/README.md index 473beb2..574cabd 100644 --- a/README.md +++ b/README.md @@ -1026,38 +1026,41 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo ### Gitea Actions -| Name | Description | Value | -| ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | -| `actions.enabled` | Create an act runner StatefulSet. | `false` | -| `actions.init.image.repository` | The image used for the init containers | `busybox` | -| `actions.init.image.tag` | The image tag used for the init containers | `1.37.0` | -| `actions.statefulset.annotations` | Act runner annotations | `{}` | -| `actions.statefulset.labels` | Act runner labels | `{}` | -| `actions.statefulset.resources` | Act runner resources | `{}` | -| `actions.statefulset.nodeSelector` | NodeSelector for the statefulset | `{}` | -| `actions.statefulset.tolerations` | Tolerations for the statefulset | `[]` | -| `actions.statefulset.affinity` | Affinity for the statefulset | `{}` | -| `actions.statefulset.actRunner.repository` | The Gitea act runner image | `gitea/act_runner` | -| `actions.statefulset.actRunner.tag` | The Gitea act runner tag | `0.2.11` | -| `actions.statefulset.actRunner.pullPolicy` | The Gitea act runner pullPolicy | `IfNotPresent` | -| `actions.statefulset.actRunner.config` | Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details. | `Too complex. See values.yaml` | -| `actions.statefulset.dind.repository` | The Docker-in-Docker image | `docker` | -| `actions.statefulset.dind.tag` | The Docker-in-Docker image tag | `25.0.2-dind` | -| `actions.statefulset.dind.pullPolicy` | The Docker-in-Docker pullPolicy | `IfNotPresent` | -| `actions.statefulset.dind.extraEnvs` | Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY` | `[]` | -| `actions.provisioning.enabled` | Create a job that will create and save the token in a Kubernetes Secret | `false` | -| `actions.provisioning.annotations` | Job's annotations | `{}` | -| `actions.provisioning.labels` | Job's labels | `{}` | -| `actions.provisioning.resources` | Job's resources | `{}` | -| `actions.provisioning.nodeSelector` | NodeSelector for the job | `{}` | -| `actions.provisioning.tolerations` | Tolerations for the job | `[]` | -| `actions.provisioning.affinity` | Affinity for the job | `{}` | -| `actions.provisioning.ttlSecondsAfterFinished` | ttl for the job after finished in order to allow helm to properly recognize that the job completed | `300` | -| `actions.provisioning.publish.repository` | The image that can create the secret via kubectl | `bitnami/kubectl` | -| `actions.provisioning.publish.tag` | The publish image tag that can create the secret | `1.29.0` | -| `actions.provisioning.publish.pullPolicy` | The publish image pullPolicy that can create the secret | `IfNotPresent` | -| `actions.existingSecret` | Secret that contains the token | `""` | -| `actions.existingSecretKey` | Secret key | `""` | +| Name | Description | Value | +| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | +| `actions.enabled` | Create an act runner StatefulSet. | `false` | +| `actions.init.image.repository` | The image used for the init containers | `busybox` | +| `actions.init.image.tag` | The image tag used for the init containers | `1.37.0` | +| `actions.statefulset.annotations` | Act runner annotations | `{}` | +| `actions.statefulset.labels` | Act runner labels | `{}` | +| `actions.statefulset.resources` | Act runner resources | `{}` | +| `actions.statefulset.nodeSelector` | NodeSelector for the statefulset | `{}` | +| `actions.statefulset.tolerations` | Tolerations for the statefulset | `[]` | +| `actions.statefulset.affinity` | Affinity for the statefulset | `{}` | +| `actions.statefulset.extraVolumes` | Extra volumes for the statefulset | `[]` | +| `actions.statefulset.actRunner.repository` | The Gitea act runner image | `gitea/act_runner` | +| `actions.statefulset.actRunner.tag` | The Gitea act runner tag | `0.2.11` | +| `actions.statefulset.actRunner.pullPolicy` | The Gitea act runner pullPolicy | `IfNotPresent` | +| `actions.statefulset.actRunner.extraVolumeMounts` | Allows mounting extra volumes in the act runner container | `[]` | +| `actions.statefulset.actRunner.config` | Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details. | `Too complex. See values.yaml` | +| `actions.statefulset.dind.repository` | The Docker-in-Docker image | `docker` | +| `actions.statefulset.dind.tag` | The Docker-in-Docker image tag | `25.0.2-dind` | +| `actions.statefulset.dind.pullPolicy` | The Docker-in-Docker pullPolicy | `IfNotPresent` | +| `actions.statefulset.dind.extraVolumeMounts` | Allows mounting extra volumes in the Docker-in-Docker container | `[]` | +| `actions.statefulset.dind.extraEnvs` | Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY` | `[]` | +| `actions.provisioning.enabled` | Create a job that will create and save the token in a Kubernetes Secret | `false` | +| `actions.provisioning.annotations` | Job's annotations | `{}` | +| `actions.provisioning.labels` | Job's labels | `{}` | +| `actions.provisioning.resources` | Job's resources | `{}` | +| `actions.provisioning.nodeSelector` | NodeSelector for the job | `{}` | +| `actions.provisioning.tolerations` | Tolerations for the job | `[]` | +| `actions.provisioning.affinity` | Affinity for the job | `{}` | +| `actions.provisioning.ttlSecondsAfterFinished` | ttl for the job after finished in order to allow helm to properly recognize that the job completed | `300` | +| `actions.provisioning.publish.repository` | The image that can create the secret via kubectl | `bitnami/kubectl` | +| `actions.provisioning.publish.tag` | The publish image tag that can create the secret | `1.29.0` | +| `actions.provisioning.publish.pullPolicy` | The publish image pullPolicy that can create the secret | `IfNotPresent` | +| `actions.existingSecret` | Secret that contains the token | `""` | +| `actions.existingSecretKey` | Secret key | `""` | ### Gitea diff --git a/templates/gitea/act_runner/statefulset.yaml b/templates/gitea/act_runner/statefulset.yaml index c4a7fef..996778c 100644 --- a/templates/gitea/act_runner/statefulset.yaml +++ b/templates/gitea/act_runner/statefulset.yaml @@ -70,6 +70,9 @@ spec: name: docker-certs - mountPath: /data name: data-act-runner + {{- with .Values.actions.statefulset.actRunner.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: dind image: "{{ .Values.actions.statefulset.dind.repository }}:{{ .Values.actions.statefulset.dind.tag }}" imagePullPolicy: {{ .Values.actions.statefulset.dind.pullPolicy }} @@ -90,6 +93,9 @@ spec: volumeMounts: - mountPath: /certs/server name: docker-certs + {{- with .Values.actions.statefulset.dind.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.actions.statefulset.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -108,6 +114,9 @@ spec: name: {{ include "gitea.fullname" . }}-act-runner-config - name: docker-certs emptyDir: {} + {{- with .Values.actions.statefulset.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} volumeClaimTemplates: - metadata: name: data-act-runner diff --git a/unittests/helm/act_runner/statefulset.yaml b/unittests/helm/act_runner/statefulset.yaml index 06ed3ef..323fef6 100644 --- a/unittests/helm/act_runner/statefulset.yaml +++ b/unittests/helm/act_runner/statefulset.yaml @@ -128,3 +128,55 @@ tests: value: name: "CUSTOM_ENV_NAME" value: "custom env value" + - it: should mount an extra volume in the act runner container + template: templates/gitea/act_runner/statefulset.yaml + set: + actions: + enabled: true + statefulset: + extraVolumes: + - name: my-act-runner-volume + emptyDir: {} + actRunner: + extraVolumeMounts: + - mountPath: /mnt + name: my-act-runner-volume + asserts: + - hasDocuments: + count: 1 + - containsDocument: + kind: StatefulSet + apiVersion: apps/v1 + name: gitea-unittests-act-runner + - contains: + any: true + path: spec.template.spec.containers[0].volumeMounts + content: + mountPath: /mnt + name: my-act-runner-volume + - it: should mount an extra volume in the docker-in-docker container + template: templates/gitea/act_runner/statefulset.yaml + set: + actions: + enabled: true + statefulset: + extraVolumes: + - name: my-dind-volume + emptyDir: {} + dind: + extraVolumeMounts: + - mountPath: /mnt + name: my-dind-volume + asserts: + - hasDocuments: + count: 1 + - containsDocument: + kind: StatefulSet + apiVersion: apps/v1 + name: gitea-unittests-act-runner + - contains: + any: true + path: spec.template.spec.containers[1].volumeMounts + content: + mountPath: /mnt + name: my-dind-volume diff --git a/values.yaml b/values.yaml index 3058cbc..07e4af4 100644 --- a/values.yaml +++ b/values.yaml @@ -361,13 +361,16 @@ signing: ## @param actions.statefulset.nodeSelector NodeSelector for the statefulset ## @param actions.statefulset.tolerations Tolerations for the statefulset ## @param actions.statefulset.affinity Affinity for the statefulset +## @param actions.statefulset.extraVolumes Extra volumes for the statefulset ## @param actions.statefulset.actRunner.repository The Gitea act runner image ## @param actions.statefulset.actRunner.tag The Gitea act runner tag ## @param actions.statefulset.actRunner.pullPolicy The Gitea act runner pullPolicy +## @param actions.statefulset.actRunner.extraVolumeMounts Allows mounting extra volumes in the act runner container ## @param actions.statefulset.actRunner.config [default: Too complex. See values.yaml] Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details. ## @param actions.statefulset.dind.repository The Docker-in-Docker image ## @param actions.statefulset.dind.tag The Docker-in-Docker image tag ## @param actions.statefulset.dind.pullPolicy The Docker-in-Docker pullPolicy +## @param actions.statefulset.dind.extraVolumeMounts Allows mounting extra volumes in the Docker-in-Docker container ## @param actions.statefulset.dind.extraEnvs Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY` ## @param actions.provisioning.enabled Create a job that will create and save the token in a Kubernetes Secret ## @param actions.provisioning.annotations Job's annotations @@ -391,11 +394,13 @@ actions: nodeSelector: {} tolerations: [] affinity: {} + extraVolumes: [] actRunner: repository: gitea/act_runner tag: 0.2.11 pullPolicy: IfNotPresent + extraVolumeMounts: [] # See full example here: https://gitea.com/gitea/act_runner/src/branch/main/internal/pkg/config/config.example.yaml config: | @@ -408,6 +413,8 @@ actions: repository: docker tag: 25.0.2-dind pullPolicy: IfNotPresent + extraVolumeMounts: [] + # If the container keeps crashing in your environment, you might have to add the `DOCKER_IPTABLES_LEGACY` environment variable. # See https://github.com/docker-library/docker/issues/463#issuecomment-1881909456 extraEnvs: []