turash/k8s/gitea-runners/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitea-runner
  namespace: gitea-runners
  labels:
    app: gitea-runner
spec:
  replicas: 4
  selector:
    matchLabels:
      app: gitea-runner
  template:
    metadata:
      labels:
        app: gitea-runner
    spec:
      containers:
      - name: docker-daemon
        image: docker:dind
        env:
        - name: DOCKER_TLS_CERTDIR
          value: ""
        securityContext:
          privileged: true
        volumeMounts:
        - name: docker-graph-storage
          mountPath: /var/lib/docker
      - name: runner
        image: gitea/act_runner:latest
        env:
        - name: GITEA_INSTANCE_URL
          value: "http://gitea.gitea.svc.cluster.local:3000"
        - name: GITEA_RUNNER_REGISTRATION_TOKEN
          valueFrom:
            secretKeyRef:
              name: gitea-runner-secret
              key: GITEA_RUNNER_REGISTRATION_TOKEN
        - name: GITEA_RUNNER_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: GITEA_RUNNER_LABELS
          value: "ubuntu-latest:docker://node:18-bullseye,ubuntu-22.04:docker://node:18-bullseye,ubuntu-20.04:docker://node:18-bullseye"
        - name: DOCKER_HOST
          value: "tcp://localhost:2375"
        volumeMounts:
        - name: runner-data
          mountPath: /data
        - name: docker-graph-storage
          mountPath: /var/lib/docker
        resources:
          requests:
            memory: "512Mi"
            cpu: "250m"
          limits:
            memory: "2Gi"
            cpu: "2000m"
      volumes:
      - name: runner-data
        emptyDir: {}
      - name: docker-graph-storage
        emptyDir: {}
      dnsPolicy: ClusterFirst