add kubernetes volume

gitrunner/git-runner-cm.yaml

@@ -0,0 +1,77 @@
+apiVersion: v1
+data:
+  check-live: |
+    #!/bin/bash
+    if /usr/bin/pgrep -f .*register-the-runner; then
+      exit 0
+    elif /usr/bin/pgrep gitlab.*runner; then
+      exit 0
+    else
+      exit 1
+    fi
+  config.toml: |
+    concurrent = 10
+    check_interval = 30
+    log_level = "info"
+    listen_address = '[::]:9252'
+  configure: |
+    set -e
+    cp /init-secrets/* /secrets
+  entrypoint: |
+    #!/bin/bash
+    set -e
+    mkdir -p /home/gitlab-runner/.gitlab-runner/
+    cp /scripts/config.toml /home/gitlab-runner/.gitlab-runner/
+
+    # Register the runner
+    if [[ -f /secrets/accesskey && -f /secrets/secretkey ]]; then
+      export CACHE_S3_ACCESS_KEY=$(cat /secrets/accesskey)
+      export CACHE_S3_SECRET_KEY=$(cat /secrets/secretkey)
+    fi
+
+    if [[ -f /secrets/gcs-applicaton-credentials-file ]]; then
+      export GOOGLE_APPLICATION_CREDENTIALS="/secrets/gcs-applicaton-credentials-file"
+    else
+      if [[ -f /secrets/gcs-access-id && -f /secrets/gcs-private-key ]]; then
+        export CACHE_GCS_ACCESS_ID=$(cat /secrets/gcs-access-id)
+        # echo -e used to make private key multiline (in google json auth key private key is oneline with \n)
+        export CACHE_GCS_PRIVATE_KEY=$(echo -e $(cat /secrets/gcs-private-key))
+      fi
+    fi
+
+    if [[ -f /secrets/runner-registration-token ]]; then
+      export REGISTRATION_TOKEN=$(cat /secrets/runner-registration-token)
+    fi
+
+    if [[ -f /secrets/runner-token ]]; then
+      export CI_SERVER_TOKEN=$(cat /secrets/runner-token)
+    fi
+
+    if ! sh /scripts/register-the-runner; then
+      exit 1
+    fi
+
+    # Temporary workaround until https://gitlab.com/gitlab-org/gitlab-runner/issues/4228
+    # is merged
+    sed -n '30,$p' /home/gitlab-runner/.gitlab-runner/config.toml >> /home/gitlab-runner/custom_commands
+    sed -e '30,$d' -i /home/gitlab-runner/.gitlab-runner/config.toml
+    cat /scripts/kubernetes.volumes | sed -e '1d' | sed '1,$s/^/      /' >> /home/gitlab-runner/.gitlab-runner/config.toml
+    cat /home/gitlab-runner/custom_commands >> /home/gitlab-runner/.gitlab-runner/config.toml
+
+    # Start the runner
+    /entrypoint run --user=gitlab-runner \
+      --working-directory=/home/gitlab-runner
+  kubernetes.volumes: "\n[[runners.kubernetes.volumes.pvc]]\n  mount_path = \"/builds/\"\n
+    \ name = \"gitrunner-workspace\"\n  read_only = false\n  \n"
+  register-the-runner: "#!/bin/bash\nMAX_REGISTER_ATTEMPTS=30\n\nfor i in $(seq
+    1 \"${MAX_REGISTER_ATTEMPTS}\"); do\n  echo \"Registration attempt ${i} of ${MAX_REGISTER_ATTEMPTS}\"\n
+    \ /entrypoint register \\\n    --non-interactive\n\n  retval=$?\n\n  if [ ${retval}
+    = 0 ]; then\n    break\n  elif [ ${i} = ${MAX_REGISTER_ATTEMPTS} ]; then\n    exit
+    1\n  fi\n\n  sleep 5 \ndone\n\nexit 0\n"
+kind: ConfigMap
+metadata:
+  labels:
+    app: gitrunner-gitlab-runner
+    chart: gitlab-runner-0.8.0-beta
+    release: gitrunner
+  name: gitrunner-gitlab-runner

gitrunner/git-runner-secret.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+data:
+  runner-registration-token: amRDemFmcEpMZ0hNeExuekh0WEo=
+  runner-token: ""
+kind: Secret
+metadata:
+  labels:
+    app: gitrunner-gitlab-runner
+    chart: gitlab-runner-0.8.0-beta
+    release: gitrunner
+  name: gitrunner-gitlab-runner
+type: Opaque

gitrunner/git-runner.yaml

@@ -0,0 +1,205 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  annotations:
+    deployment.kubernetes.io/revision: "1"
+  generation: 1
+  labels:
+    app: gitrunner-gitlab-runner
+    chart: gitlab-runner-0.8.0-beta
+    release: gitrunner
+  name: gitrunner-gitlab-runner
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gitrunner-gitlab-runner
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        prometheus.io/port: "9252"
+        prometheus.io/scrape: "true"
+      labels:
+        app: gitrunner-gitlab-runner
+    spec:
+      containers:
+      - command:
+        - /bin/bash
+        - /scripts/entrypoint
+        env:
+        - name: CI_SERVER_URL
+          value: http://g.xxx.com.cn/ci/
+        - name: CLONE_URL
+        - name: RUNNER_REQUEST_CONCURRENCY
+          value: "1"
+        - name: RUNNER_EXECUTOR
+          value: kubernetes
+        - name: REGISTER_LOCKED
+          value: "true"
+        - name: RUNNER_TAG_LIST
+          value: kubernetes-runner
+        - name: KUBERNETES_IMAGE
+          value: ubuntu:16.04
+        - name: KUBERNETES_PRIVILEGED
+          value: "true"
+        - name: KUBERNETES_NAMESPACE
+          value: default
+        - name: KUBERNETES_CPU_LIMIT
+        - name: KUBERNETES_MEMORY_LIMIT
+        - name: KUBERNETES_CPU_REQUEST
+        - name: KUBERNETES_MEMORY_REQUEST
+        - name: KUBERNETES_SERVICE_ACCOUNT
+        - name: KUBERNETES_SERVICE_CPU_LIMIT
+        - name: KUBERNETES_SERVICE_MEMORY_LIMIT
+        - name: KUBERNETES_SERVICE_CPU_REQUEST
+        - name: KUBERNETES_SERVICE_MEMORY_REQUEST
+        - name: KUBERNETES_HELPER_CPU_LIMIT
+        - name: KUBERNETES_HELPER_MEMORY_LIMIT
+        - name: KUBERNETES_HELPER_CPU_REQUEST
+        - name: KUBERNETES_HELPER_MEMORY_REQUEST
+        - name: KUBERNETES_HELPER_IMAGE
+        - name: KUBERNETES_PULL_POLICY
+        image: gitlab/gitlab-runner:alpine-v11.6.0
+        imagePullPolicy: IfNotPresent
+        lifecycle:
+          preStop:
+            exec:
+              command:
+              - gitlab-runner
+              - unregister
+              - --all-runners
+        livenessProbe:
+          exec:
+            command:
+            - /bin/bash
+            - /scripts/check-live
+          failureThreshold: 3
+          initialDelaySeconds: 60
+          periodSeconds: 10
+          successThreshold: 1
+          timeoutSeconds: 1
+        name: gitrunner-gitlab-runner
+        ports:
+        - containerPort: 9252
+          name: metrics
+          protocol: TCP
+        readinessProbe:
+          exec:
+            command:
+            - /usr/bin/pgrep
+            - gitlab.*runner
+          failureThreshold: 3
+          initialDelaySeconds: 10
+          periodSeconds: 10
+          successThreshold: 1
+          timeoutSeconds: 1
+        resources:
+          limits:
+            cpu: 200m
+            memory: 256Mi
+          requests:
+            cpu: 10m
+            memory: 128Mi
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+        volumeMounts:
+        - mountPath: /secrets
+          name: runner-secrets
+        - mountPath: /home/gitlab-runner/.gitlab-runner
+          name: etc-gitlab-runner
+        - mountPath: /scripts
+          name: scripts
+      dnsPolicy: ClusterFirst
+      initContainers:
+      - command:
+        - sh
+        - /config/configure
+        env:
+        - name: CI_SERVER_URL
+          value: http://g.xxx.com.cn/ci/
+        - name: CLONE_URL
+        - name: RUNNER_REQUEST_CONCURRENCY
+          value: "1"
+        - name: RUNNER_EXECUTOR
+          value: kubernetes
+        - name: REGISTER_LOCKED
+          value: "true"
+        - name: RUNNER_TAG_LIST
+          value: kubernetes-runner
+        - name: KUBERNETES_IMAGE
+          value: ubuntu:16.04
+        - name: KUBERNETES_PRIVILEGED
+          value: "true"
+        - name: KUBERNETES_NAMESPACE
+          value: default
+        - name: KUBERNETES_CPU_LIMIT
+        - name: KUBERNETES_MEMORY_LIMIT
+        - name: KUBERNETES_CPU_REQUEST
+        - name: KUBERNETES_MEMORY_REQUEST
+        - name: KUBERNETES_SERVICE_ACCOUNT
+        - name: KUBERNETES_SERVICE_CPU_LIMIT
+        - name: KUBERNETES_SERVICE_MEMORY_LIMIT
+        - name: KUBERNETES_SERVICE_CPU_REQUEST
+        - name: KUBERNETES_SERVICE_MEMORY_REQUEST
+        - name: KUBERNETES_HELPER_CPU_LIMIT
+        - name: KUBERNETES_HELPER_MEMORY_LIMIT
+        - name: KUBERNETES_HELPER_CPU_REQUEST
+        - name: KUBERNETES_HELPER_MEMORY_REQUEST
+        - name: KUBERNETES_HELPER_IMAGE
+        - name: KUBERNETES_PULL_POLICY
+        image: gitlab/gitlab-runner:alpine-v11.6.0
+        imagePullPolicy: IfNotPresent
+        name: configure
+        resources:
+          limits:
+            cpu: 200m
+            memory: 256Mi
+          requests:
+            cpu: 10m
+            memory: 128Mi
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+        volumeMounts:
+        - mountPath: /secrets
+          name: runner-secrets
+        - mountPath: /config
+          name: scripts
+          readOnly: true
+        - mountPath: /init-secrets
+          name: init-runner-secrets
+          readOnly: true
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext:
+        fsGroup: 65533
+        runAsUser: 100
+      serviceAccount: gitlab
+      serviceAccountName: gitlab
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - emptyDir:
+          medium: Memory
+        name: runner-secrets
+      - emptyDir:
+          medium: Memory
+        name: etc-gitlab-runner
+      - name: init-runner-secrets
+        projected:
+          defaultMode: 420
+          sources:
+          - secret:
+              items:
+              - key: runner-registration-token
+                path: runner-registration-token
+              - key: runner-token
+                path: runner-token
+              name: gitrunner-gitlab-runner
+      - configMap:
+          defaultMode: 420
+          name: gitrunner-gitlab-runner
+        name: scripts