update
This commit is contained in:
@@ -9,3 +9,7 @@ dependencies:
|
||||
- name: gitlab-runner
|
||||
repository: https://charts.gitlab.io/
|
||||
version: 0.69.0
|
||||
- name: gitlab-runner
|
||||
repository: https://charts.gitlab.io/
|
||||
version: 0.69.0
|
||||
alias: personal
|
||||
|
||||
@@ -24,3 +24,21 @@ apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: vault
|
||||
|
||||
---
|
||||
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: gitlab-secret-personal
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: vault
|
||||
kind: ClusterSecretStore
|
||||
target:
|
||||
name: gitlab-secret
|
||||
data:
|
||||
- secretKey: runner-token
|
||||
remoteRef:
|
||||
key: kv/gitlab/runner
|
||||
property: runner-token-personal
|
||||
|
||||
@@ -69,3 +69,75 @@ gitlab-runner:
|
||||
requests:
|
||||
memory: 128Mi
|
||||
cpu: 500m
|
||||
|
||||
personal:
|
||||
|
||||
image:
|
||||
registry: registry.durp.info
|
||||
image: gitlab-org/gitlab-runner
|
||||
|
||||
imagePullPolicy: Always
|
||||
gitlabUrl: https://gitlab.com/
|
||||
unregisterRunner: false
|
||||
terminationGracePeriodSeconds: 3600
|
||||
concurrent: 10
|
||||
checkInterval: 30
|
||||
|
||||
rbac:
|
||||
create: true
|
||||
rules: []
|
||||
clusterWideAccess: false
|
||||
podSecurityPolicy:
|
||||
enabled: false
|
||||
resourceNames:
|
||||
- gitlab-runner
|
||||
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
service:
|
||||
enabled: true
|
||||
annotations: {}
|
||||
|
||||
runners:
|
||||
config: |
|
||||
[[runners]]
|
||||
[runners.kubernetes]
|
||||
namespace = "{{.Release.Namespace}}"
|
||||
image = "ubuntu:22.04"
|
||||
privileged = true
|
||||
|
||||
executor: kubernetes
|
||||
name: "k3s"
|
||||
runUntagged: true
|
||||
privileged: true
|
||||
secret: gitlab-secret-personal
|
||||
#builds:
|
||||
#cpuLimit: 200m
|
||||
#cpuLimitOverwriteMaxAllowed: 400m
|
||||
#memoryLimit: 256Mi
|
||||
#memoryLimitOverwriteMaxAllowed: 512Mi
|
||||
#cpuRequests: 100m
|
||||
#cpuRequestsOverwriteMaxAllowed: 200m
|
||||
#memoryRequests: 128Mi
|
||||
#memoryRequestsOverwriteMaxAllowed: 256Mi
|
||||
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
readOnlyRootFilesystem: false
|
||||
runAsNonRoot: true
|
||||
privileged: false
|
||||
capabilities:
|
||||
drop: ["ALL"]
|
||||
|
||||
podSecurityContext:
|
||||
runAsUser: 100
|
||||
fsGroup: 65533
|
||||
|
||||
resources:
|
||||
limits:
|
||||
memory: 2Gi
|
||||
requests:
|
||||
memory: 128Mi
|
||||
cpu: 500m
|
||||
|
||||
Reference in New Issue
Block a user