Labels doesn't get respected on Kubernetes #149

New issue

Open

opened 2024-02-08 10:33:07 +00:00 by ReptoxX · 0 comments

ReptoxX commented

2024-02-08 10:33:07 +00:00

My current ConfigMap doesn't get respected within the runner. The runner always uses node:16-bullseye.
When i shell into the pod, the /config/config.yaml is accessible and correct.

apiVersion: v1
kind: ConfigMap
metadata:
  name: runner-config
  namespace: forgejo
data:
  config.yaml: |
    log:
      level: info

    runner:
      capacity: 2
      envs:
        A_TEST_ENV_NAME_1: a_test_env_value_1
        A_TEST_ENV_NAME_2: a_test_env_value_2
      env_file: .env
      # The timeout for a job to be finished.
      # Please note that the Forgejo instance also has a timeout (3h by default) for the job.
      # So the job could be stopped by the Forgejo instance if it's timeout is shorter than this.
      timeout: 3h
      # Whether skip verifying the TLS certificate of the Forgejo instance.
      insecure: false
      # The timeout for fetching the job from the Forgejo instance.
      fetch_timeout: 30s
      # The interval for fetching the job from the Forgejo instance.
      fetch_interval: 2s
      # The labels of a runner are used to determine which jobs the runner can run, and how to run them.
      # Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"]
      # If it's empty when registering, it will ask for inputting labels.
      # If it's empty when execute `deamon`, will use labels in `.runner` file.
      labels:
        - "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest"
        - "ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04"
        - "ubuntu-20.04:docker://ghcr.io/catthehacker/ubuntu:act-20.04"
        - "cth-ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest"
        - "docker:docker://node:20-bookworm"

    cache:
      # Enable cache server to use actions/cache.
      enabled: true
      # The directory to store the cache data.
      # If it's empty, the cache data will be stored in $HOME/.cache/actcache.
      dir: ""
      # The host of the cache server.
      # It's not for the address to listen, but the address to connect from job containers.
      # So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
      host: ""
      # The port of the cache server.
      # 0 means to use a random available port.
      port: 0

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: forgejo-runner
  name: forgejo-runner
  namespace: forgejo
spec:
  # Two replicas means that if one is busy, the other can pick up jobs.
  replicas: 2
  selector:
    matchLabels:
      app: forgejo-runner
  strategy: {}
  template:
    metadata:
      labels:
        app: forgejo-runner
    spec:
      restartPolicy: Always
      volumes:
        - name: docker-certs
          emptyDir: {}
        - name: runner-data
          emptyDir: {}
        - name: runner-config
          configMap:
            name: runner-config
            items:
              - key: config.yaml
                path: config.yaml
      containers:
        - name: runner
          image: code.forgejo.org/forgejo/runner:3.3.0
          command:
            [
              "sh",
              "-c",
              "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; forgejo-runner daemon --config /config/config.yaml",
            ]
          env:
            - name: DOCKER_HOST
              value: tcp://localhost:2376
            - name: DOCKER_CERT_PATH
              value: /certs/client
            - name: DOCKER_TLS_VERIFY
              value: "1"
          volumeMounts:
            - name: docker-certs
              mountPath: /certs
            - name: runner-data
              mountPath: /data
            - name: runner-config
              mountPath: /config
          resources:
            limits:
              cpu: "1"
              memory: "1024Mi"
        - name: daemon
          image: docker:23.0.6-dind
          env:
            - name: DOCKER_TLS_CERTDIR
              value: /certs
          securityContext:
            privileged: true
          volumeMounts:
            - name: docker-certs
              mountPath: /certs
          resources:
            limits:
              cpu: "2"
              memory: "4096Mi"

My current ConfigMap doesn't get respected within the runner. The runner always uses node:16-bullseye. When i shell into the pod, the /config/config.yaml is accessible and correct. ``` apiVersion: v1 kind: ConfigMap metadata: name: runner-config namespace: forgejo data: config.yaml: | log: level: info runner: capacity: 2 envs: A_TEST_ENV_NAME_1: a_test_env_value_1 A_TEST_ENV_NAME_2: a_test_env_value_2 env_file: .env # The timeout for a job to be finished. # Please note that the Forgejo instance also has a timeout (3h by default) for the job. # So the job could be stopped by the Forgejo instance if it's timeout is shorter than this. timeout: 3h # Whether skip verifying the TLS certificate of the Forgejo instance. insecure: false # The timeout for fetching the job from the Forgejo instance. fetch_timeout: 30s # The interval for fetching the job from the Forgejo instance. fetch_interval: 2s # The labels of a runner are used to determine which jobs the runner can run, and how to run them. # Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"] # If it's empty when registering, it will ask for inputting labels. # If it's empty when execute `deamon`, will use labels in `.runner` file. labels: - "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest" - "ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04" - "ubuntu-20.04:docker://ghcr.io/catthehacker/ubuntu:act-20.04" - "cth-ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest" - "docker:docker://node:20-bookworm" cache: # Enable cache server to use actions/cache. enabled: true # The directory to store the cache data. # If it's empty, the cache data will be stored in $HOME/.cache/actcache. dir: "" # The host of the cache server. # It's not for the address to listen, but the address to connect from job containers. # So 0.0.0.0 is a bad choice, leave it empty to detect automatically. host: "" # The port of the cache server. # 0 means to use a random available port. port: 0 ``` ``` apiVersion: apps/v1 kind: Deployment metadata: labels: app: forgejo-runner name: forgejo-runner namespace: forgejo spec: # Two replicas means that if one is busy, the other can pick up jobs. replicas: 2 selector: matchLabels: app: forgejo-runner strategy: {} template: metadata: labels: app: forgejo-runner spec: restartPolicy: Always volumes: - name: docker-certs emptyDir: {} - name: runner-data emptyDir: {} - name: runner-config configMap: name: runner-config items: - key: config.yaml path: config.yaml containers: - name: runner image: code.forgejo.org/forgejo/runner:3.3.0 command: [ "sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; forgejo-runner daemon --config /config/config.yaml", ] env: - name: DOCKER_HOST value: tcp://localhost:2376 - name: DOCKER_CERT_PATH value: /certs/client - name: DOCKER_TLS_VERIFY value: "1" volumeMounts: - name: docker-certs mountPath: /certs - name: runner-data mountPath: /data - name: runner-config mountPath: /config resources: limits: cpu: "1" memory: "1024Mi" - name: daemon image: docker:23.0.6-dind env: - name: DOCKER_TLS_CERTDIR value: /certs securityContext: privileged: true volumeMounts: - name: docker-certs mountPath: /certs resources: limits: cpu: "2" memory: "4096Mi" ``` ![image](/attachments/b2473a92-a567-4571-a430-7c1c8e182f23)

image.png

294 KiB