refactoring act-runner-network-stack, added action kubectl-setup
Some checks failed
/ build-docker-image (push) Failing after 8s
Some checks failed
/ build-docker-image (push) Failing after 8s
This commit is contained in:
@@ -25,7 +25,7 @@ jobs:
|
|||||||
id: push
|
id: push
|
||||||
uses: docker/build-push-action@v6
|
uses: docker/build-push-action@v6
|
||||||
with:
|
with:
|
||||||
context: ${{gitea.workspace}}/docker/act-runner-network-stack
|
context: ${{gitea.workspace}}/runners/act-runner-network-stack
|
||||||
file: ${{gitea.workspace}}/docker/act-runner-network-stack/Dockerfile
|
file: ${{gitea.workspace}/runners/act-runner-network-stack/Dockerfile
|
||||||
push: true
|
push: true
|
||||||
tags: git.limbosolutions.com/kb/gitea/act_runner:0.2.13-network-stack
|
tags: git.limbosolutions.com/kb/gitea/act_runner:0.2.13-network-stack
|
||||||
50
README.md
50
README.md
@@ -5,9 +5,9 @@
|
|||||||
- [Gitea dump from docker host](#gitea-dump-from-docker-host)
|
- [Gitea dump from docker host](#gitea-dump-from-docker-host)
|
||||||
- [nginx](#nginx)
|
- [nginx](#nginx)
|
||||||
- [act runner](#act-runner)
|
- [act runner](#act-runner)
|
||||||
- [custom image - with ansible](#custom-image---with-ansible)
|
- [act runner (Official)](#act-runner-official)
|
||||||
- [Official Docker Image](#official-docker-image)
|
- [Docker Compose](#docker-compose)
|
||||||
- [Docker compose](#docker-compose)
|
- [custom act runner - gitea/act\_runner:0.2.13-network-stack](#custom-act-runner---giteaact_runner0213-network-stack)
|
||||||
- [Other References](#other-references)
|
- [Other References](#other-references)
|
||||||
|
|
||||||
## Links
|
## Links
|
||||||
@@ -55,16 +55,9 @@ sudo docker exec -u git -it -w /tmp gitea bash -c '/app/gitea/gitea dump -d post
|
|||||||
|
|
||||||
## act runner
|
## act runner
|
||||||
|
|
||||||
### custom image - with ansible
|
### act runner (Official)
|
||||||
|
|
||||||
[Docker Image](/kb/-/packages/container/gitea%2Fact-runner_ansible/0.2.11)
|
#### Docker Compose
|
||||||
|
|
||||||
[Dockerfile](./docker/act-runner/ansible/Dockerfile)
|
|
||||||
|
|
||||||
### Official Docker Image
|
|
||||||
|
|
||||||
|
|
||||||
#### Docker compose
|
|
||||||
|
|
||||||
``` yaml
|
``` yaml
|
||||||
...
|
...
|
||||||
@@ -89,9 +82,38 @@ sudo docker exec -u git -it -w /tmp gitea bash -c '/app/gitea/gitea dump -d post
|
|||||||
- GITEA_RUNNER_REGISTRATION_TOKEN=<registration token>
|
- GITEA_RUNNER_REGISTRATION_TOKEN=<registration token>
|
||||||
```
|
```
|
||||||
|
|
||||||
https://gitea.com/gitea/act_runner/src/branch/main/examples/docker-compose
|
### custom act runner - gitea/act_runner:0.2.13-network-stack
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
**🚀 Purpose**
|
||||||
|
|
||||||
|
This container equips the Gitea Actions runner with a network‑aware toolchain, making it suitable for continuous deployments in environments where Docker‑in‑Docker or elevated privileges are not available.
|
||||||
|
|
||||||
|
- Kubernetes‑friendly: ships with kubectl and supporting utilities so it can interact directly with clusters.
|
||||||
|
- No privileged mode required: avoids the need for Docker socket mounts or root escalation.
|
||||||
|
- CI/CD ready: includes SSH, Ansible, Node.js, rsync, rclone, and envsubst for orchestration, templating, and asset transfer.
|
||||||
|
|
||||||
|
**📦 Installed packages**
|
||||||
|
|
||||||
|
- 🛡️ openssh-client, 🌐 curl, ⚙️ ansible, 🟦 nodejs, 🔄 rclone, 📤 rsync, and 🔧 envsubst via Alpine’s apk package manager
|
||||||
|
- 🔑 SSH and curl → remote access and HTTP requests
|
||||||
|
- ⚙️ Ansible → configuration management and automation
|
||||||
|
- 🟦 Node.js → JavaScript runtime for workflows
|
||||||
|
- 🔄 Rclone and rsync → file synchronization and transfer
|
||||||
|
- 🔧 envsubst → environment variable substitution in templates
|
||||||
|
- ☸️ kubectl → fetches the latest stable Kubernetes CLI directly from Google Cloud Storage
|
||||||
|
|
||||||
|
**Docker pull**
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
docker pull git.limbosolutions.com/kb/gitea/act_runner:0.2.13-network-stack
|
||||||
|
```
|
||||||
|
|
||||||
|
[Dockerfile source file.](./runners/act-runner-network-stack/Dockerfile)
|
||||||
|
|
||||||
## Other References
|
## Other References
|
||||||
|
|
||||||
- [limbosolutions gitea hosting](https://git.limbosolutions.com) and [git repo](https://git.limbosolutions.com/limbosolutions.com/git.limbosolutions.com)
|
- [git.limbosolution.com](https://git.limbosolutions.com)
|
||||||
|
- [git.limbosolution.com - repo](https://git.limbosolutions.com/limbosolutions.com/git.limbosolutions.com)
|
||||||
|
|
||||||
75
actions/kubectl-setup/action.yaml
Normal file
75
actions/kubectl-setup/action.yaml
Normal file
@@ -0,0 +1,75 @@
|
|||||||
|
name: Setup kubectl
|
||||||
|
description: "Reads kube config from inputs and sets kube config"
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
kube_server:
|
||||||
|
description: "Kubernetes server address and port. Example (https://serverip:6443)"
|
||||||
|
required: true
|
||||||
|
kube_ca_base64:
|
||||||
|
description: "Base64-encoded Kubernetes cluster CA certificate"
|
||||||
|
required: true
|
||||||
|
kube_token:
|
||||||
|
description: "Kubernetes ServiceAccount token"
|
||||||
|
required: true
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: "composite"
|
||||||
|
steps:
|
||||||
|
- name: Create kubeconfig
|
||||||
|
shell: bash
|
||||||
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
# check arguments
|
||||||
|
ERROR=0
|
||||||
|
|
||||||
|
if [ -z "${{ inputs.kube_server }}" ]; then
|
||||||
|
echo "❌ ERROR: kube_server input is empty or not set"
|
||||||
|
$ERROR=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${{ inputs.kube_ca_base64 }}" ]; then
|
||||||
|
echo "❌ ERROR: kube_ca_base64 input is empty or not set"
|
||||||
|
$ERROR=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${{ inputs.kube_server }}" ]; then
|
||||||
|
echo "❌ ERROR: kube_token input is empty or not set"
|
||||||
|
$ERROR=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$ERROR" != 0 ]; then
|
||||||
|
echo "❌ ERROR code $ERROR"
|
||||||
|
exit "$ERROR"
|
||||||
|
fi
|
||||||
|
# end check arguments
|
||||||
|
|
||||||
|
# creates kube config
|
||||||
|
mkdir -p "${GITHUB_TEMP}/.kube"
|
||||||
|
cat <<EOF > "${GITHUB_TEMP}/.kube/config"
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Config
|
||||||
|
clusters:
|
||||||
|
- cluster:
|
||||||
|
certificate-authority-data: ${{ inputs.kube_ca_base64 }}
|
||||||
|
server: ${{ inputs.kube_server }}
|
||||||
|
name: cluster
|
||||||
|
contexts:
|
||||||
|
- context:
|
||||||
|
cluster: cluster
|
||||||
|
namespace: default
|
||||||
|
user: user
|
||||||
|
name: context
|
||||||
|
current-context: context
|
||||||
|
users:
|
||||||
|
- name: user
|
||||||
|
user:
|
||||||
|
token: ${{ inputs.kube_token }}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# sets KUBECONFIG environment variable
|
||||||
|
echo "KUBECONFIG=${GITHUB_TEMP}/.kube/config" >> "${GITHUB_ENV}"
|
||||||
|
|
||||||
|
# tests communication to server (add v argument if debug is required)
|
||||||
|
curl -kv -cacert <(echo "${{ inputs.kube_ca_base64 }}" | base64 -d) -H "Authorization: Bearer ${{ inputs.kube_token }}" ${{ inputs.kube_server }}/version
|
||||||
|
|
||||||
@@ -4,7 +4,6 @@ FROM gitea/act_runner:0.2.13
|
|||||||
RUN echo "build started.." && \
|
RUN echo "build started.." && \
|
||||||
apk add --no-cache openssh-client curl ansible nodejs rclone rsync nodejs envsubst
|
apk add --no-cache openssh-client curl ansible nodejs rclone rsync nodejs envsubst
|
||||||
|
|
||||||
#download latest stable version of kubectl
|
|
||||||
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
|
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
|
||||||
RUN chmod +x ./kubectl
|
RUN chmod +x ./kubectl
|
||||||
RUN mv ./kubectl /usr/local/bin
|
RUN mv ./kubectl /usr/local/bin
|
||||||
Reference in New Issue
Block a user