fix cicd - runs-on

.gitea/workflows/app-continous-deploy.yaml

@@ -9,9 +9,7 @@ on:
       - main
 jobs:
   continuous-deploy:
-    runs-on: ubuntu-latest
+    runs-on: ["deploy", "kubectl"]
-    container:
-      image: git.limbosolutions.com/kb/gitea/act:latest-network-stack
     env:
       GITHUB_TEMP: ${{ runner.temp }} # fix missing GITHUB_TEMP on gitea
     steps:

deploy/act-runners/kb/README.md

@@ -0,0 +1,13 @@
+# kb - act-runner
+
+**Deploy app:**
+
+```bash
+./deploy/ops-scripts/apply-app.sh
+```
+
+**Deploy Infra:**
+
+```bash
+./deploy/ops-scripts/apply-infra.sh
+```

deploy/act-runners/kb/deploy/app/.env.d/.gitignore

@@ -0,0 +1,2 @@
+**
+!.gitignore

deploy/act-runners/kb/deploy/app/configmap.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: act-runner
+data:
+  config.yaml: |
+    log:
+      level: info
+
+    runner:
+      capacity: 4
+      labels:
+        - oci-image-builder
+        - kubectl
+        - helm
+        - ansible
+        - ubuntu
+        - network-utils
+        - deploy
+        - amd64
+    cache:
+      enabled: false
+
+    host:
+      workdir: "/data/runner"

deploy/act-runners/kb/deploy/app/deployment.yaml

@@ -0,0 +1,66 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: act-runner
+  labels:
+    app: act-runner
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: act-runner
+  template:
+    metadata:
+      labels:
+        app: act-runner
+    spec:
+      containers:
+        - name: act-runner
+          image: git.limbosolutions.com/kb/gitea/act_runner:0.3-fatboy
+ 
+          imagePullPolicy: Always
+          env:
+            - name: LOG_LEVEL
+              value: "trace"
+
+            - name: CONFIG_FILE
+              value: /etc/act_runner/config.yaml
+            - name: GITEA_INSTANCE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: act-runner
+                  key: GITEA_INSTANCE_URL
+            - name: GITEA_RUNNER_REGISTRATION_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: act-runner
+                  key: GITEA_RUNNER_REGISTRATION_TOKEN
+            - name: GITEA_RUNNER_NAME
+              valueFrom:
+                secretKeyRef:
+                  name: act-runner
+                  key: GITEA_RUNNER_NAME
+
+            - name: GITEA_RUNNER_EPHEMERAL
+              value: "0"
+              
+          resources:
+            requests:
+              memory: "128Mi"
+              cpu: "100m"
+            limits:
+              memory: "512Mi"
+              cpu: "400m"
+          volumeMounts:
+            - name: config-map
+              mountPath: /etc/act_runner/config.yaml
+              subPath: config.yaml
+            - name: runner-data
+              mountPath: /data/runner
+              
+      volumes:
+      - name: config-map
+        configMap: 
+          name: act-runner
+      - name: runner-data
+        emptyDir: {}   # or PVC if you want persistence across pod restarts

deploy/act-runners/kb/deploy/app/kustomization.yaml

@@ -0,0 +1,14 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - configmap.yaml
+  - deployment.yaml
+
+generatorOptions:
+  disableNameSuffixHash: true
+
+secretGenerator:
+  - name: act-runner
+    envs: 
+      - .env.d/.env
+

deploy/act-runners/kb/deploy/ops-scripts/apply-app.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+NAMESPACE=kb-cicd
+kubectl kustomize deploy/app | kubectl --namespace ${NAMESPACE} apply -f -

deploy/act-runners/kb/deploy/ops-scripts/apply-infra.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+NAMESPACE=kb-cicd
+kubectl create namespace ${NAMESPACE} || true

deploy/act-runners/limbosolutions-com/README.md

@@ -0,0 +1,13 @@
+# limbosolutions.com - act-runner
+
+**Deploy app:**
+
+```bash
+./deploy/ops-scripts/apply-app.sh
+```
+
+**Deploy Infra:**
+
+```bash
+./deploy/ops-scripts/apply-infra.sh
+```

deploy/act-runners/limbosolutions-com/deploy/app/.env.d/.gitignore

@@ -0,0 +1,2 @@
+**
+!.gitignore

deploy/act-runners/limbosolutions-com/deploy/app/configmap.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: act-runner
+data:
+  config.yaml: |
+    log:
+      level: info
+
+    runner:
+      capacity: 4
+      labels:
+        - oci-image-builder
+        - kubectl
+        - helm
+        - ansible
+        - ubuntu
+        - network-utils
+        - deploy
+        - amd64
+    cache:
+      enabled: false
+
+    host:
+      workdir: "/data/runner"

deploy/act-runners/limbosolutions-com/deploy/app/deployment.yaml

@@ -0,0 +1,66 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: act-runner
+  labels:
+    app: act-runner
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: act-runner
+  template:
+    metadata:
+      labels:
+        app: act-runner
+    spec:
+      containers:
+        - name: act-runner
+          image: git.limbosolutions.com/kb/gitea/act_runner:0.3-fatboy
+ 
+          imagePullPolicy: Always
+          env:
+            - name: LOG_LEVEL
+              value: "trace"
+
+            - name: CONFIG_FILE
+              value: /etc/act_runner/config.yaml
+            - name: GITEA_INSTANCE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: act-runner
+                  key: GITEA_INSTANCE_URL
+            - name: GITEA_RUNNER_REGISTRATION_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: act-runner
+                  key: GITEA_RUNNER_REGISTRATION_TOKEN
+            - name: GITEA_RUNNER_NAME
+              valueFrom:
+                secretKeyRef:
+                  name: act-runner
+                  key: GITEA_RUNNER_NAME
+
+            - name: GITEA_RUNNER_EPHEMERAL
+              value: "0"
+              
+          resources:
+            requests:
+              memory: "128Mi"
+              cpu: "100m"
+            limits:
+              memory: "512Mi"
+              cpu: "400m"
+          volumeMounts:
+            - name: config-map
+              mountPath: /etc/act_runner/config.yaml
+              subPath: config.yaml
+            - name: runner-data
+              mountPath: /data/runner
+              
+      volumes:
+      - name: config-map
+        configMap: 
+          name: act-runner
+      - name: runner-data
+        emptyDir: {}   # or PVC if you want persistence across pod restarts

deploy/act-runners/limbosolutions-com/deploy/app/kustomization.yaml

@@ -0,0 +1,14 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - configmap.yaml
+  - deployment.yaml
+
+generatorOptions:
+  disableNameSuffixHash: true
+
+secretGenerator:
+  - name: act-runner
+    envs: 
+      - .env.d/.env
+

deploy/act-runners/limbosolutions-com/deploy/ops-scripts/apply-app.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+NAMESPACE=limbosolutions-com-cicd
+kubectl kustomize deploy/app | kubectl --namespace ${NAMESPACE} apply -f - 

deploy/act-runners/limbosolutions-com/deploy/ops-scripts/apply-infra.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+NAMESPACE=limbosolutions-com-cicd
+kubectl create namespace ${NAMESPACE} || true

deploy/backups/cronjobs/pbs-cronjob.yaml

@@ -50,7 +50,7 @@ spec:
 
           containers:
             - name: gitea-pbs-client
-              image: git.limbosolutions.com/kb/pbsclient
+              image: git.limbosolutions.com/kb/pbs-client
               imagePullPolicy: Always
               resources:
                 limits:

deploy/buidkit/deployment.yaml

@@ -0,0 +1,61 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: buildkit-cache
+  namespace: buildkit
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 20Gi
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: buildkitd
+  namespace: buildkit
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: buildkitd
+  template:
+    metadata:
+      labels:
+        app: buildkitd
+    spec:
+      containers:
+        - name: buildkitd
+          image: moby/buildkit:v0.12.5
+          args:
+            - "--addr"
+            - "tcp://0.0.0.0:1234"
+            - "--root"
+            - "/var/lib/buildkit"
+          ports:
+            - containerPort: 1234
+          securityContext:
+            privileged: true
+          volumeMounts:
+            - name: buildkit-cache
+              mountPath: /var/lib/buildkit
+      volumes:
+        - name: buildkit-cache
+          persistentVolumeClaim:
+            claimName: buildkit-cache
+
+---            
+apiVersion: v1
+kind: Service
+metadata:
+  name: buildkitd
+  namespace: buildkit
+spec:
+  selector:
+    app: buildkitd
+  ports:
+    - name: buildkit
+      port: 1234
+      targetPort: 1234