apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: act-runner
  name: act-runner
  namespace: gitea
spec:
  replicas: 1
  selector:
    matchLabels:
      app: act-runner
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: act-runner
    spec:
      restartPolicy: Always
      volumes:
      - name: runner-data
        persistentVolumeClaim:
          claimName: act-runner-vol
      securityContext:
        fsGroup: 1001
      initContainers:
      - name: wait-for-gitea
        image: busybox:1.36@sha256:9ae97d36d26566ff84e8893c64a6dc4fe8ca6d1144bf5b87b2b85a32def253c7
        command: ['sh', '-c', "until wget https://git.namesny.com 2>/dev/null; do echo waiting for gitea; sleep 2; done"]
      containers:
      - name: runner
        image: gitea/act_runner:latest-dind-rootless@sha256:2f4c10a8354062ff3f8faa1df17006e650dcf21853a34713dfc2ed961f6ca50f
        imagePullPolicy: Always
        env:
        - name: DOCKER_HOST
          value: unix:///var/run/user/1000/docker.sock
        - name: GITEA_INSTANCE_URL
          value: http://gitea-http.gitea.svc.cluster.local:3000
        - name: GITEA_RUNNER_REGISTRATION_TOKEN
          valueFrom:
            secretKeyRef:
              name: runner-secret
              key: token
        securityContext:
          privileged: true
        volumeMounts:
        - name: runner-data
          mountPath: /data