diff --git a/kubernetes/main/apps/devtools/gh-actions-runners/ks.yaml b/kubernetes/main/apps/devtools/gh-actions-runners/ks.yaml new file mode 100644 index 00000000..1a2f059d --- /dev/null +++ b/kubernetes/main/apps/devtools/gh-actions-runners/ks.yaml @@ -0,0 +1,43 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app gha-runner-scale-set + namespace: flux-system +spec: + targetNamespace: devtools + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/main/apps/devtools/gh-actions-runners/operator/ + prune: true + sourceRef: + kind: GitRepository + name: homelab + wait: false + interval: 30m + timeout: 5m + +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app gha-runner-scale-set-controller + namespace: flux-system +spec: + targetNamespace: devtools + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: external-secrets-stores + path: ./kubernetes/main/apps/devtools/gh-actions-runners/runners + prune: true + sourceRef: + kind: GitRepository + name: homelab + wait: false + interval: 30m + timeout: 5m diff --git a/kubernetes/main/apps/devtools/gh-actions-runners/operator/externalsecret.yaml b/kubernetes/main/apps/devtools/gh-actions-runners/operator/externalsecret.yaml new file mode 100644 index 00000000..5f054940 --- /dev/null +++ b/kubernetes/main/apps/devtools/gh-actions-runners/operator/externalsecret.yaml @@ -0,0 +1,24 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: actions-runner-controller-auth +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: actions-runner-controller-auth-secret + template: + engineVersion: v2 + data: + github_app_id: |- + {{ .ACTION_RUNNER_CONTROLLER_GITHUB_APP_ID }} + github_app_installation_id: |- + {{ .ACTION_RUNNER_CONTROLLER_GITHUB_INSTALLATION_ID }} + github_app_private_key: |- + {{ .ACTION_RUNNER_CONTROLLER_GITHUB_PRIVATE_KEY }} + dataFrom: + - extract: + key: actions-runner-controller diff --git a/kubernetes/main/apps/devtools/gh-actions-runners/operator/helmrelease.yaml b/kubernetes/main/apps/devtools/gh-actions-runners/operator/helmrelease.yaml new file mode 100644 index 00000000..64cd7d43 --- /dev/null +++ b/kubernetes/main/apps/devtools/gh-actions-runners/operator/helmrelease.yaml @@ -0,0 +1,28 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: gha-runner-scale-set-controller +spec: + interval: 30m + chart: + spec: + chart: gha-runner-scale-set-controller + version: 0.9.2 + sourceRef: + kind: HelmRepository + name: actions-runner-controller + namespace: flux-system + install: + crds: CreateReplace + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + crds: CreateReplace + remediation: + strategy: rollback + retries: 3 + values: + fullnameOverride: gha-runner-scale-set-controller diff --git a/kubernetes/main/flux/repositories/oci/kustomization.yaml b/kubernetes/main/apps/devtools/gh-actions-runners/operator/kustomization.yaml similarity index 71% rename from kubernetes/main/flux/repositories/oci/kustomization.yaml rename to kubernetes/main/apps/devtools/gh-actions-runners/operator/kustomization.yaml index 8fb7c142..9a81b16a 100644 --- a/kubernetes/main/flux/repositories/oci/kustomization.yaml +++ b/kubernetes/main/apps/devtools/gh-actions-runners/operator/kustomization.yaml @@ -2,4 +2,6 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: [] +resources: + - externalsecret.yaml + - helmrelease.yaml diff --git a/kubernetes/main/apps/devtools/gh-actions-runners/runners/helmrelease.yaml b/kubernetes/main/apps/devtools/gh-actions-runners/runners/helmrelease.yaml new file mode 100644 index 00000000..1732a525 --- /dev/null +++ b/kubernetes/main/apps/devtools/gh-actions-runners/runners/helmrelease.yaml @@ -0,0 +1,45 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: gha-runner-scale-set +spec: + interval: 30m + chart: + spec: + chart: gha-runner-scale-set + version: 0.9.2 + sourceRef: + kind: HelmRepository + name: actions-runner-controller + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + dependsOn: + - name: gha-runner-scale-set-controller + namespace: devtools + values: + nameOverride: gha-runner-scale-set + runnerScaleSetName: gha-runner-scale-set + githubConfigSecret: actions-runner-controller-auth-secret + githubConfigUrl: https://github.com/unusualpseudo/homelab + minRunners: 1 + maxRunners: 3 + containerMode: + type: dind + template: + spec: + containers: + - name: runner + image: ghcr.io/onedr0p/actions-runner:2.320.0@sha256:b3f9eb8fc31aada52e9fbccb567973ed70ed1c35d856e44a9a78caeb962dd8a4 + command: ["/home/runner/run.sh"] + controllerServiceAccount: + name: gha-runner-scale-set-controller + namespace: devtools diff --git a/kubernetes/main/flux/repositories/git/kustomization.yaml b/kubernetes/main/apps/devtools/gh-actions-runners/runners/kustomization.yaml similarity index 80% rename from kubernetes/main/flux/repositories/git/kustomization.yaml rename to kubernetes/main/apps/devtools/gh-actions-runners/runners/kustomization.yaml index 8fb7c142..17cbc72b 100644 --- a/kubernetes/main/flux/repositories/git/kustomization.yaml +++ b/kubernetes/main/apps/devtools/gh-actions-runners/runners/kustomization.yaml @@ -2,4 +2,5 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: [] +resources: + - ./helmrelease.yaml diff --git a/kubernetes/main/apps/devtools/kustomization.yaml b/kubernetes/main/apps/devtools/kustomization.yaml index 3caa4545..83c3063c 100644 --- a/kubernetes/main/apps/devtools/kustomization.yaml +++ b/kubernetes/main/apps/devtools/kustomization.yaml @@ -5,3 +5,4 @@ kind: Kustomization resources: - ./namespace.yaml - ./jenkins/ks.yaml + - ./gh-actions-runners/ks.yaml diff --git a/kubernetes/main/flux/repositories/helm/actions-runner-controller.yaml b/kubernetes/main/flux/repositories/helm/actions-runner-controller.yaml new file mode 100644 index 00000000..ee77ac09 --- /dev/null +++ b/kubernetes/main/flux/repositories/helm/actions-runner-controller.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: actions-runner-controller + namespace: flux-system +spec: + type: oci + interval: 1h + url: oci://ghcr.io/actions/actions-runner-controller-charts diff --git a/kubernetes/main/flux/repositories/helm/kustomization.yaml b/kubernetes/main/flux/repositories/helm/kustomization.yaml index b50c8cb1..05c2dde6 100644 --- a/kubernetes/main/flux/repositories/helm/kustomization.yaml +++ b/kubernetes/main/flux/repositories/helm/kustomization.yaml @@ -21,3 +21,4 @@ resources: - ./longhorn.yaml - ./spark-operator.yaml - ./jenkins.yaml + - ./actions-runner-controller.yaml diff --git a/kubernetes/main/flux/repositories/kustomization.yaml b/kubernetes/main/flux/repositories/kustomization.yaml index 5e6f7afa..ef97e7c0 100644 --- a/kubernetes/main/flux/repositories/kustomization.yaml +++ b/kubernetes/main/flux/repositories/kustomization.yaml @@ -3,6 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - helm - - git - - oci + - ./helm