adiroiban/Dockerfile Secret

## arc-runners-windows-values.yaml
#
# Configuration for running the arc-runners-windows GHA runners.
#

#
# We install the runners only on the repo.
#
githubConfigUrl: "https://github.com/ORG/REPO"

## githubConfigSecret is the k8s secrets to use when auth with GitHub API.
## We use a PAT stored in a separate secret
githubConfigSecret: pre-defined-secret


maxRunners: 3

# We keep one running to check that ARC is working.
# Also, it allows easy access to a windows container for any minor testing.
minRunners: 1

## Container mode is an object that provides out-of-box configuration
## for dind and kubernetes mode. Template will be modified as documented under the
## template object.
##
## If any customization is required for dind or kubernetes mode, containerMode should remain
## empty, and configuration should be applied to the template.
containerMode:
  type: "kubernets"  ## type can be set to dind or kubernetes
  ## the following is required when containerMode.type=kubernetes
  kubernetesModeWorkVolumeClaim:
    accessModes: ["ReadWriteOnce"]
    # For local testing, use https://github.com/openebs/dynamic-localpv-provisioner/blob/develop/docs/quickstart.md to provide dynamic provision volume with storageClassName: openebs-hostpath
    storageClassName: "dynamic-blob-storage"
    resources:
      requests:
        storage: 1Gi

## template is the PodSpec for each listener Pod
## For reference: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec
listenerTemplate:
  spec:
    tolerations:
    - key: "node-role.kubernetes.io/control-plane"
      operator: "Exists"
      effect: "NoSchedule"
    nodeSelector:
      'node-role.kubernetes.io/control-plane': ''

    containers:
#     # Use this section to append additional configuration to the listener container.
#     # If you change the name of the container, the configuration will not be applied to the listener,
#     # and it will be treated as a side-car container.
    - name: listener
#       securityContext:
#         runAsUser: 1000
#     # Use this section to add the configuration of a side-car container.
#     # Comment it out or remove it if you don't need it.
#     # Spec for this container will be applied as is without any modifications.
#     - name: side-car
#       image: example-sidecar

## template is the PodSpec for each runner Pod
## For reference:
## https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec
template:
  spec:

    # ADD YOUR SELECTORS HERE
    runtimeClassName: windows-2022
    nodeSelector:
        kubernetes.io/hostname: zephyrus-g14

    containers:
      - name: runner
        # Add your image here.
        image: ghcr.io/ORG/IMAGE-NAME:2.311.0.x64.1
        command: ["run.cmd"]
        args: ["--jitconfig", "$(ACTIONS_RUNNER_INPUT_JITCONFIG)"]
        env:
          # The runner should be updated via the general image.
          - name: DISABLE_RUNNER_UPDATE
            value: "true"
        volumeMounts:
          - name: hostedtoolcache
            mountPath: /opt/hostedtoolcache
    volumes:
      # Very simple local path to allow caching
      - name: hostedtoolcache
        hostPath:
          # directory location on host
          path: "C:/arc"
          type: DirectoryOrCreate

## Dockerfile
# This is the docker file for building our GHA runner with servercore.
# Current size about 5.1GB
#
# The final RUN/CMD/ENTRYPOINT is called by k8s.

FROM mcr.microsoft.com/windows/servercore:ltsc2022
LABEL name=arc-runner-windows

# The "PLATFORM" argument is created to allow injecting it into the
# build environment.
# In this we can share the build scripts between X64 and ARM64.
ARG RUNNER_VERSION=2.311.0
ENV RUNNER_VERSION=$RUNNER_VERSION

WORKDIR /actions-runner

SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop';$ProgressPreference='silentlyContinue';"]

# Get Action runner.
RUN \
    Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v${env:RUNNER_VERSION}/actions-runner-win-x64-${env:RUNNER_VERSION}.zip -OutFile actions-runner-win.zip ; \
    Add-Type -AssemblyName System.IO.Compression.FileSystem ; \
    [System.IO.Compression.ZipFile]::ExtractToDirectory('actions-runner-win.zip', $PWD) ;\
    rm actions-runner-win.zip

# Get Git and Linux tools
RUN powershell Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))

RUN powershell choco install git.install --params "'/GitAndUnixToolsOnPath'" -y

RUN powershell choco feature enable -n allowGlobalConfirmation
	#
	# Configuration for running the arc-runners-windows GHA runners.
	#

	#
	# We install the runners only on the repo.
	#
	githubConfigUrl: "https://github.com/ORG/REPO"

	## githubConfigSecret is the k8s secrets to use when auth with GitHub API.
	## We use a PAT stored in a separate secret
	githubConfigSecret: pre-defined-secret


	maxRunners: 3

	# We keep one running to check that ARC is working.
	# Also, it allows easy access to a windows container for any minor testing.
	minRunners: 1

	## Container mode is an object that provides out-of-box configuration
	## for dind and kubernetes mode. Template will be modified as documented under the
	## template object.
	##
	## If any customization is required for dind or kubernetes mode, containerMode should remain
	## empty, and configuration should be applied to the template.
	containerMode:
	type: "kubernets" ## type can be set to dind or kubernetes
	## the following is required when containerMode.type=kubernetes
	kubernetesModeWorkVolumeClaim:
	accessModes: ["ReadWriteOnce"]
	# For local testing, use https://github.com/openebs/dynamic-localpv-provisioner/blob/develop/docs/quickstart.md to provide dynamic provision volume with storageClassName: openebs-hostpath
	storageClassName: "dynamic-blob-storage"
	resources:
	requests:
	storage: 1Gi

	## template is the PodSpec for each listener Pod
	## For reference: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec
	listenerTemplate:
	spec:
	tolerations:
	- key: "node-role.kubernetes.io/control-plane"
	operator: "Exists"
	effect: "NoSchedule"
	nodeSelector:
	'node-role.kubernetes.io/control-plane': ''

	containers:
	# # Use this section to append additional configuration to the listener container.
	# # If you change the name of the container, the configuration will not be applied to the listener,
	# # and it will be treated as a side-car container.
	- name: listener
	# securityContext:
	# runAsUser: 1000
	# # Use this section to add the configuration of a side-car container.
	# # Comment it out or remove it if you don't need it.
	# # Spec for this container will be applied as is without any modifications.
	# - name: side-car
	# image: example-sidecar

	## template is the PodSpec for each runner Pod
	## For reference:
	## https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec
	template:
	spec:

	# ADD YOUR SELECTORS HERE
	runtimeClassName: windows-2022
	nodeSelector:
	kubernetes.io/hostname: zephyrus-g14

	containers:
	- name: runner
	# Add your image here.
	image: ghcr.io/ORG/IMAGE-NAME:2.311.0.x64.1
	command: ["run.cmd"]
	args: ["--jitconfig", "$(ACTIONS_RUNNER_INPUT_JITCONFIG)"]
	env:
	# The runner should be updated via the general image.
	- name: DISABLE_RUNNER_UPDATE
	value: "true"
	volumeMounts:
	- name: hostedtoolcache
	mountPath: /opt/hostedtoolcache
	volumes:
	# Very simple local path to allow caching
	- name: hostedtoolcache
	hostPath:
	# directory location on host
	path: "C:/arc"
	type: DirectoryOrCreate
	# This is the docker file for building our GHA runner with servercore.
	# Current size about 5.1GB
	#
	# The final RUN/CMD/ENTRYPOINT is called by k8s.

	FROM mcr.microsoft.com/windows/servercore:ltsc2022
	LABEL name=arc-runner-windows

	# The "PLATFORM" argument is created to allow injecting it into the
	# build environment.
	# In this we can share the build scripts between X64 and ARM64.
	ARG RUNNER_VERSION=2.311.0
	ENV RUNNER_VERSION=$RUNNER_VERSION

	WORKDIR /actions-runner

	SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop';$ProgressPreference='silentlyContinue';"]

	# Get Action runner.
	RUN \
	Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v${env:RUNNER_VERSION}/actions-runner-win-x64-${env:RUNNER_VERSION}.zip -OutFile actions-runner-win.zip ; \
	Add-Type -AssemblyName System.IO.Compression.FileSystem ; \
	[System.IO.Compression.ZipFile]::ExtractToDirectory('actions-runner-win.zip', $PWD) ;\
	rm actions-runner-win.zip

	# Get Git and Linux tools
	RUN powershell Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))

	RUN powershell choco install git.install --params "'/GitAndUnixToolsOnPath'" -y

	RUN powershell choco feature enable -n allowGlobalConfirmation