gitlab-runner k8s

gitlab-runner.yaml

kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: gitlab-ci
  namespace: gitlab
rules:
  - apiGroups: ["*"]
    resources: ["*"]
    verbs: ["*"]

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: gitlab-ci
  namespace: gitlab

---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: gitlab-ci
  namespace: gitlab
roleRef:
  kind: Role
  name: gitlab-ci
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: gitlab-ci
  namespace: gitlab

---
apiVersion: v1
kind: Secret
metadata:
  name: gitlab-runner
  namespace: gitlab
  labels:
    app: gitlab-runner
type: Opaque
data:
  runner-registration-token: <base64encodedRegToken>
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: gitlab-runner
  namespace: gitlab
data:
  entrypoint: |
    #!/bin/bash
    set -xe

    cp /scripts/config.toml /etc/gitlab-runner/

    # Register the runner
    /entrypoint register --non-interactive \
      --url $GITLAB_URL \
      --executor kubernetes

    # Start the runner
    exec /entrypoint run --user=gitlab-runner \
      --working-directory=/home/gitlab-runner
  unregister: |
    #!/bin/bash
    set -xe
    # Unregister the runner
    /entrypoint unregister --name $HOSTNAME

  config.toml: |
    concurrent = 10
    check_interval = 30
    metrics_server = ":80"
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: gitlab-runner
  namespace: gitlab
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: gitlab-runner
      annotations:
        prometheus.io/port: '80'
        prometheus.io/scrape: 'true'
    spec:
      serviceAccountName: gitlab-ci
      containers:
      - name: gitlab-runner
        image: gitlab/gitlab-runner:alpine-v9.0.3
        command: ["/bin/bash", "/scripts/entrypoint"]
        lifecycle:
          preStop:
            exec:
              command: ["/bin/bash","/scripts/unregister"]
        env:
        - name: GITLAB_URL
          value: "https://gitlab.example.com"
        - name: REGISTRATION_TOKEN
          valueFrom:
            secretKeyRef:
              name: gitlab-runner
              key: runner-registration-token
        - name: KUBERNETES_IMAGE
          value: "docker:latest"
        - name: KUBERNETES_PRIVILEGED
          value: "true"
        - name: KUBERNETES_NAMESPACE
          value: gitlab
        - name: KUBERNETES_CPU_LIMIT
          value: ""
        - name: KUBERNETES_MEMORY_LIMIT
          value: ""
        - name: KUBERNETES_CPU_REQUEST
          value: "100m"
        - name: KUBERNETES_MEMORY_REQUEST
          value: "128Mi"
        - name: KUBERNETES_SERVICE_CPU_LIMIT
          value: ""
        - name: KUBERNETES_SERVICE_MEMORY_LIMIT
          value: ""
        - name: KUBERNETES_SERVICE_CPU_REQUEST
          value: "100m"
        - name: KUBERNETES_SERVICE_MEMORY_REQUEST
          value: "128Mi"
        - name: KUBERNETES_HELPERS_CPU_LIMIT
          value: ""
        - name: KUBERNETES_HELPERS_MEMORY_LIMIT
          value: ""
        - name: KUBERNETES_HELPERS_CPU_REQUEST
          value: "100m"
        - name: KUBERNETES_HELPERS_MEMORY_REQUEST
          value: "128Mi"
        livenessProbe:
          exec:
            command: ["/usr/bin/pgrep","gitlab-ci-multi"]
          initialDelaySeconds: 60
          timeoutSeconds: 1
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        readinessProbe:
          exec:
            command: ["/usr/bin/pgrep","gitlab-ci-multi"]
          initialDelaySeconds: 10
          timeoutSeconds: 1
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        volumeMounts:
        - name: scripts
          mountPath: /scripts
        resources:
      volumes:
      - name: scripts
        configMap:
          name: gitlab-runner