apiVersion: apps/v1 kind: StatefulSet metadata: name: gitea-runner namespace: devops spec: serviceName: gitea-runner replicas: 1 selector: matchLabels: app: gitea-runner template: metadata: labels: app: gitea-runner spec: containers: - name: runner image: gitea/act_runner:latest env: - name: GITEA_INSTANCE_URL value: "https://gitea.milasholsting.dk" - name: GITEA_RUNNER_REGISTRATION_TOKEN valueFrom: secretKeyRef: name: actions-secret key: registerKey - name: DOCKER_HOST value: unix:///var/run/docker/docker.sock - name: GITEA_RUNNER_LABELS value: "ubuntu-latest:docker://catthehacker/ubuntu:act-latest" volumeMounts: - name: data mountPath: /data - name: docker-sock mountPath: /var/run/docker - name: dind image: reg.milasholsting.dk/devops/docker:dind command: ["dockerd"] args: ["--host=unix:///var/run/docker/docker.sock", "--host=tcp://0.0.0.0:2375"] securityContext: privileged: true env: - name: DOCKER_TLS_CERTDIR value: "" # Explicitly disable TLS to stick to the socket volumeMounts: - name: dind-storage mountPath: /var/lib/docker - name: docker-sock mountPath: /var/run/docker volumes: - name: dind-storage emptyDir: {} - name: data emptyDir: {} - name: docker-sock emptyDir: {}