actions runner image and instruct for werf
For deploying RunnerDeployment you must consider some points:
- Use proper security contexts
- Build image wth proper utils
- mount fuse device with plugin (if you use Linux kernel without rootless OverlayFS and non-privileged container)
- if you use Linux kernel without rootless OverlayFS and non-privileged container don't forget to mount your fuse device
apiVersion: actions.summerwind.dev/v1alpha1
kind: RunnerDeployment
metadata:
name: runner
namespace: actions-runner-system
spec:
replicas: 1
template:
metadata:
annotations:
container.apparmor.security.beta.kubernetes.io/runner: unconfined
spec:
imagePullSecrets:
- name: registrysecret
image: <Builded image>
securityContext:
seccompProfile:
type: Unconfined
organization: MyOrg
dockerEnabled: false
resources:
limits:
github.com/fuse: 1