k-space/kube
10
1
Fork 3
Code Issues 31 Pull Requests Activity
78ef148f83
kube/woodpecker/woodpecker-agent.yml

100 lines
2.3 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: ServiceAccount
metadata:
name: woodpecker-agent
namespace: woodpecker-execution
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: woodpecker-agent
namespace: woodpecker-execution
rules:
- apiGroups:
- ''
resources:
- persistentvolumeclaims
verbs:
- create
- delete
- apiGroups:
- ''
resources:
- services
verbs:
- create
- delete
- apiGroups:
- ''
resources:
- pods
- pods/log
verbs:
- watch
- create
- delete
- get
- list
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: woodpecker-agent
namespace: woodpecker-execution
subjects:
- kind: ServiceAccount
name: woodpecker-agent
namespace: woodpecker-execution
roleRef:
kind: Role
name: woodpecker-agent
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: woodpecker-agent
namespace: woodpecker-execution
spec:
replicas: 2
selector:
matchLabels:
app: woodpecker-agent
template:
metadata:
labels:
app: woodpecker-agent
spec:
serviceAccountName: woodpecker-agent
securityContext:
runAsNonRoot: true
runAsUser: 1000
containers:
- name: agent
securityContext:
readOnlyRootFilesystem: false
image: woodpeckerci/woodpecker-agent:next@sha256:703480d98991bb80ee86aa081a7a9db7d4346b9d5bdeaa3f92688d195cd36800
ports:
- name: http
containerPort: 3000
protocol: TCP
env:
- name: WOODPECKER_BACKEND
value: kubernetes
- name: WOODPECKER_BACKEND_K8S_NAMESPACE
value: woodpecker-execution
- name: WOODPECKER_BACKEND_K8S_STORAGE_CLASS
value: woodpecker
- name: WOODPECKER_BACKEND_K8S_STORAGE_RWX
value: "false"
- name: WOODPECKER_BACKEND_K8S_VOLUME_SIZE
value: 100Mi
- name: WOODPECKER_SERVER
value: "woodpecker-grpc.woodpecker.svc.cluster.local:9000"
- name: WOODPECKER_AGENT_SECRET
valueFrom:
secretKeyRef:
name: woodpecker-secret
key: WOODPECKER_AGENT_SECRET
Reference in New Issue View Git Blame Copy Permalink