apiVersion: v1
kind: Namespace
metadata:
  name: gitlab-runner

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: gitlab-admin
  namespace: gitlab-runner
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: gitlab-runner
  name: gitlab-admin
rules:
  - apiGroups: ['*']
    resources: ['*']
    verbs: ['*']

---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: gitlab-admin
  namespace: gitlab-runner
subjects:
  - kind: ServiceAccount
    name: gitlab-admin
    namespace: gitlab-runner
roleRef:
  kind: Role
  name: gitlab-admin
  apiGroup: rbac.authorization.k8s.io

---
apiVersion: rbac.authorization.k8s.io/v1
kind: "ClusterRole"
metadata:
  name: gitlab-runner
rules:
  - apiGroups: ["*"]
    resources: ["*"]
    verbs: ["*"]

---
apiVersion: rbac.authorization.k8s.io/v1
kind: "ClusterRoleBinding"
metadata:
  name: gitlab-runner
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: "ClusterRole"
  name: gitlab-runner
subjects:
  - kind: ServiceAccount
    name: default
    namespace: gitlab-runner

---
# apiVersion: v1
# kind: ConfigMap
# metadata:
  # name: gitlab-runner-config
  # namespace: gitlab-runner
# data:
  # config.toml: |-
    # concurrent = 4
    # [[runners]]
      # name = "Kubernetes Demo Runner"
      # url = "https://gitlab.com/ci"
      # token = "[TOKEN]"
      # executor = "kubernetes"
      # [runners.kubernetes]
        # namespace = "gitlab-runner"
        # poll_timeout = 600
        # cpu_request = "1"
        # service_cpu_request = "200m" 
# ---

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: gitlab-runner
  namespace: gitlab-runner
spec:
  replicas: 1
  selector:
    matchLabels:
      name: gitlab-runner
  template:
    metadata:
      labels:
        name: gitlab-runner
    spec:
      serviceAccountName: gitlab-admin
      containers:
        - args:
            - run
          image: gitlab/gitlab-runner:v16.8.0
          imagePullPolicy: IfNotPresent
          name: gitlab-runner
          resources:
            requests:
              cpu: '100m'
            limits:
              cpu: '100m'
          volumeMounts:
            - name: gitlab-runner-config
              mountPath: /etc/gitlab-runner
      volumes:
        - name: gitlab-runner-config
          persistentVolumeClaim:
            claimName: 'gitlab-runner-pvc'
      restartPolicy: Always

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  namespace: gitlab-runner
  name: gitlab-runner-pvc
spec:
  accessModes: ["ReadWriteOnce"]
  storageClassName: "gitlab-runner-storage"
  resources:
    requests:
      storage: 10Mi
      
---
apiVersion: v1
kind: PersistentVolume
metadata:
  namespace: gitlab-runner
  name: gitlab-runner-pv
spec:
  capacity:
    storage: 10Mi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  hostPath:
    path: /data/gitlab-runner
    type: ""
  storageClassName: "gitlab-runner-storage"
  volumeMode: Filesystem