apiVersion: v1 kind: Namespace metadata: name: gitlab-runner --- apiVersion: v1 kind: ServiceAccount metadata: name: gitlab-admin namespace: gitlab-runner --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: gitlab-runner name: gitlab-admin rules: - apiGroups: ['*'] resources: ['*'] verbs: ['*'] --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: gitlab-admin namespace: gitlab-runner subjects: - kind: ServiceAccount name: gitlab-admin namespace: gitlab-runner roleRef: kind: Role name: gitlab-admin apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 kind: "ClusterRole" metadata: name: gitlab-runner rules: - apiGroups: ["*"] resources: ["*"] verbs: ["*"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: "ClusterRoleBinding" metadata: name: gitlab-runner roleRef: apiGroup: rbac.authorization.k8s.io kind: "ClusterRole" name: gitlab-runner subjects: - kind: ServiceAccount name: default namespace: gitlab-runner --- # apiVersion: v1 # kind: ConfigMap # metadata: # name: gitlab-runner-config # namespace: gitlab-runner # data: # config.toml: |- # concurrent = 4 # [[runners]] # name = "Kubernetes Demo Runner" # url = "https://gitlab.com/ci" # token = "[TOKEN]" # executor = "kubernetes" # [runners.kubernetes] # namespace = "gitlab-runner" # poll_timeout = 600 # cpu_request = "1" # service_cpu_request = "200m" # --- apiVersion: apps/v1 kind: StatefulSet metadata: name: gitlab-runner namespace: gitlab-runner spec: replicas: 1 selector: matchLabels: name: gitlab-runner template: metadata: labels: name: gitlab-runner spec: serviceAccountName: gitlab-admin containers: - args: - run image: gitlab/gitlab-runner:v16.8.0 imagePullPolicy: IfNotPresent name: gitlab-runner resources: requests: cpu: '100m' limits: cpu: '100m' volumeMounts: - name: gitlab-runner-config mountPath: /etc/gitlab-runner volumes: - name: gitlab-runner-config persistentVolumeClaim: claimName: 'gitlab-runner-pvc' restartPolicy: Always --- apiVersion: v1 kind: PersistentVolumeClaim metadata: namespace: gitlab-runner name: gitlab-runner-pvc spec: accessModes: ["ReadWriteOnce"] storageClassName: "gitlab-runner-storage" resources: requests: storage: 10Mi --- apiVersion: v1 kind: PersistentVolume metadata: namespace: gitlab-runner name: gitlab-runner-pv spec: capacity: storage: 10Mi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: path: /data/gitlab-runner type: "" storageClassName: "gitlab-runner-storage" volumeMode: Filesystem