apiVersion: v1
kind: Namespace
metadata:
  name: gitlab-runner

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: gitlab-admin
  namespace: gitlab-runner
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: gitlab-runner
  name: gitlab-admin
rules:
  - apiGroups: ['']
    resources: ['*']
    verbs: ['*']

---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: gitlab-admin
  namespace: gitlab-runner
subjects:
  - kind: ServiceAccount
    name: gitlab-admin
    namespace: gitlab-runner
roleRef:
  kind: Role
  name: gitlab-admin
  apiGroup: rbac.authorization.k8s.io

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: gitlab-runner-config
  namespace: gitlab-runner
data:
  config.toml: |-
    concurrent = 4
    [[runners]]
      name = "Kubernetes Demo Runner"
      url = "https://gitlab.com/ci"
      token = "[TOKEN]"
      executor = "kubernetes"
      [runners.kubernetes]
        namespace = "gitlab-runner"
        poll_timeout = 600
        cpu_request = "1"
        service_cpu_request = "200m" 

---

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: gitlab-runner
  namespace: gitlab-runner
spec:
  replicas: 1
  selector:
    matchLabels:
      name: gitlab-runner
  template:
    metadata:
      labels:
        name: gitlab-runner
    spec:
      serviceAccountName: gitlab-admin
      containers:
        - args:
            - run
          image: gitlab/gitlab-runner:v16.8.0
          imagePullPolicy: IfNotPresent
          name: gitlab-runner
          resources:
            requests:
              cpu: '100m'
            limits:
              cpu: '100m'
          volumeMounts:
            - name: gitlab-runner-config
              mountPath: /etc/gitlab-runner
      volumes:
        - name: gitlab-runner-config
          persistentVolumeClaim:
            name: gitlab-runner-pvc
      restartPolicy: Always
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  namespace: gitlab-runner
  name: gitlab-runner-pvc
spec:
  accessModes: ["ReadWriteOnce"]
  storageClassName: "gitlab-runner-storage"
  resources:
    requests:
      storage: 10Mi
---
apiVersion: v1
kind: PersistentVolume
metadata:
  namespace: gitlab-runner
  name: gitlab-runner-pv
spec:
  capacity:
    storage: 10Mi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  hostPath:
    path: /data/gitlab-runner
    type: ""
  storageClassName: "gitlab-runner-storage"
  volumeMode: Filesystem