From e09fe0471c008facf551d9d222cdac57abe5d92a Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sun, 12 Jan 2025 20:56:33 -0500 Subject: [PATCH] refactor: actions-runner-controller namespace (#8647) --- .../app/externalsecret.yaml | 4 +- .../app/helmrelease.yaml | 6 +-- .../app/kustomization.yaml | 0 .../actions-runner-controller/ks.yaml | 42 +++++++++++++++++++ .../runners/home-ops}/helmrelease.yaml | 26 ++++++------ .../runners/home-ops}/kustomization.yaml | 2 +- .../runners/home-ops}/rbac.yaml | 11 +++-- .../runners/kustomization.yaml | 6 +++ .../gha-runner-scale-set-controller/ks.yaml | 22 ---------- .../gha-runner-scale-set/ks.yaml | 20 --------- .../actions-runner-system/kustomization.yaml | 3 +- 11 files changed, 71 insertions(+), 71 deletions(-) rename kubernetes/apps/actions-runner-system/{gha-runner-scale-set-controller => actions-runner-controller}/app/externalsecret.yaml (91%) rename kubernetes/apps/actions-runner-system/{gha-runner-scale-set-controller => actions-runner-controller}/app/helmrelease.yaml (82%) rename kubernetes/apps/actions-runner-system/{gha-runner-scale-set-controller => actions-runner-controller}/app/kustomization.yaml (100%) create mode 100644 kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml rename kubernetes/apps/actions-runner-system/{gha-runner-scale-set/app => actions-runner-controller/runners/home-ops}/helmrelease.yaml (82%) rename kubernetes/apps/actions-runner-system/{gha-runner-scale-set/app => actions-runner-controller/runners/home-ops}/kustomization.yaml (100%) rename kubernetes/apps/actions-runner-system/{gha-runner-scale-set/app => actions-runner-controller/runners/home-ops}/rbac.yaml (75%) create mode 100644 kubernetes/apps/actions-runner-system/actions-runner-controller/runners/kustomization.yaml delete mode 100644 kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/ks.yaml delete mode 100644 kubernetes/apps/actions-runner-system/gha-runner-scale-set/ks.yaml diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/app/externalsecret.yaml b/kubernetes/apps/actions-runner-system/actions-runner-controller/app/externalsecret.yaml similarity index 91% rename from kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/app/externalsecret.yaml rename to kubernetes/apps/actions-runner-system/actions-runner-controller/app/externalsecret.yaml index 34bb4b2ff644b..4ee2370430b2b 100644 --- a/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/app/externalsecret.yaml +++ b/kubernetes/apps/actions-runner-system/actions-runner-controller/app/externalsecret.yaml @@ -3,13 +3,13 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: - name: actions-runner-controller-auth + name: actions-runner-controller spec: secretStoreRef: kind: ClusterSecretStore name: onepassword-connect target: - name: actions-runner-controller-auth-secret + name: actions-runner-controller-secret template: engineVersion: v2 data: diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/app/helmrelease.yaml b/kubernetes/apps/actions-runner-system/actions-runner-controller/app/helmrelease.yaml similarity index 82% rename from kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/app/helmrelease.yaml rename to kubernetes/apps/actions-runner-system/actions-runner-controller/app/helmrelease.yaml index 4a565ec719e42..a65f86a8658d4 100644 --- a/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/app/helmrelease.yaml +++ b/kubernetes/apps/actions-runner-system/actions-runner-controller/app/helmrelease.yaml @@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: - name: gha-runner-scale-set-controller + name: &name actions-runner-controller spec: interval: 30m chart: @@ -14,8 +14,6 @@ spec: kind: HelmRepository name: actions-runner-controller namespace: flux-system - driftDetection: - mode: enabled install: crds: CreateReplace remediation: @@ -27,5 +25,5 @@ spec: strategy: rollback retries: 3 values: - fullnameOverride: gha-runner-scale-set-controller + fullnameOverride: *name replicaCount: 1 diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/app/kustomization.yaml b/kubernetes/apps/actions-runner-system/actions-runner-controller/app/kustomization.yaml similarity index 100% rename from kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/app/kustomization.yaml rename to kubernetes/apps/actions-runner-system/actions-runner-controller/app/kustomization.yaml diff --git a/kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml b/kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml new file mode 100644 index 0000000000000..3e71e939df775 --- /dev/null +++ b/kubernetes/apps/actions-runner-system/actions-runner-controller/ks.yaml @@ -0,0 +1,42 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app actions-runner-controller + namespace: flux-system +spec: + targetNamespace: actions-runner-system + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: external-secrets-stores + path: ./kubernetes/apps/actions-runner-system/actions-runner-controller/app + prune: true + sourceRef: + kind: GitRepository + name: flux-system + wait: false + interval: 30m + timeout: 5m +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app actions-runner-controller-runners + namespace: flux-system +spec: + targetNamespace: actions-runner-system + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/apps/actions-runner-system/actions-runner-controller/runners + prune: true + sourceRef: + kind: GitRepository + name: flux-system + wait: false + interval: 30m + timeout: 5m diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml b/kubernetes/apps/actions-runner-system/actions-runner-controller/runners/home-ops/helmrelease.yaml similarity index 82% rename from kubernetes/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml rename to kubernetes/apps/actions-runner-system/actions-runner-controller/runners/home-ops/helmrelease.yaml index ad8a5ca99ca39..86e1f8ea0871b 100644 --- a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml +++ b/kubernetes/apps/actions-runner-system/actions-runner-controller/runners/home-ops/helmrelease.yaml @@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: - name: gha-runner-scale-set + name: &name home-ops-runner spec: interval: 30m chart: @@ -14,8 +14,6 @@ spec: kind: HelmRepository name: actions-runner-controller namespace: flux-system - driftDetection: - mode: enabled install: remediation: retries: 3 @@ -25,26 +23,26 @@ spec: strategy: rollback retries: 3 dependsOn: - - name: gha-runner-scale-set-controller + - name: actions-runner-controller namespace: actions-runner-system - name: openebs namespace: openebs-system valuesFrom: - targetPath: githubConfigSecret.github_app_id kind: Secret - name: actions-runner-controller-auth-secret + name: actions-runner-controller-secret valuesKey: ACTION_RUNNER_CONTROLLER_GITHUB_APP_ID - targetPath: githubConfigSecret.github_app_installation_id kind: Secret - name: actions-runner-controller-auth-secret + name: actions-runner-controller-secret valuesKey: ACTION_RUNNER_CONTROLLER_GITHUB_INSTALLATION_ID - targetPath: githubConfigSecret.github_app_private_key kind: Secret - name: actions-runner-controller-auth-secret + name: actions-runner-controller-secret valuesKey: ACTION_RUNNER_CONTROLLER_GITHUB_PRIVATE_KEY values: - nameOverride: gha-runner-scale-set - runnerScaleSetName: gha-runner-scale-set + nameOverride: *name + runnerScaleSetName: *name githubConfigUrl: https://github.com/onedr0p/home-ops minRunners: 1 maxRunners: 3 @@ -56,6 +54,9 @@ spec: resources: requests: storage: 25Gi + controllerServiceAccount: + name: actions-runner-controller + namespace: actions-runner-system template: spec: containers: @@ -73,11 +74,8 @@ spec: - mountPath: /var/run/secrets/talos.dev name: talos readOnly: true - serviceAccountName: actions-runner + serviceAccountName: *name volumes: - name: talos secret: - secretName: actions-runner - controllerServiceAccount: - name: gha-runner-scale-set-controller - namespace: actions-runner-system + secretName: *name diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/app/kustomization.yaml b/kubernetes/apps/actions-runner-system/actions-runner-controller/runners/home-ops/kustomization.yaml similarity index 100% rename from kubernetes/apps/actions-runner-system/gha-runner-scale-set/app/kustomization.yaml rename to kubernetes/apps/actions-runner-system/actions-runner-controller/runners/home-ops/kustomization.yaml index f4cbed0e1e7ff..adb2a4f6dcc26 100644 --- a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/app/kustomization.yaml +++ b/kubernetes/apps/actions-runner-system/actions-runner-controller/runners/home-ops/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./rbac.yaml - ./helmrelease.yaml + - ./rbac.yaml diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/app/rbac.yaml b/kubernetes/apps/actions-runner-system/actions-runner-controller/runners/home-ops/rbac.yaml similarity index 75% rename from kubernetes/apps/actions-runner-system/gha-runner-scale-set/app/rbac.yaml rename to kubernetes/apps/actions-runner-system/actions-runner-controller/runners/home-ops/rbac.yaml index 6518dc44e24ce..8e8c8133d2a2b 100644 --- a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/app/rbac.yaml +++ b/kubernetes/apps/actions-runner-system/actions-runner-controller/runners/home-ops/rbac.yaml @@ -2,25 +2,24 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: actions-runner + name: home-ops-runner --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: actions-runner + name: home-ops-runner roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount - name: actions-runner + name: home-ops-runner namespace: actions-runner-system --- apiVersion: talos.dev/v1alpha1 kind: ServiceAccount metadata: - name: actions-runner + name: home-ops-runner spec: - roles: - - os:admin + roles: ["os:admin"] diff --git a/kubernetes/apps/actions-runner-system/actions-runner-controller/runners/kustomization.yaml b/kubernetes/apps/actions-runner-system/actions-runner-controller/runners/kustomization.yaml new file mode 100644 index 0000000000000..9f4453e16b5a2 --- /dev/null +++ b/kubernetes/apps/actions-runner-system/actions-runner-controller/runners/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./home-ops diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/ks.yaml b/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/ks.yaml deleted file mode 100644 index 2fd181e9e681e..0000000000000 --- a/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/ks.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app gha-runner-scale-set-controller - namespace: flux-system -spec: - targetNamespace: actions-runner-system - commonMetadata: - labels: - app.kubernetes.io/name: *app - dependsOn: - - name: external-secrets-stores - path: ./kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/app - prune: true - sourceRef: - kind: GitRepository - name: flux-system - wait: false - interval: 30m - timeout: 5m diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/ks.yaml b/kubernetes/apps/actions-runner-system/gha-runner-scale-set/ks.yaml deleted file mode 100644 index fced787633c32..0000000000000 --- a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/ks.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app gha-runner-scale-set - namespace: flux-system -spec: - targetNamespace: actions-runner-system - commonMetadata: - labels: - app.kubernetes.io/name: *app - path: ./kubernetes/apps/actions-runner-system/gha-runner-scale-set/app - prune: true - sourceRef: - kind: GitRepository - name: flux-system - wait: false - interval: 30m - timeout: 5m diff --git a/kubernetes/apps/actions-runner-system/kustomization.yaml b/kubernetes/apps/actions-runner-system/kustomization.yaml index 40352af59c65a..44d3b1913a25c 100644 --- a/kubernetes/apps/actions-runner-system/kustomization.yaml +++ b/kubernetes/apps/actions-runner-system/kustomization.yaml @@ -7,8 +7,7 @@ resources: - ./namespace.yaml - ../../templates/alerts # Flux-Kustomizations - - ./gha-runner-scale-set-controller/ks.yaml - - ./gha-runner-scale-set/ks.yaml + - ./actions-runner-controller/ks.yaml transformers: - |- apiVersion: builtin