gitea-runner: fix deployment

gitea-runner/deployment.yaml

@@ -16,16 +16,15 @@ spec:
     spec:
       restartPolicy: Always
       volumes:
+      - name: docker-certs
+        emptyDir: {}
       - name: runner-data
         persistentVolumeClaim:
           claimName: gitea-runner-pvc
-      securityContext:
-        fsGroup: 1000
       containers:
       - name: runner
-        image: gitea/act_runner:nightly-dind-rootless
+        image: gitea/act_runner:nightly
-        imagePullPolicy: Always
+        command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- run.sh"]
-        # command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"]
         env:
         - name: DOCKER_HOST
           value: tcp://localhost:2376
@@ -38,14 +37,20 @@ spec:
         - name: GITEA_RUNNER_REGISTRATION_TOKEN
           valueFrom:
             secretKeyRef:
-              name: gitea-runner-token
+              name: runner-secret
-              key: registration-token
+              key: token
+        volumeMounts:
+        - name: docker-certs
+          mountPath: /certs
+        - name: runner-data
+          mountPath: /data
+      - name: daemon
+        image: docker:23.0.6-dind
+        env:
+        - name: DOCKER_TLS_CERTDIR
+          value: /certs
         securityContext:
           privileged: true
         volumeMounts:
-        - name: runner-data
+        - name: docker-certs
-          mountPath: /data
+          mountPath: /certs
-        resources:
-          limits:
-            memory: "1Gi"
-            cpu: "1000m"