gitea-runner: use proper deployment manifest

gitea-runner/deployment.yaml

@@ -1,34 +1,39 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: gitea-runner
+  annotations:
+    deployment.kubernetes.io/revision: "4"
+  labels:
+    app: act-runner
+  name: act-runner
+  namespace: gitea-runner
 spec:
+  progressDeadlineSeconds: 600
   replicas: 1
-  strategy:
+  revisionHistoryLimit: 10
-    type: Recreate
   selector:
     matchLabels:
-      app: gitea-runner
+      app: act-runner
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
   template:
     metadata:
+      creationTimestamp: null
       labels:
-        app: gitea-runner
+        app: act-runner
     spec:
-      restartPolicy: Always
-      volumes:
-      - name: docker-certs
-        emptyDir: {}
-      - name: runner-data
-        persistentVolumeClaim:
-          claimName: gitea-runner-pvc
       containers:
-      - name: runner
+      - command:
-        image: gitea/act_runner:nightly
+        - sh
-        imagePullPolicy: Always
+        - -c
-        command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- run.sh"]
+        - while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...';
+          sleep 5; done; /sbin/tini -- run.sh
         env:
         - name: DOCKER_HOST
-          value: tcp://127.0.0.1:2376
+          value: tcp://localhost:2376
         - name: DOCKER_CERT_PATH
           value: /certs/client
         - name: DOCKER_TLS_VERIFY
@@ -38,20 +43,37 @@ spec:
         - name: GITEA_RUNNER_REGISTRATION_TOKEN
           valueFrom:
             secretKeyRef:
-              name: gitea-runner-token
+              key: token
-              key: registration-token
+              name: runner-secret
+        image: gitea/act_runner:nightly
+        imagePullPolicy: Always
+        name: runner
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
         volumeMounts:
-        - name: docker-certs
+        - mountPath: /certs
-          mountPath: /certs
+          name: docker-certs
-        - name: runner-data
+        - mountPath: /data
-          mountPath: /data
+          name: runner-data
-      - name: daemon
+      - env:
-        image: docker:23.0.6-dind
-        env:
         - name: DOCKER_TLS_CERTDIR
           value: /certs
+        image: docker:23.0.6-dind
+        imagePullPolicy: IfNotPresent
+        name: daemon
         securityContext:
           privileged: true
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
         volumeMounts:
-        - name: docker-certs
+        - mountPath: /certs
-          mountPath: /certs
+          name: docker-certs
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - name: docker-certs
+      - name: runner-data
+        persistentVolumeClaim:
+          claimName: act-runner-vol