---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: act-runner-amd64
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: act-runner
      app.kubernetes.io/instance: amd64
  serviceName: act-runner
  replicas: 1
  template:
    metadata:
      labels:
        app.kubernetes.io/name: act-runner
        app.kubernetes.io/instance: amd64
    spec:
      restartPolicy: Always
      initContainers:
        - name: runner-registration
          image: docker.io/alpine:3.18
          command:
            - /bin/ash
            - -c
            - "cp /etc/act/`hostname` /data/.runner"
          volumeMounts:
          - name: runner-data
            mountPath: /data
          - name: runner-registrations
            mountPath: /etc/act
      containers:
        - name: runner
          image: act_runner
          imagePullPolicy: Always
          command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"]
          env:
          - name: DOCKER_HOST
            value: tcp://localhost:2376
          - name: DOCKER_CERT_PATH
            value: /certs/client
          - name: DOCKER_TLS_VERIFY
            value: "1"
          - name: CONFIG_FILE
            value: /etc/act/config.yaml
          volumeMounts:
            - name: runner-data
              mountPath: /data
            - name: runner-config
              mountPath: /etc/act
            - name: docker-certs
              mountPath: /certs
          securityContext:
            privileged: true
        - name: daemon
          image: docker:23.0.6-dind
          env:
          - name: DOCKER_TLS_CERTDIR
            value: /certs
          securityContext:
            privileged: true
          volumeMounts:
          - name: docker-certs
            mountPath: /certs
      securityContext:
        fsGroup: 1000
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
              - matchExpressions:
                  - key: kubernetes.io/arch
                    operator: In
                    values:
                      - amd64
      volumes:
        - name: runner-data
          emptyDir:
            sizeLimit: 500Mi
        - name: docker-certs
          emptyDir:
            sizeLimit: 5Mi
        - name: runner-config
          configMap:
            name: act-runner-config-amd64
        - name: runner-registrations
          secret:
            secretName: runner-registrations