--- apiVersion: apps/v1 kind: StatefulSet metadata: name: act-runner-amd64 spec: selector: matchLabels: app.kubernetes.io/name: act-runner app.kubernetes.io/instance: amd64 serviceName: act-runner replicas: 1 template: metadata: labels: app.kubernetes.io/name: act-runner app.kubernetes.io/instance: amd64 spec: restartPolicy: Always initContainers: - name: runner-registration image: docker.io/alpine:3.18 command: - /bin/ash - -c - "cp /etc/act/`hostname` /data/.runner" volumeMounts: - name: runner-data mountPath: /data - name: runner-registrations mountPath: /etc/act containers: - name: runner image: act_runner imagePullPolicy: Always command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"] env: - name: DOCKER_HOST value: tcp://localhost:2376 - name: DOCKER_CERT_PATH value: /certs/client - name: DOCKER_TLS_VERIFY value: "1" - name: CONFIG_FILE value: /etc/act/config.yaml volumeMounts: - name: runner-data mountPath: /data - name: runner-config mountPath: /etc/act - name: docker-certs mountPath: /certs securityContext: privileged: true - name: daemon image: docker:23.0.6-dind env: - name: DOCKER_TLS_CERTDIR value: /certs securityContext: privileged: true volumeMounts: - name: docker-certs mountPath: /certs securityContext: fsGroup: 1000 affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - amd64 volumes: - name: runner-data emptyDir: sizeLimit: 500Mi - name: docker-certs emptyDir: sizeLimit: 5Mi - name: runner-config configMap: name: act-runner-config-amd64 - name: runner-registrations secret: secretName: runner-registrations