public_git
/
actions-runner-controller
mirror of https://github.com/actions-runner-controller/actions-runner-controller.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

chore: Service accounts in Kubernetes mode can now be annotated. (#2566) 

Signed-off-by: kahirokunn <okinakahiro@gmail.com>
This commit is contained in:
kahirokunn 2023-10-18 20:37:39 +09:00 committed by GitHub
parent f14dbd68f1
commit e1edb84abe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 48 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
charts/gha-runner-scale-set/templates/kube_mode_serviceaccount.yaml
View File

@ -5,6 +5,12 @@ kind: ServiceAccount
metadata: metadata:
name: {{ include "gha-runner-scale-set.kubeModeServiceAccountName" . }} name: {{ include "gha-runner-scale-set.kubeModeServiceAccountName" . }}
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
{{- if .Values.containerMode.kubernetesModeServiceAccount }}
{{- with .Values.containerMode.kubernetesModeServiceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
finalizers: finalizers:
- actions.github.com/cleanup-protection - actions.github.com/cleanup-protection
labels: labels:

31
charts/gha-runner-scale-set/tests/template_test.go
View File

@ -742,6 +742,37 @@ func TestTemplateRenderedAutoScalingRunnerSet_DinD_ExtraInitContainers(t *testin
assert.Equal(t, "ls", ars.Spec.Template.Spec.InitContainers[2].Command[0], "InitContainers[2] Command[0] should be ls") assert.Equal(t, "ls", ars.Spec.Template.Spec.InitContainers[2].Command[0], "InitContainers[2] Command[0] should be ls")
} }
func TestTemplateRenderedKubernetesModeServiceAccountAnnotations(t *testing.T) {
t.Parallel()
// Path to the helm chart we will test
helmChartPath, err := filepath.Abs("../../gha-runner-scale-set")
require.NoError(t, err)
testValuesPath, err := filepath.Abs("../tests/values_kubernetes_mode_service_account_annotations.yaml")
require.NoError(t, err)
releaseName := "test-runners"
namespaceName := "test-" + strings.ToLower(random.UniqueId())
options := &helm.Options{
Logger: logger.Discard,
SetValues: map[string]string{
"controllerServiceAccount.name": "arc",
"controllerServiceAccount.namespace": "arc-system",
},
ValuesFiles: []string{testValuesPath},
KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName),
}
output := helm.RenderTemplate(t, options, helmChartPath, releaseName, []string{"templates/kube_mode_serviceaccount.yaml"})
var sa corev1.ServiceAccount
helm.UnmarshalK8SYaml(t, output, &sa)
assert.Equal(t, "arn:aws:iam::123456789012:role/sample-role", sa.Annotations["eks.amazonaws.com/role-arn"], "Annotations should be arn:aws:iam::123456789012:role/sample-role")
}
func TestTemplateRenderedAutoScalingRunnerSet_DinD_ExtraVolumes(t *testing.T) { func TestTemplateRenderedAutoScalingRunnerSet_DinD_ExtraVolumes(t *testing.T) {
t.Parallel() t.Parallel()

8
charts/gha-runner-scale-set/tests/values_kubernetes_mode_service_account_annotations.yaml Normal file
View File

@ -0,0 +1,8 @@
githubConfigUrl: https://github.com/actions/actions-runner-controller
githubConfigSecret:
github_token: test
containerMode:
type: kubernetes
kubernetesModeServiceAccount:
annotations:
eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/sample-role

2
charts/gha-runner-scale-set/values.yaml
View File

@ -84,6 +84,8 @@ githubConfigSecret:
# resources: # resources:
# requests: # requests:
# storage: 1Gi # storage: 1Gi
# kubernetesModeServiceAccount:
# annotations:
## template is the PodSpec for each listener Pod ## template is the PodSpec for each listener Pod
## For reference: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec ## For reference: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec