sunpeng
/
devops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix drone

This commit is contained in:
孙小云 2025-09-08 16:06:44 +08:00
parent 5c97b26b67
commit 9bf303ca15
3 changed files with 42 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
drone/drone-runner-deployment.yaml
View File

@ -1,23 +1,25 @@
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: drone-runner name: drone
namespace: default namespace: default
labels:
app.kubernetes.io/name: drone
spec: spec:
replicas: 1 replicas: 1
selector: selector:
matchLabels: matchLabels:
app: drone-runner app.kubernetes.io/name: drone
template: template:
metadata: metadata:
labels: labels:
app: drone-runner app.kubernetes.io/name: drone
spec: spec:
serviceAccountName: drone-pipeline serviceAccountName: drone-pipeline
nodeSelector: nodeSelector:
node-role.kubernetes.io/control-plane: "true" node-role.kubernetes.io/control-plane: "true"
containers: containers:
- name: drone-runner - name: runner
image: registry.t-aaron.com/drone/drone-runner-kube:latest image: registry.t-aaron.com/drone/drone-runner-kube:latest
env: env:
- name: DRONE_RPC_PROTO - name: DRONE_RPC_PROTO
@ -36,3 +38,9 @@ spec:
value: "IfNotPresent" value: "IfNotPresent"
- name: DRONE_RUNNER_IMAGE_PULL_SECRETS - name: DRONE_RUNNER_IMAGE_PULL_SECRETS
value: "" value: ""
- name: DRONE_RUNNER_CAPACITY
value: "2"
- name: DRONE_RUNNER_PRIVILEGED_IMAGES
value: "plugins/docker,registry.t-aaron.com/plugins/docker"
- name: DRONE_CLONE_IMAGE
value: "registry.t-aaron.com/drone/git:latest"

28
drone/drone-runner-rbac.yaml Normal file
View File

@ -0,0 +1,28 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: default
name: drone
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: [""]
resources: ["pods", "pods/log"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: drone
namespace: default
subjects:
- kind: ServiceAccount
name: drone-pipeline
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: drone

2
drone/drone-server-deployment.yaml
View File

@ -37,6 +37,8 @@ spec:
value: "true" value: "true"
- name: DRONE_TRACE - name: DRONE_TRACE
value: "true" value: "true"
- name: DRONE_USER_CREATE
value: "username:tuoheng,admin:true"
volumeMounts: volumeMounts:
- name: drone-data - name: drone-data
mountPath: /data mountPath: /data