Skip to content
Snippets Groups Projects
Verified Commit 188962af authored by Sheogorath's avatar Sheogorath :european_castle:
Browse files

feat(gitlab-runner): Deploy upstream pod cleanup controller

parent 37213b51
No related branches found
No related tags found
No related merge requests found
...@@ -5,6 +5,7 @@ resources: ...@@ -5,6 +5,7 @@ resources:
- namespace.yaml - namespace.yaml
- repository.yaml - repository.yaml
- release.yaml - release.yaml
- pod-cleanup.yaml
- ../../../shared/networkpolicies/allow-from-same-namespace.yaml - ../../../shared/networkpolicies/allow-from-same-namespace.yaml
- ../../../shared/networkpolicies/allow-from-monitoring.yaml - ../../../shared/networkpolicies/allow-from-monitoring.yaml
patchesStrategicMerge: patchesStrategicMerge:
......
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: pod-cleanup-role
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: pod-cleanup-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: pod-cleanup-role
subjects:
- kind: ServiceAccount
name: pod-cleanup-sa
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pod-cleanup-sa
---
apiVersion: v1
kind: Pod
metadata:
name: gitlab-runner-pod-cleanup
spec:
restartPolicy: Always
serviceAccountName: pod-cleanup-sa
containers:
- name: gitlab-runner-pod-cleanup
image: registry.gitlab.com/gitlab-org/ci-cd/gitlab-runner-pod-cleanup:latest
resources:
requests:
cpu: 10m
memory: 64Mi
limits:
cpu: 250m
memory: 512Mi
securityContext:
capabilities:
drop: ["all"]
add: []
runAsNonRoot: true
runAsUser: 1000
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment