From 57898d6ff4efc6ec2dbc8c15dd039ba28ee8f5ac Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Fri, 10 Feb 2023 00:34:22 +0100
Subject: [PATCH] fix(gitlab-runner): Fix cleanup controller

This patch replaces the plain pod with with a more sustainable
deployments which will also survive draining and automatic recreation of
pods.
---
 apps/base/gitlab-runner/pod-cleanup.yaml | 59 +++++++++++++++---------
 1 file changed, 37 insertions(+), 22 deletions(-)

diff --git a/apps/base/gitlab-runner/pod-cleanup.yaml b/apps/base/gitlab-runner/pod-cleanup.yaml
index a72667111..109cdf9f9 100644
--- a/apps/base/gitlab-runner/pod-cleanup.yaml
+++ b/apps/base/gitlab-runner/pod-cleanup.yaml
@@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: pod-cleanup-role
+  namespace: gitlab-runner
 rules:
 - apiGroups: [""]
   resources: ["pods"]
@@ -12,6 +13,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: pod-cleanup-role-binding
+  namespace: gitlab-runner
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
@@ -19,34 +21,47 @@ roleRef:
 subjects:
 - kind: ServiceAccount
   name: pod-cleanup-sa
+  namespace: gitlab-runner
 ---
 
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: pod-cleanup-sa
+  namespace: gitlab-runner
 ---
-
-apiVersion: v1
-kind: Pod
+apiVersion: apps/v1
+kind: Deployment
 metadata:
-  name: gitlab-runner-pod-cleanup
+  labels:
+    app.kubernetes.io/name: pod-cleanup
+  name: pod-cleanup
+  namespace: gitlab-runner
 spec:
-  restartPolicy: Always
-  serviceAccountName: pod-cleanup-sa
-  containers:
-  - name: gitlab-runner-pod-cleanup
-    image: registry.gitlab.com/gitlab-org/ci-cd/gitlab-runner-pod-cleanup:latest
-  resources:
-    requests:
-      cpu: 10m
-      memory: 64Mi
-    limits:
-      cpu: 250m
-      memory: 512Mi
-  securityContext:
-    capabilities:
-      drop: ["all"]
-      add: []
-    runAsNonRoot: true
-    runAsUser: 1000
\ No newline at end of file
+  replicas: 2
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: pod-cleanup
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: pod-cleanup
+    spec:
+      restartPolicy: Always
+      serviceAccountName: pod-cleanup-sa
+      containers:
+      - name: gitlab-runner-pod-cleanup
+        image: registry.gitlab.com/gitlab-org/ci-cd/gitlab-runner-pod-cleanup:latest
+      resources:
+        requests:
+          cpu: 10m
+          memory: 64Mi
+        limits:
+          cpu: 250m
+          memory: 512Mi
+      securityContext:
+        capabilities:
+          drop: ["all"]
+          add: []
+        runAsNonRoot: true
+        runAsUser: 1000
\ No newline at end of file
-- 
GitLab