{{ if .Values.gitlab_runner.enabled }} apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: gitlab-runner namespace: argocd finalizers: - resources-finalizer.argocd.argoproj.io spec: destination: namespace: gitlab server: 'https://kubernetes.default.svc' source: repoURL: 'https://charts.gitlab.io/' targetRevision: {{ .Values.gitlab_runner.version }} chart: gitlab-runner helm: releaseName: runner-gitlab-runner values: | gitlabUrl: https://gitlab.com/ # certsSecretName: cluster-ca # sentryDsn: https://cb9cbeb704c4454fadf0d231602b7abc@o990465.ingest.sentry.io/5996879 checkInterval: 15 rbac: create: true clusterWideAccess: true service: enabled: true metrics: enabled: true serviceMonitor: enabled: true runners: tags: kubernetes, {{ .Values.gitlab_runner.tag }}, {{ .Values.cluster_config.cluster }}, {{ .Values.cluster_config.env}} executor: kubernetes cache: secretName: s3access secret: runner-token # tpl: https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function # runner configuration: https://docs.gitlab.com/runner/configuration/advanced-configurati> config: | [[runners]] [runners.kubernetes] pull_policy = "always" namespace = "gitlab" image = "ubuntu:24.04" [runners.cache] Path = "" Shared = true Type = "s3" [runners.cache.s3] BucketLocation = "us-east-1" AuthenticationType = "access-key" AccessKey = {{ .Values.gitlab_runner.s3.access_key }} SecretKey = {{ .Values.gitlab_runner.s3.secret_key }} ServerAddress = {{ .Values.gitlab_runner.s3.server }} BucketName = "gitlab-runner" Insecure = false project: sys syncPolicy: managedNamespaceMetadata: labels: component: sys syncOptions: - CreateNamespace=true - ApplyOutOfSyncOnly=true {{- if .Values.gitlab_runner.autosync }} automated: prune: true # selfHeal: false {{- end }} {{ end }}