也许有人知道如何在actions-runner-controller中添加根CA ?
值得一提的是,我感兴趣的是actions-runner-controller图像,而不是actions-runner图像。
action -runner-controller pod日志:
ERROR runner Failed to get new registration token {"runner": "github-actions-runner-small-001-rw88q-nhmhq", "error": "failed to create registration token: Post "https://test-github.example.com/api/v3/orgs/myexample/actions/runners/registration-token/": could not refresh installation id 5's token: could not get access_tokens from GitHub API for installation ID 5: x509: certificate signed by unknown authority"}
github.com/actions/actions-runner-controller/controllers/actions%2esummerwind%2enet.(*RunnerReconciler).updateR
在K3S集群上运行
提前感谢,
Dockerfile:
FROM summerwind/actions-runner-controller
ADD ./My_Root_CA.pem /usr/local/share/my-root-ca.pem
期待:
控制器应该信任GitHub企业服务器的自签名证书
解决方案:
- 在.pem中创建一个带有证书的configMap:
kubectl -n <namespace> create configmap <configMap-name> --from-file=my-root-ca.pem
- 将configMap附加到部署中,如下所示:
spec:
containers:
- name: actions-runner-controller
image: someimage:v1
volumeMounts:
- name: <configMap-name>
mountPath: /etc/ssl/certs/my-root-ca.pem
subPath: my-root-ca.pem
readOnly: false
volumes:
- name: <configMap-name>
configMap:
name: <configMap-name>