From 2f4ec4ed6467976b9c0c6f0448614222f0792f80 Mon Sep 17 00:00:00 2001
From: Mayne0213 <bluemayne0213@icloud.com>
Date: Sun, 11 Jan 2026 23:03:22 +0900
Subject: [PATCH] CHORE(gitea-runner): remove gitea-runner component

- Delete gitea-runner ArgoCD application and manifests
- Remove kustomization.yaml reference
- Migrate CI/CD to Tekton pipelines
---
 gitea-runner/argocd.yaml                     | 28 --------
 gitea-runner/manifests/deployment.yaml       | 73 --------------------
 gitea-runner/manifests/rbac.yaml             | 33 ---------
 gitea-runner/manifests/runner-secret.yaml    | 18 -----
 gitea-runner/manifests/zot-plain-secret.yaml | 22 ------
 gitea-runner/manifests/zot-secret.yaml       | 27 --------
 kustomization.yaml                           |  1 -
 7 files changed, 202 deletions(-)
 delete mode 100644 gitea-runner/argocd.yaml
 delete mode 100644 gitea-runner/manifests/deployment.yaml
 delete mode 100644 gitea-runner/manifests/rbac.yaml
 delete mode 100644 gitea-runner/manifests/runner-secret.yaml
 delete mode 100644 gitea-runner/manifests/zot-plain-secret.yaml
 delete mode 100644 gitea-runner/manifests/zot-secret.yaml

diff --git a/gitea-runner/argocd.yaml b/gitea-runner/argocd.yaml
deleted file mode 100644
index 21c625c..0000000
--- a/gitea-runner/argocd.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: gitea-actions-runner
-  namespace: argocd
-  finalizers:
-  - resources-finalizer.argocd.argoproj.io
-spec:
-  project: default
-  source:
-    repoURL: https://github.com/K3S-HOME/platform.git
-    targetRevision: main
-    path: gitea-runner/manifests
-  destination:
-    server: https://kubernetes.default.svc
-    namespace: gitea
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-    - CreateNamespace=true
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
diff --git a/gitea-runner/manifests/deployment.yaml b/gitea-runner/manifests/deployment.yaml
deleted file mode 100644
index 193bd34..0000000
--- a/gitea-runner/manifests/deployment.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: gitea-runner
-  namespace: gitea
-  labels:
-    app: gitea-runner
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: gitea-runner
-  template:
-    metadata:
-      labels:
-        app: gitea-runner
-    spec:
-      serviceAccountName: gitea-runner
-      containers:
-      - name: runner
-        image: gitea/act_runner:latest
-        command:
-        - sh
-        - -c
-        - |
-          # Install kubectl
-          wget -q -O /usr/local/bin/kubectl "https://dl.k8s.io/release/$(wget -q -O - https://dl.k8s.io/release/stable.txt)/bin/linux/arm64/kubectl"
-          chmod +x /usr/local/bin/kubectl
-
-          # Wait for Gitea to be ready
-          while ! wget -q --spider http://gitea-http.gitea.svc:3000/api/v1/version 2>/dev/null; do
-            echo "Waiting for Gitea to be ready..."
-            sleep 5
-          done
-          echo "Gitea is ready!"
-
-          # Register runner if not already registered
-          if [ ! -f /data/.runner ]; then
-            act_runner register --no-interactive \
-              --instance https://github0213.com \
-              --token $(cat /secrets/token) \
-              --name k3s-runner \
-              --labels k3s-home:host
-          fi
-
-          act_runner daemon
-        env:
-        - name: GITEA_INSTANCE_URL
-          value: "https://github0213.com"
-        volumeMounts:
-        - name: runner-data
-          mountPath: /data
-        - name: runner-secret
-          mountPath: /secrets
-          readOnly: true
-        resources:
-          requests:
-            cpu: 50m
-            memory: 128Mi
-          limits:
-            memory: 512Mi
-      volumes:
-      - name: runner-data
-        emptyDir: {}
-      - name: runner-secret
-        secret:
-          secretName: gitea-runner-secret
-      nodeSelector:
-        node-role.kubernetes.io/control-plane: "true"
-      tolerations:
-      - key: node-role.kubernetes.io/control-plane
-        operator: Exists
-        effect: NoSchedule
diff --git a/gitea-runner/manifests/rbac.yaml b/gitea-runner/manifests/rbac.yaml
deleted file mode 100644
index cd9b441..0000000
--- a/gitea-runner/manifests/rbac.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: gitea-runner
-  namespace: gitea
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: gitea-runner-kaniko
-rules:
-- apiGroups: ["batch"]
-  resources: ["jobs"]
-  verbs: ["create", "delete", "get", "watch"]
-- apiGroups: [""]
-  resources: ["pods", "pods/log"]
-  verbs: ["get", "list", "watch"]
-- apiGroups: [""]
-  resources: ["secrets"]
-  verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: gitea-runner-kaniko
-subjects:
-- kind: ServiceAccount
-  name: gitea-runner
-  namespace: gitea
-roleRef:
-  kind: ClusterRole
-  name: gitea-runner-kaniko
-  apiGroup: rbac.authorization.k8s.io
diff --git a/gitea-runner/manifests/runner-secret.yaml b/gitea-runner/manifests/runner-secret.yaml
deleted file mode 100644
index 91f1c47..0000000
--- a/gitea-runner/manifests/runner-secret.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: gitea-runner-secret
-  namespace: gitea
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault-backend
-  target:
-    name: gitea-runner-secret
-    creationPolicy: Owner
-  data:
-    - secretKey: token
-      remoteRef:
-        key: platform/gitea
-        property: runner_token
diff --git a/gitea-runner/manifests/zot-plain-secret.yaml b/gitea-runner/manifests/zot-plain-secret.yaml
deleted file mode 100644
index 9ffcec5..0000000
--- a/gitea-runner/manifests/zot-plain-secret.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: zot-registry-credentials-plain
-  namespace: gitea
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault-backend
-  target:
-    name: zot-registry-credentials-plain
-    creationPolicy: Owner
-  data:
-    - secretKey: username
-      remoteRef:
-        key: zot
-        property: USERNAME
-    - secretKey: password
-      remoteRef:
-        key: zot
-        property: PASSWORD
diff --git a/gitea-runner/manifests/zot-secret.yaml b/gitea-runner/manifests/zot-secret.yaml
deleted file mode 100644
index 4c96768..0000000
--- a/gitea-runner/manifests/zot-secret.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: zot-registry-credentials
-  namespace: gitea
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault-backend
-  target:
-    name: zot-registry-credentials
-    creationPolicy: Owner
-    template:
-      type: kubernetes.io/dockerconfigjson
-      data:
-        .dockerconfigjson: |
-          {"auths":{"zot0213.kro.kr":{"username":"{{ .USERNAME }}","password":"{{ .PASSWORD }}","auth":"{{ printf "%s:%s" .USERNAME .PASSWORD | b64enc }}"}}}
-  data:
-    - secretKey: USERNAME
-      remoteRef:
-        key: storage/zot
-        property: USERNAME
-    - secretKey: PASSWORD
-      remoteRef:
-        key: storage/zot
-        property: PASSWORD
diff --git a/kustomization.yaml b/kustomization.yaml
index b896f46..62deaec 100644
--- a/kustomization.yaml
+++ b/kustomization.yaml
@@ -10,7 +10,6 @@ resources:
   - argocd/argocd.yaml
   - argocd/image-updater.yaml
   - gitea/argocd.yaml
-  - gitea-runner/argocd.yaml
 
   # Tekton CI/CD Platform
   - tekton/pipeline/argocd.yaml