也许有人知道可以通过什么方式将根 CA 添加到 actions-runner-controller?
值得一提的是,我对 actions-runner-controller 图像感兴趣,而不是 actions-runner 图像。
actions-runner-controller pod 的日志:
ERROR runner Failed to get new registration token {"runner": "github-actions-runner-small-001-rw88q-nhmhq", "error": "failed to create registration token: Post "https://test-github.example.com/api/v3/orgs/myexample/actions/runners/registration-token/": could not refresh installation id 5's token: could not get access_tokens from GitHub API for installation ID 5: x509: certificate signed by unknown authority"}
github.com/actions/actions-runner-controller/controllers/actions%2esummerwind%2enet.(*RunnerReconciler).updateR
运行在K3S集群上
提前致谢,
Docker文件:
FROM summerwind/actions-runner-controller
ADD ./My_Root_CA.pem /usr/local/share/my-root-ca.pem
期待:
控制器应该信任我的 GitHub Enterprise Server 的自签名证书
解决方案:
kubectl -n <namespace> create configmap <configMap-name> --from-file=my-root-ca.pem
spec:
containers:
- name: actions-runner-controller
image: someimage:v1
volumeMounts:
- name: <configMap-name>
mountPath: /etc/ssl/certs/my-root-ca.pem
subPath: my-root-ca.pem
readOnly: false
volumes:
- name: <configMap-name>
configMap:
name: <configMap-name>
我有同样的问题,这个讨论对我有用:https://github.com/actions/actions-runner-controller/discussions/957