# 使用secret存储gitlab的token
apiVersion: v1
data:
  # 这个token是经过base64加密后的数据
  token: dk1yUGdDaXl5SmctUkJjOURoVEh3TnlxNmhQVjJ4bVpTWkxaR1ljbUx0a0NMWmZZYUE=
kind: Secret
metadata:
  name: gitlab-agent-token-b2c5km4f47
  namespace: cidevops
type: Opaque
---
# 使用deployment部署agent的pod
apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitlab-agent
  namespace: cidevops
spec:
  replicas: 1
  selector:
    matchLabels:
      app: gitlab-agent
  strategy:
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      annotations:
        prometheus.io/path: /metrics
        prometheus.io/port: "8080"
        prometheus.io/scrape: "true"
      labels:
        app: gitlab-agent
    spec:
      containers:
      - args:
        - --token-file=/config/token
        - --kas-address
        - wss://gitlab.linux98.com/-/kubernetes-agent/
        env:
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        image: registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:stable
        livenessProbe:
          httpGet:
            path: /liveness
            port: 8080
          initialDelaySeconds: 15
          periodSeconds: 20
        name: agent
        readinessProbe:
          httpGet:
            path: /readiness
            port: 8080
          initialDelaySeconds: 5
          periodSeconds: 10
        volumeMounts:
        - mountPath: /config
          name: token-volume
      serviceAccountName: cidevops-gitlab-agent  # 这里改为我们创建好的sa账户
      volumes:
      - name: token-volume
        secret:
          secretName: gitlab-agent-token-b2c5km4f47