fix: disable TLS for internal DIND to resolve cert issues

k8s/base/gitea-runner-config.yaml

@@ -18,9 +18,7 @@ data:
         - "ubuntu-24.04:docker://docker.gitea.com/runner-images:ubuntu-24.04"
         - "ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04"
       envs:
-        DOCKER_HOST: "tcp://localhost:2376"
-        DOCKER_CERT_PATH: "/certs/client"
-        DOCKER_TLS_VERIFY: "1"
+        DOCKER_HOST: "tcp://localhost:2375"
     cache:
       enabled: true
       dir: ""
@@ -29,8 +27,7 @@ data:
     container:
       privileged: true
       network: host
-      docker_host: "tcp://localhost:2376"
+      docker_host: "tcp://localhost:2375"
       force_pull: true
-      options: "-v /certs/client:/certs/client"
       valid_volumes:
         - "/certs/client"

k8s/base/gitea-runner.yaml

@@ -30,21 +30,12 @@ spec:
         - name: CONFIG_FILE
           value: /config.yaml
         - name: DOCKER_HOST
-          value: tcp://localhost:2376
-        - name: DOCKER_TLS_CERTDIR
-          value: /certs/client
-        - name: DOCKER_CERT_PATH
-          value: /certs/client
-        - name: DOCKER_TLS_VERIFY
-          value: "1"
+          value: tcp://localhost:2375
         securityContext:
           privileged: true
         volumeMounts:
         - name: runner-data
           mountPath: /data
-        - name: docker-certs
-          mountPath: /certs/client
-          readOnly: true
         - name: config
           mountPath: /config.yaml
           subPath: config.yaml
@@ -54,16 +45,9 @@ spec:
           privileged: true
         env:
         - name: DOCKER_TLS_CERTDIR
-          value: /certs/client
+          value: ""
         - name: DOCKER_DRIVER
           value: overlay2
-        volumeMounts:
-        - name: runner-data
-          mountPath: /data
-        - name: docker-graph-storage
-          mountPath: /var/lib/docker
-        - name: docker-certs
-          mountPath: /certs/client
       volumes:
       - name: runner-data
         emptyDir: {}