From 4c249ff116358a4c2043aeb886db68bb8176f7d1 Mon Sep 17 00:00:00 2001
From: Erich Blume <blume.erich@gmail.com>
Date: Fri, 23 Jan 2026 19:44:43 -0800
Subject: [PATCH] Add docker group (GID 999) to runner security context

---
 argocd/manifests/forgejo-runner/deployment.yaml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/argocd/manifests/forgejo-runner/deployment.yaml b/argocd/manifests/forgejo-runner/deployment.yaml
index dc535e2..57f1f05 100644
--- a/argocd/manifests/forgejo-runner/deployment.yaml
+++ b/argocd/manifests/forgejo-runner/deployment.yaml
@@ -58,8 +58,14 @@ spec:
               memory: "1Gi"
               cpu: "1000m"
           securityContext:
-            # Run as root to access Docker socket
+            # Run as root with docker group to access Docker socket
             runAsUser: 0
+            runAsGroup: 0
+      securityContext:
+        # Add docker group (GID 999 in minikube) for socket access
+        fsGroup: 999
+        supplementalGroups:
+          - 999
       volumes:
         - name: runner-data
           emptyDir: {}