Enable Forgejo Actions (Phase 1) #48

Merged

eblume merged 8 commits from feature/forgejo-actions-p1 into main 2026-01-23 17:00:13 -08:00

Conversation 0 Commits 8 Files changed 15 +426 -15

eblume commented 2026-01-23 15:52:32 -08:00

Owner

Copy link

Summary

• Refactor Forgejo app.ini to be managed by ansible with secrets from 1Password
• Enable Forgejo Actions in config ([actions] ENABLED = true)
• Add repo.actions to DEFAULT_REPO_UNITS
• Clean up unused MySQL database fields (we use SQLite)

Phase 1 Progress

This PR covers the first part of Phase 1 (ci-cd-bootstrap plan):

• Refactor app.ini to ansible template
• Store secrets in 1Password
• Enable Actions in config
• Deploy config changes (pending review)
• Create runner registration token
• Deploy runner to k8s
• Test with simple workflow

Deployment and Testing

• Run mise run provision-indri -- --tags forgejo to deploy
• Verify Forgejo restarts correctly
• Verify Actions tab appears in repo settings

🤖 Generated with Claude Code

## Summary - Refactor Forgejo app.ini to be managed by ansible with secrets from 1Password - Enable Forgejo Actions in config (`[actions] ENABLED = true`) - Add `repo.actions` to DEFAULT_REPO_UNITS - Clean up unused MySQL database fields (we use SQLite) ## Phase 1 Progress This PR covers the first part of Phase 1 (ci-cd-bootstrap plan): - [x] Refactor app.ini to ansible template - [x] Store secrets in 1Password - [x] Enable Actions in config - [ ] Deploy config changes (pending review) - [ ] Create runner registration token - [ ] Deploy runner to k8s - [ ] Test with simple workflow ## Deployment and Testing - [ ] Run `mise run provision-indri -- --tags forgejo` to deploy - [ ] Verify Forgejo restarts correctly - [ ] Verify Actions tab appears in repo settings 🤖 Generated with [Claude Code](https://claude.com/claude-code)

eblume added 1 commit 2026-01-23 15:52:32 -08:00

Refactor Forgejo config to use 1Password secrets ... 7653c85649

- Move app.ini to ansible template with secrets from 1Password
- Enable Forgejo Actions in config
- Add DEFAULT_REPO_UNITS with repo.actions
- Clean up unused MySQL database fields (using SQLite)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

eblume added 1 commit 2026-01-23 16:09:38 -08:00

Add Forgejo Actions runner k8s deployment ... feff296979

- ArgoCD Application for forgejo-runner
- Deployment with Docker socket access for running workflow containers
- Secret template for runner registration token (via op inject)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

eblume added 1 commit 2026-01-23 16:20:08 -08:00

Fix Forgejo runner to use internal k8s service URL ... 266f5944b9

Use http://forge.tailscale.svc.cluster.local:3001 instead of
https://forge.tail8d86e.ts.net - the Tailscale operator provides
egress routing to indri via this internal service.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

eblume added 1 commit 2026-01-23 16:28:39 -08:00

Switch Forgejo runner to Kubernetes backend ... 460449326e

- Use k8s pods instead of Docker containers for job execution
- Add RBAC for runner to create/manage job pods
- Add ConfigMap with runner config for kubernetes backend
- Remove Docker socket mount (no longer needed)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

eblume added 1 commit 2026-01-23 16:40:41 -08:00

Switch Forgejo runner to host mode ... 338456b820

- Use host labels (ubuntu-latest:host) instead of docker://
- Remove RBAC (not needed for host mode)
- Simplify configmap (no container backend config needed)

Host mode runs jobs directly in the runner container, which is
acceptable since we control all workflows and the pod provides
isolation from indri.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

eblume added 1 commit 2026-01-23 16:51:58 -08:00

Add test workflow and document CI/CD setup ... 70f2227313

- Create .forgejo/workflows/test.yaml with basic hello world workflow
- Update README.md with CI/CD section explaining Forgejo Actions

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

eblume added 1 commit 2026-01-23 16:54:58 -08:00

Fix test workflow for host mode, add custom runner image plan ... b2c5716e21

- Use git clone instead of actions/checkout (no Node.js in runner)
- Add Use Case 0 to P4: build custom runner image with Node.js

The stock forgejo/runner image lacks Node.js, so standard GitHub
Actions don't work in host mode. P4 now includes building a custom
runner image as the first step.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

eblume added 1 commit 2026-01-23 16:56:23 -08:00

Fix checkout to use head_ref for PRs ... 66c20e8edd

gitea.ref_name returns PR number for pull_request events, need to
use gitea.head_ref to get the actual branch name.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

eblume merged commit 7893c41020 into main 2026-01-23 17:00:13 -08:00

eblume referenced this pull request from a commit 2026-01-23 17:00:14 -08:00

Enable Forgejo Actions (Phase 1) (#48)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

eblume/blumeops!48

No description provided.