apiVersion: apps/v1 kind: Deployment metadata: name: forgejo-runner namespace: forgejo-runner labels: app: forgejo-runner spec: replicas: 1 selector: matchLabels: app: forgejo-runner template: metadata: labels: app: forgejo-runner spec: containers: # Forgejo runner daemon - name: runner image: code.forgejo.org/forgejo/runner:kustomized env: - name: TZ value: America/Los_Angeles - name: DOCKER_HOST value: tcp://localhost:2375 - name: FORGEJO_URL value: "https://forge.ops.eblu.me" - name: RUNNER_NAME value: "k8s-runner" - name: RUNNER_LABELS value: "k8s:docker://registry.ops.eblu.me/blumeops/runner-job-image:v0.20.1-24f7512" command: - /bin/sh - -c - | # Wait for DinD to be ready echo "Waiting for Docker daemon..." while ! wget -q -O /dev/null http://localhost:2375/_ping 2>/dev/null; do sleep 1 done echo "Docker daemon ready" # Register if not already registered if [ ! -f /data/.runner ]; then echo "Registering runner..." forgejo-runner register \ --instance "$FORGEJO_URL" \ --token "$RUNNER_TOKEN" \ --name "$RUNNER_NAME" \ --labels "$RUNNER_LABELS" \ --no-interactive fi # Start daemon exec forgejo-runner daemon --config /config/config.yaml envFrom: - secretRef: name: forgejo-runner-env volumeMounts: - name: data mountPath: /data - name: config mountPath: /config - name: zoneinfo mountPath: /usr/share/zoneinfo readOnly: true # Docker-in-Docker sidecar - name: dind image: docker:kustomized securityContext: privileged: true env: - name: DOCKER_TLS_CERTDIR value: "" volumeMounts: - name: dind-storage mountPath: /var/lib/docker - name: config mountPath: /etc/docker/daemon.json subPath: daemon.json readOnly: true volumes: - name: data emptyDir: {} - name: dind-storage emptyDir: {} - name: config configMap: name: forgejo-runner-config - name: zoneinfo hostPath: path: /usr/share/zoneinfo type: Directory