eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/argocd/manifests/forgejo-runner/deployment.yaml
Erich Blume 1425bf1f5c Upgrade forgejo-runner to v12.8, adopt server.connections, and clean up docs (#338) 
## Summary
- consolidate forgejo-runner how-to docs into current cards
- upgrade the k8s forgejo-runner deployment to the latest v12.8.x runner image
- switch the k8s runner from first-boot register flow to declarative server.connections config
- keep the runner image on the native Dagger build path and update the surrounding manifests/secrets

## Notes
- PR opened early for C1 review
- implementation and deployment verification will follow in subsequent commits

Reviewed-on: #338
2026-04-20 09:03:54 -07:00

85 lines
2.2 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: forgejo-runner
namespace: forgejo-runner
labels:
app: forgejo-runner
spec:
replicas: 1
selector:
matchLabels:
app: forgejo-runner
template:
metadata:
labels:
app: forgejo-runner
spec:
securityContext:
seccompProfile:
type: RuntimeDefault
containers:
# Forgejo runner daemon
- name: runner
image: code.forgejo.org/forgejo/runner:kustomized
env:
- name: TZ
value: America/Los_Angeles
command:
- /bin/sh
- -c
- |
# Wait for DinD to be ready
echo "Waiting for Docker daemon..."
while ! wget -q -O /dev/null http://localhost:2375/_ping 2>/dev/null; do
sleep 1
done
echo "Docker daemon ready"
# Render config with credentials from ExternalSecret.
envsubst < /config/config.yaml > /tmp/config.yaml
# Start daemon
exec forgejo-runner daemon --config /tmp/config.yaml
envFrom:
- secretRef:
name: forgejo-runner-env
volumeMounts:
- name: data
mountPath: /data
- name: config
mountPath: /config
- name: zoneinfo
mountPath: /usr/share/zoneinfo
readOnly: true
# Docker-in-Docker sidecar
- name: dind
image: docker:kustomized
securityContext:
privileged: true
seccompProfile:
type: Unconfined
env:
- name: DOCKER_TLS_CERTDIR
value: ""
volumeMounts:
- name: dind-storage
mountPath: /var/lib/docker
- name: config
mountPath: /etc/docker/daemon.json
subPath: daemon.json
readOnly: true
volumes:
- name: data
emptyDir: {}
- name: dind-storage
emptyDir: {}
- name: config
configMap:
name: forgejo-runner-config
- name: zoneinfo
hostPath:
path: /usr/share/zoneinfo
type: Directory
Reference in a new issue View git blame Copy permalink