eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/argocd/manifests/forgejo-runner/deployment.yaml

78 lines
2.3 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: forgejo-runner
namespace: forgejo-runner
spec:
replicas: 1
selector:
matchLabels:
app: forgejo-runner
template:
metadata:
labels:
app: forgejo-runner
spec:
serviceAccountName: forgejo-runner
containers:
- name: runner
image: registry.tail8d86e.ts.net/blumeops/forgejo-runner:latest
env:
# Use internal k8s service via Tailscale operator egress
- name: FORGEJO_INSTANCE_URL
value: "http://forge.tailscale.svc.cluster.local:3001"
- name: RUNNER_NAME
value: "k8s-runner-1"
- name: RUNNER_TOKEN
valueFrom:
secretKeyRef:
name: forgejo-runner-token
key: token
command:
- /bin/sh
- -c
- |
# Register runner if not already registered
if [ ! -f /data/.runner ]; then
forgejo-runner register \
--instance "$FORGEJO_INSTANCE_URL" \
--token "$RUNNER_TOKEN" \
--name "$RUNNER_NAME" \
--labels "ubuntu-latest:host,ubuntu-22.04:host" \
--no-interactive
fi
# Start the runner daemon with config
forgejo-runner daemon --config /config/config.yaml
volumeMounts:
- name: runner-data
mountPath: /data
- name: runner-config
mountPath: /config
- name: docker-sock
mountPath: /var/run/docker.sock
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "1Gi"
cpu: "1000m"
securityContext:
# Run as root with docker group to access Docker socket
runAsUser: 0
runAsGroup: 0
securityContext:
# Add docker group (GID 999 in minikube) for socket access
fsGroup: 999
supplementalGroups:
- 999
volumes:
- name: runner-data
emptyDir: {}
- name: runner-config
configMap:
name: forgejo-runner-config
- name: docker-sock
hostPath:
path: /var/run/docker.sock
type: Socket
Reference in a new issue View git blame Copy permalink