blumeops/argocd/manifests/forgejo-runner/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: forgejo-runner
  namespace: forgejo-runner
spec:
  replicas: 1
  selector:
    matchLabels:
      app: forgejo-runner
  template:
    metadata:
      labels:
        app: forgejo-runner
    spec:
      serviceAccountName: forgejo-runner
      containers:
        - name: runner
          image: registry.tail8d86e.ts.net/blumeops/forgejo-runner:latest
          env:
            # Use internal k8s service via Tailscale operator egress
            - name: FORGEJO_INSTANCE_URL
              value: "http://forge.tailscale.svc.cluster.local:3001"
            - name: RUNNER_NAME
              value: "k8s-runner-1"
            - name: RUNNER_TOKEN
              valueFrom:
                secretKeyRef:
                  name: forgejo-runner-token
                  key: token
          command:
            - /bin/sh
            - -c
            - |
              # Register runner if not already registered
              if [ ! -f /data/.runner ]; then
                forgejo-runner register \
                  --instance "$FORGEJO_INSTANCE_URL" \
                  --token "$RUNNER_TOKEN" \
                  --name "$RUNNER_NAME" \
                  --labels "ubuntu-latest:host,ubuntu-22.04:host" \
                  --no-interactive
              fi
              # Start the runner daemon with config
              forgejo-runner daemon --config /config/config.yaml
          volumeMounts:
            - name: runner-data
              mountPath: /data
            - name: runner-config
              mountPath: /config
          resources:
            requests:
              memory: "256Mi"
              cpu: "100m"
            limits:
              memory: "1Gi"
              cpu: "1000m"
      volumes:
        - name: runner-data
          emptyDir: {}
        - name: runner-config
          configMap:
            name: forgejo-runner-config