Initial commit

.forgejo/workflows/action.yaml

@@ -0,0 +1,73 @@
+name: Setup Stackit CLI
+
+on:
+  push:
+    branches:
+      - main
+      - dev
+
+jobs:
+  setup-stackit-cli:
+    name: Install and Use Stackit CLI
+    runs-on: docker-dind
+
+    env:
+      STACKIT_SERVICE_ACOUNT_KEY: ${{ secrets.STACKIT_SERVICE_ACOUNT_KEY }}
+      STACKIT_PROJECT_ID: ${{ secrets.STACKIT_PROJECT_ID }}
+
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+
+      - name: Download and Install Stackit CLI
+        run: |
+          # Define variables
+          VERSION="0.40.7"
+          BIN_DIR="/usr/local/bin"
+          DOWNLOAD_URL="https://github.com/stackitcloud/stackit-cli/releases/download/v${VERSION}/stackit-cli_${VERSION}_linux_amd64.tar.gz"
+
+          # Download and extract
+          curl -sSL "$DOWNLOAD_URL" | tar -xz
+
+          # Move CLI binary to PATH
+          mv stackit "$BIN_DIR/"
+          chmod +x "$BIN_DIR/stackit"
+
+          # Verify installation
+          stackit --version
+        shell: bash
+
+      - name: Install kubectl
+        run: |
+          # Get latest version
+          curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+          chmod +x kubectl
+          mv kubectl /usr/local/bin/kubectl
+
+          # Verify kubectl installation
+          kubectl version --client --output=yaml
+        shell: bash
+
+      - name: Authenticate with STACKIT
+        run: |
+          echo "$STACKIT_SERVICE_ACOUNT_KEY" > "$HOME/.stackit.json"
+          stackit auth activate-service-account --service-account-key-path "$HOME/.stackit.json"
+        shell: bash
+
+      - name: Set project config
+        run: |
+          stackit config set --project-id "$STACKIT_PROJECT_ID"
+        shell: bash
+
+      - name: Get Kubeconfig SKE Cluster
+        run: stackit ske kubeconfig create pocnc-k8s --assume-yes
+        shell: bash
+
+      - name: Kubectl apply all namespaces in root folder
+        run: kubectl apply -f .
+        shell: bash
+
+      - name: Cleanup
+        run: rm -f "$HOME/.stackit.json"
+        if: always()
+        shell: bash

.gitignore

@@ -0,0 +1 @@
+.idea

ci-runner/runner.yaml

@@ -0,0 +1,98 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: forgejo-runner
+---
+apiVersion: v1
+stringData:
+  token: ""
+kind: Secret
+metadata:
+  name: runner-secret
+  namespace: forgejo-runner
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: forgejo-runner
+  name: forgejo-runner
+  namespace: forgejo-runner
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: forgejo-runner
+  template:
+    metadata:
+      labels:
+        app: forgejo-runner
+    spec:
+      restartPolicy: Always
+      volumes:
+        - name: runner-data
+          emptyDir: {}
+      initContainers:
+        - name: runner-register
+          image: code.forgejo.org/forgejo/runner:6.3.1
+          command:
+            - forgejo-runner
+            - register
+            - --no-interactive
+            - --instance
+            - $(FORGEJO_INSTANCE_URL)
+            - --token
+            - $(RUNNER_SECRET)
+            - --labels
+            - docker-dind # replace with your runner name
+          env:
+            - name: RUNNER_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: RUNNER_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: runner-secret
+                  key: token
+            - name: FORGEJO_INSTANCE_URL
+              value: https://xxx.git.onstackit.cloud/ # replace with your git instance
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+
+      containers:
+        - name: runner
+          image: code.forgejo.org/forgejo/runner:6.3.1
+          command:
+            - sh
+            - -c
+            - |
+              echo "Waiting for Docker daemon..."
+              while ! nc -z localhost 2375 </dev/null; do
+                echo "waiting..."
+                sleep 5
+              done
+              apk add --no-cache docker nodejs openssh curl yq coreutils
+              forgejo-runner generate-config > /data/config.yml
+              sed -i -e "s|privileged: .*|privileged: true|" /data/config.yml
+              exec forgejo-runner -c /data/config.yml daemon
+          env:
+            - name: DOCKER_HOST
+              value: tcp://localhost:2375
+          securityContext:
+            privileged: true
+            runAsUser: 0
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+
+        - name: daemon
+          image: docker:27.0.1-dind
+          command:
+            - dockerd
+            - -H
+            - tcp://0.0.0.0:2375
+            - --tls=false
+          securityContext:
+            privileged: true

test1.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: test1