apiVersion: v1 kind: Namespace metadata: name: forgejo-runner --- apiVersion: v1 stringData: token: "" kind: Secret metadata: name: runner-secret namespace: forgejo-runner --- apiVersion: apps/v1 kind: Deployment metadata: labels: app: forgejo-runner name: forgejo-runner namespace: forgejo-runner spec: replicas: 2 selector: matchLabels: app: forgejo-runner template: metadata: labels: app: forgejo-runner spec: restartPolicy: Always volumes: - name: runner-data emptyDir: {} initContainers: - name: runner-register image: code.forgejo.org/forgejo/runner:6.3.1 command: - forgejo-runner - register - --no-interactive - --instance - $(FORGEJO_INSTANCE_URL) - --token - $(RUNNER_SECRET) - --labels - docker-dind # replace with your runner name env: - name: RUNNER_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: RUNNER_SECRET valueFrom: secretKeyRef: name: runner-secret key: token - name: FORGEJO_INSTANCE_URL value: https://xxx.git.onstackit.cloud/ # replace with your git instance volumeMounts: - name: runner-data mountPath: /data containers: - name: runner image: code.forgejo.org/forgejo/runner:6.3.1 command: - sh - -c - | echo "Waiting for Docker daemon..." while ! nc -z localhost 2375 /data/config.yml sed -i -e "s|privileged: .*|privileged: true|" /data/config.yml exec forgejo-runner -c /data/config.yml daemon env: - name: DOCKER_HOST value: tcp://localhost:2375 securityContext: privileged: true runAsUser: 0 volumeMounts: - name: runner-data mountPath: /data - name: daemon image: docker:27.0.1-dind command: - dockerd - -H - tcp://0.0.0.0:2375 - --tls=false securityContext: privileged: true