professional-service-best-practices/dind-runner-forgejo-example
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dind-runner-forgejo-example/runner.yaml
Mauritz Uphoff 062d36e640
All checks were successful
/ build (push) Successful in 4s
Details
Initial commit
2025-08-18 14:33:03 +02:00

98 lines
No EOL
2.6 KiB
YAML
Raw Permalink Blame History

apiVersion: v1
kind: Namespace
metadata:
name: forgejo-runner
---
apiVersion: v1
stringData:
token: ""
kind: Secret
metadata:
name: runner-secret
namespace: forgejo-runner
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: forgejo-runner
name: forgejo-runner
namespace: forgejo-runner
spec:
replicas: 2
selector:
matchLabels:
app: forgejo-runner
template:
metadata:
labels:
app: forgejo-runner
spec:
restartPolicy: Always
volumes:
- name: runner-data
emptyDir: {}
initContainers:
- name: runner-register
image: code.forgejo.org/forgejo/runner:6.3.1
command:
- forgejo-runner
- register
- --no-interactive
- --instance
- $(FORGEJO_INSTANCE_URL)
- --token
- $(RUNNER_SECRET)
- --labels
- docker-dind # replace with your runner name
env:
- name: RUNNER_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: RUNNER_SECRET
valueFrom:
secretKeyRef:
name: runner-secret
key: token
- name: FORGEJO_INSTANCE_URL
value: https://professional-service.git.onstackit.cloud/ # replace with your git instance
volumeMounts:
- name: runner-data
mountPath: /data
containers:
- name: runner
image: code.forgejo.org/forgejo/runner:6.3.1
command:
- sh
- -c
- |
echo "Waiting for Docker daemon..."
while ! nc -z localhost 2375 </dev/null; do
echo "waiting..."
sleep 5
done
apk add --no-cache docker nodejs openssh curl yq coreutils
forgejo-runner generate-config > /data/config.yml
sed -i -e "s|privileged: .*|privileged: true|" /data/config.yml
exec forgejo-runner -c /data/config.yml daemon
env:
- name: DOCKER_HOST
value: tcp://localhost:2375
securityContext:
privileged: true
runAsUser: 0
volumeMounts:
- name: runner-data
mountPath: /data
- name: daemon
image: docker:27.0.1-dind
command:
- dockerd
- -H
- tcp://0.0.0.0:2375
- --tls=false
securityContext:
privileged: true
Reference in a new issue View git blame Copy permalink