From 204066eae4497d3d716ae4c01b36bf7d382ef55724be3ed6ab18a69d73060a07 Mon Sep 17 00:00:00 2001 From: Evan Carroll Date: Sun, 8 Jun 2025 00:56:43 -0500 Subject: [PATCH] Test with explicit host labels in registration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added --labels flag to registration command: - Explicitly specify host execution during registration - Should override any container-based execution - Testing if Docker daemon errors are finally resolved 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- forgejo-runner-helm/Chart.yaml | 17 +++ forgejo-runner-helm/README.md | 39 +++++++ forgejo-runner-helm/templates/_helpers.tpl | 62 +++++++++++ forgejo-runner-helm/templates/configmap.yaml | 38 +++++++ forgejo-runner-helm/templates/deployment.yaml | 103 ++++++++++++++++++ forgejo-runner-helm/templates/secret.yaml | 9 ++ .../templates/serviceaccount.yaml | 12 ++ forgejo-runner-helm/values.yaml | 61 +++++++++++ 8 files changed, 341 insertions(+) create mode 100644 forgejo-runner-helm/Chart.yaml create mode 100644 forgejo-runner-helm/README.md create mode 100644 forgejo-runner-helm/templates/_helpers.tpl create mode 100644 forgejo-runner-helm/templates/configmap.yaml create mode 100644 forgejo-runner-helm/templates/deployment.yaml create mode 100644 forgejo-runner-helm/templates/secret.yaml create mode 100644 forgejo-runner-helm/templates/serviceaccount.yaml create mode 100644 forgejo-runner-helm/values.yaml diff --git a/forgejo-runner-helm/Chart.yaml b/forgejo-runner-helm/Chart.yaml new file mode 100644 index 0000000..5b56547 --- /dev/null +++ b/forgejo-runner-helm/Chart.yaml @@ -0,0 +1,17 @@ +apiVersion: v2 +name: forgejo-runner +description: A Helm chart for Forgejo runners +type: application +version: 0.1.0 +appVersion: "latest" +keywords: + - forgejo + - runner + - ci + - cd +home: https://forgejo.org/ +sources: + - https://codeberg.org/forgejo/runner +maintainers: + - name: forgejo-runner-helm +icon: https://forgejo.org/images/logo-forgejo.svg \ No newline at end of file diff --git a/forgejo-runner-helm/README.md b/forgejo-runner-helm/README.md new file mode 100644 index 0000000..7134549 --- /dev/null +++ b/forgejo-runner-helm/README.md @@ -0,0 +1,39 @@ +# Forgejo Runner Helm Chart + +This Helm chart deploys Forgejo runners on a Kubernetes cluster. + +## Installation + +```bash +helm install my-forgejo-runner ./forgejo-runner-helm \ + --set forgejo.url="https://your-forgejo-instance.com" \ + --set forgejo.token="your-registration-token" \ + --set replicaCount=3 +``` + +## Configuration + +The following table lists the configurable parameters: + +| Parameter | Description | Default | +|-----------|-------------|---------| +| `replicaCount` | Number of runner replicas | `1` | +| `forgejo.url` | Forgejo instance URL | `""` (required) | +| `forgejo.token` | Registration token | `""` (required) | +| `image.repository` | Container image repository | `code.forgejo.org/forgejo/runner` | +| `image.tag` | Container image tag | `latest` | +| `runner.labels` | Labels for the runner | `["ubuntu-latest"]` | +| `runner.namePrefix` | Name prefix for runners | `"forgejo-runner"` | + +## Example + +```yaml +# values.yaml +replicaCount: 2 +forgejo: + url: "https://forgejo.example.com" + token: "your-secret-token" +runner: + labels: ["ubuntu-latest", "docker"] + namePrefix: "k8s-runner" +```# Explicit host labels test Sun Jun 8 12:56:43 AM CDT 2025 diff --git a/forgejo-runner-helm/templates/_helpers.tpl b/forgejo-runner-helm/templates/_helpers.tpl new file mode 100644 index 0000000..903d4e4 --- /dev/null +++ b/forgejo-runner-helm/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "forgejo-runner.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "forgejo-runner.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "forgejo-runner.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "forgejo-runner.labels" -}} +helm.sh/chart: {{ include "forgejo-runner.chart" . }} +{{ include "forgejo-runner.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "forgejo-runner.selectorLabels" -}} +app.kubernetes.io/name: {{ include "forgejo-runner.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "forgejo-runner.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "forgejo-runner.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/forgejo-runner-helm/templates/configmap.yaml b/forgejo-runner-helm/templates/configmap.yaml new file mode 100644 index 0000000..73abf03 --- /dev/null +++ b/forgejo-runner-helm/templates/configmap.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "forgejo-runner.fullname" . }}-config + labels: + {{- include "forgejo-runner.labels" . | nindent 4 }} +data: + config.yaml: | + # Config for Forgejo runner + log: + level: info + runner: + file: .runner + capacity: 1 + timeout: 3h + insecure: false + fetch_timeout: 5s + fetch_interval: 2s + labels: + - "ubuntu-latest:host" + - "ubuntu-22.04:host" + - "node:host" + - "alpine:host" + cache: + enabled: true + dir: "" + host: "" + port: 0 + container: + network: "bridge" + privileged: false + options: "" + workdir_parent: "/tmp/actions" + force_pull: true + valid_volumes: [] + podman_binary: "podman" + host: + workdir_parent: "/tmp/actions" \ No newline at end of file diff --git a/forgejo-runner-helm/templates/deployment.yaml b/forgejo-runner-helm/templates/deployment.yaml new file mode 100644 index 0000000..a17ea13 --- /dev/null +++ b/forgejo-runner-helm/templates/deployment.yaml @@ -0,0 +1,103 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "forgejo-runner.fullname" . }} + labels: + {{- include "forgejo-runner.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "forgejo-runner.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "forgejo-runner.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "forgejo-runner.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - "/bin/sh" + - "-c" + - | + cd /data + + # Setup Podman environment for rootless containers + export XDG_RUNTIME_DIR="/tmp/runtime-runner" + mkdir -p $XDG_RUNTIME_DIR ~/.config/containers ~/.local/share/containers + chmod 0700 $XDG_RUNTIME_DIR + + # Create subuid/subgid for rootless containers + echo "1000:100000:65536" > /tmp/subuid + echo "1000:100000:65536" > /tmp/subgid + export SUBUID_FILE=/tmp/subuid + export SUBGID_FILE=/tmp/subgid + + echo "Testing Podman setup..." + podman --version + podman info || echo "Podman info failed, continuing..." + + echo "Registering runner with Forgejo..." + /bin/forgejo-runner register \ + --no-interactive \ + --instance "$FORGEJO_RUNNER_URL" \ + --token "$FORGEJO_RUNNER_TOKEN" \ + --name "$FORGEJO_RUNNER_NAME" \ + --labels "ubuntu-latest:host,ubuntu-22.04:host,node:host,alpine:host" + + echo "Starting runner..." + exec /bin/forgejo-runner daemon --config /etc/forgejo-runner/config.yaml + env: + - name: FORGEJO_RUNNER_URL + value: {{ required "forgejo.url is required" .Values.forgejo.url | quote }} + - name: FORGEJO_RUNNER_TOKEN + valueFrom: + secretKeyRef: + name: {{ include "forgejo-runner.fullname" . }}-secret + key: token + - name: FORGEJO_RUNNER_NAME + value: {{ .Values.runner.namePrefix }}-$(hostname) + - name: FORGEJO_RUNNER_LABELS + value: {{ join "," .Values.runner.labels | quote }} + - name: CONTAINER_RUNTIME + value: "podman" + volumeMounts: + - name: runner-data + mountPath: /data + - name: runner-config + mountPath: /etc/forgejo-runner + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: runner-data + emptyDir: {} + - name: runner-config + configMap: + name: {{ include "forgejo-runner.fullname" . }}-config + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} \ No newline at end of file diff --git a/forgejo-runner-helm/templates/secret.yaml b/forgejo-runner-helm/templates/secret.yaml new file mode 100644 index 0000000..468e11d --- /dev/null +++ b/forgejo-runner-helm/templates/secret.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "forgejo-runner.fullname" . }}-secret + labels: + {{- include "forgejo-runner.labels" . | nindent 4 }} +type: Opaque +data: + token: {{ required "forgejo.runner_registration_token is required" .Values.forgejo.runner_registration_token | b64enc | quote }} \ No newline at end of file diff --git a/forgejo-runner-helm/templates/serviceaccount.yaml b/forgejo-runner-helm/templates/serviceaccount.yaml new file mode 100644 index 0000000..7037753 --- /dev/null +++ b/forgejo-runner-helm/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "forgejo-runner.serviceAccountName" . }} + labels: + {{- include "forgejo-runner.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/forgejo-runner-helm/values.yaml b/forgejo-runner-helm/values.yaml new file mode 100644 index 0000000..0ea5849 --- /dev/null +++ b/forgejo-runner-helm/values.yaml @@ -0,0 +1,61 @@ +# Default values for forgejo-runner +replicaCount: 1 + +forgejo: + # URL of the Forgejo instance + url: "" + # Runner registration token for registering runners + runner_registration_token: "" + +image: + repository: git.coworkunion.com/evancarroll/forgejo-podman-runner + pullPolicy: Always + tag: "latest" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: + fsGroup: 1000 + +securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: false + runAsNonRoot: true + runAsUser: 1000 + runAsGroup: 1000 + +resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +# Runner configuration +runner: + # Labels to assign to the runner + labels: ["ubuntu-latest"] + # Name prefix for runners + namePrefix: "forgejo-runner"