Test with explicit host labels in registration

Added --labels flag to registration command:
- Explicitly specify host execution during registration
- Should override any container-based execution
- Testing if Docker daemon errors are finally resolved

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

forgejo-runner-helm/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "forgejo-runner.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "forgejo-runner.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "forgejo-runner.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "forgejo-runner.labels" -}}
+helm.sh/chart: {{ include "forgejo-runner.chart" . }}
+{{ include "forgejo-runner.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "forgejo-runner.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "forgejo-runner.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "forgejo-runner.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "forgejo-runner.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

forgejo-runner-helm/templates/configmap.yaml

@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "forgejo-runner.fullname" . }}-config
+  labels:
+    {{- include "forgejo-runner.labels" . | nindent 4 }}
+data:
+  config.yaml: |
+    # Config for Forgejo runner
+    log:
+      level: info
+    runner:
+      file: .runner
+      capacity: 1
+      timeout: 3h
+      insecure: false
+      fetch_timeout: 5s
+      fetch_interval: 2s
+      labels:
+        - "ubuntu-latest:host"
+        - "ubuntu-22.04:host"
+        - "node:host"
+        - "alpine:host"
+    cache:
+      enabled: true
+      dir: ""
+      host: ""
+      port: 0
+    container:
+      network: "bridge"
+      privileged: false
+      options: ""
+      workdir_parent: "/tmp/actions"
+      force_pull: true
+      valid_volumes: []
+      podman_binary: "podman"
+    host:
+      workdir_parent: "/tmp/actions"

forgejo-runner-helm/templates/deployment.yaml

@@ -0,0 +1,103 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "forgejo-runner.fullname" . }}
+  labels:
+    {{- include "forgejo-runner.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "forgejo-runner.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "forgejo-runner.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "forgejo-runner.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          command:
+            - "/bin/sh"
+            - "-c"
+            - |
+              cd /data
+              
+              # Setup Podman environment for rootless containers
+              export XDG_RUNTIME_DIR="/tmp/runtime-runner"
+              mkdir -p $XDG_RUNTIME_DIR ~/.config/containers ~/.local/share/containers
+              chmod 0700 $XDG_RUNTIME_DIR
+              
+              # Create subuid/subgid for rootless containers
+              echo "1000:100000:65536" > /tmp/subuid
+              echo "1000:100000:65536" > /tmp/subgid
+              export SUBUID_FILE=/tmp/subuid
+              export SUBGID_FILE=/tmp/subgid
+              
+              echo "Testing Podman setup..."
+              podman --version
+              podman info || echo "Podman info failed, continuing..."
+              
+              echo "Registering runner with Forgejo..."
+              /bin/forgejo-runner register \
+                --no-interactive \
+                --instance "$FORGEJO_RUNNER_URL" \
+                --token "$FORGEJO_RUNNER_TOKEN" \
+                --name "$FORGEJO_RUNNER_NAME" \
+                --labels "ubuntu-latest:host,ubuntu-22.04:host,node:host,alpine:host"
+              
+              echo "Starting runner..."
+              exec /bin/forgejo-runner daemon --config /etc/forgejo-runner/config.yaml
+          env:
+            - name: FORGEJO_RUNNER_URL
+              value: {{ required "forgejo.url is required" .Values.forgejo.url | quote }}
+            - name: FORGEJO_RUNNER_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "forgejo-runner.fullname" . }}-secret
+                  key: token
+            - name: FORGEJO_RUNNER_NAME
+              value: {{ .Values.runner.namePrefix }}-$(hostname)
+            - name: FORGEJO_RUNNER_LABELS
+              value: {{ join "," .Values.runner.labels | quote }}
+            - name: CONTAINER_RUNTIME
+              value: "podman"
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+            - name: runner-config
+              mountPath: /etc/forgejo-runner
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+      volumes:
+        - name: runner-data
+          emptyDir: {}
+        - name: runner-config
+          configMap:
+            name: {{ include "forgejo-runner.fullname" . }}-config
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}

forgejo-runner-helm/templates/secret.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "forgejo-runner.fullname" . }}-secret
+  labels:
+    {{- include "forgejo-runner.labels" . | nindent 4 }}
+type: Opaque
+data:
+  token: {{ required "forgejo.runner_registration_token is required" .Values.forgejo.runner_registration_token | b64enc | quote }}

forgejo-runner-helm/templates/serviceaccount.yaml

@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "forgejo-runner.serviceAccountName" . }}
+  labels:
+    {{- include "forgejo-runner.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}