runners added

2026-03-12 20:33:43 +00:00 · 2026-03-12 20:33:43 +00:00 · 01aefb54fb
commit 01aefb54fb
parent a6f74921d6
7 changed files with 153 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -1,6 +1,3 @@
-## Move hyperland set up to my own git
-
-
 ## Set up runners

 ## set up docker image registry
--- a/mist_infra/arc/forgejo/deploy.sh
+++ b/mist_infra/arc/forgejo/deploy.sh
@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# ==========================================================
+# Deploy Forgejo act_runner to Kubernetes
+# ==========================================================
+
+NAMESPACE="forgejo-runners"
+SCRIPT_DIR="$(dirname "$0")"
+
+echo "=== Deploying Forgejo Runner ==="
+
+# Prompt for token if not set in deployment.yaml
+TOKEN="RPAjk4Jdc42By5vSxnULPPPrjU0goPLQIiKgwOIo"
+echo
+
+kubectl create namespace "$NAMESPACE" --dry-run=client -o yaml | kubectl apply -f -
+
+kubectl create secret generic forgejo-runner-secret \
+  --namespace "$NAMESPACE" \
+  --from-literal=token="$TOKEN" \
+  --dry-run=client -o yaml | kubectl apply -f -
+
+kubectl apply -f "$SCRIPT_DIR/deployment.yaml"
+
+echo
+echo "✅ Forgejo runner deployed"
+echo
+echo "Next steps:"
+echo "- kubectl get pods -n $NAMESPACE"
+echo "- Check runner appears at: https://git.juntekim.com/-/admin/runners"
--- a/mist_infra/arc/forgejo/deployment.yaml
+++ b/mist_infra/arc/forgejo/deployment.yaml
@ -0,0 +1,87 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: forgejo-runners
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: forgejo-runner-data
+  namespace: forgejo-runners
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: rook-ceph-block
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: forgejo-runner-secret
+  namespace: forgejo-runners
+type: Opaque
+stringData:
+  token: "RPAjk4Jdc42By5vSxnULPPPrjU0goPLQIiKgwOIo"
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: forgejo-runner
+  namespace: forgejo-runners
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: forgejo-runner
+  template:
+    metadata:
+      labels:
+        app: forgejo-runner
+    spec:
+      initContainers:
+        - name: register
+          image: gitea/act_runner:latest
+          command:
+            - sh
+            - -c
+            - |
+              if [ ! -f /data/.runner ]; then
+                act_runner register --no-interactive \
+                  --instance https://git.juntekim.com \
+                  --token "RPAjk4Jdc42By5vSxnULPPPrjU0goPLQIiKgwOIo" \
+                  --name mist-runner \
+                  --labels "self-hosted,linux,x64"
+              else
+                echo "Runner already registered, skipping."
+              fi
+          workingDir: /data
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+      containers:
+        - name: runner
+          image: gitea/act_runner:latest
+          command: ["act_runner", "daemon"]
+          workingDir: /data
+          env:
+            - name: DOCKER_HOST
+              value: tcp://localhost:2375
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+        - name: dind
+          image: docker:dind
+          securityContext:
+            privileged: true
+          env:
+            - name: DOCKER_TLS_CERTDIR
+              value: ""
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+      volumes:
+        - name: runner-data
+          persistentVolumeClaim:
+            claimName: forgejo-runner-data
--- a/mist_infra/arc/forgejo/values.yaml
+++ b/mist_infra/arc/forgejo/values.yaml
@ -0,0 +1,34 @@
+instanceURL: https://git.juntekim.com
+
+# Registration token from Forgejo:
+# Site Admin → Actions → Runners → Create new runner
+# Store as a k8s secret and reference here, or set directly for bootstrapping
+registrationToken: "RPAjk4Jdc42By5vSxnULPPPrjU0goPLQIiKgwOIo"  # TODO: fill in or use existingSecret
+
+# Uncomment to use an existing k8s secret instead:
+# existingSecret: forgejo-runner-secret
+# existingSecretKey: token
+
+runnerName: mist-runner
+
+runnerLabels:
+  - self-hosted
+  - linux
+  - x64
+
+replicaCount: 1
+
+# Enable DinD if you need to build Docker images in CI
+dind:
+  enabled: true
+  privileged: true
+
+resources:
+  requests:
+    cpu: 100m
+    memory: 256Mi
+  limits:
+    cpu: 1000m
+    memory: 1Gi
+
+namespace: forgejo-runners
--- a/mist_infra/arc/github/controller-values.yaml
+++ b/mist_infra/arc/github/controller-values.yaml
--- a/mist_infra/arc/github/update_arc.sh
+++ b/mist_infra/arc/github/update_arc.sh
--- a/mist_infra/arc/github/values.yaml
+++ b/mist_infra/arc/github/values.yaml
@ -1,7 +1,7 @@
 githubConfigUrl: https://github.com/MealCraft

 githubConfigSecret:
-  github_token: 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
+  github_token: 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 # mealcraft-github-runner-token

 runnerScaleSetName: mealcraft-runners