apiVersion: v1
kind: ConfigMap
metadata:
  name: gitea-runner-config
  namespace: gitea
data:
  config.yaml: |
    log:
      level: info
    runner:
      name: k8s-runner
      capacity: 10
      timeout: 3h
      insecure: false
      fetch_timeout: 5s
      fetch_interval: 2s
      labels:
        - "ubuntu-latest:docker://catthehacker/ubuntu:act-latest"
        - "ubuntu-24.04:docker://catthehacker/ubuntu:act-latest"
        - "ubuntu-24.04-arm:docker://catthehacker/ubuntu:act-latest"
    container:
      network: host
      options: -e DOCKER_HOST=tcp://localhost:2375
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitea-runner
  namespace: gitea
  labels:
    app: gitea-runner
spec:
  replicas: 1
  selector:
    matchLabels:
      app: gitea-runner
  template:
    metadata:
      labels:
        app: gitea-runner
    spec:
      restartPolicy: Always
      volumes:
        - name: docker-certs
          emptyDir: {}
        - name: runner-data
          emptyDir: {}
        - name: config
          configMap:
            name: gitea-runner-config
      containers:
        # Docker daemon (Docker-in-Docker)
        - name: docker-daemon
          image: docker:dind
          env:
            - name: DOCKER_TLS_CERTDIR
              value: ""
          securityContext:
            privileged: true
          volumeMounts:
            - name: docker-certs
              mountPath: /certs

        # Gitea Actions runner
        - name: runner
          image: gitea/act_runner:latest
          command:
            - sh
            - -c
            - |
              while ! nc -z localhost 2375 </dev/null; do
                echo 'waiting for docker daemon...';
                sleep 1;
              done
              act_runner register --no-interactive --instance "$GITEA_INSTANCE_URL" --token "$GITEA_RUNNER_REGISTRATION_TOKEN" --name k8s-runner --labels "ubuntu-latest:docker://catthehacker/ubuntu:act-latest,ubuntu-24.04:docker://catthehacker/ubuntu:act-latest,ubuntu-24.04-arm:docker://catthehacker/ubuntu:act-latest"
              act_runner daemon
          env:
            - name: DOCKER_HOST
              value: tcp://localhost:2375
            - name: GITEA_INSTANCE_URL
              value: "http://gitea-http.gitea.svc.cluster.local:3000"
            - name: GITEA_RUNNER_REGISTRATION_TOKEN
              valueFrom:
                secretKeyRef:
                  name: gitea-runner-token
                  key: token
          volumeMounts:
            - name: docker-certs
              mountPath: /certs
            - name: runner-data
              mountPath: /data
            - name: config
              mountPath: /config.yaml
              subPath: config.yaml
          resources:
            requests:
              cpu: 50m
              memory: 128Mi