---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitea-actions-runner
  namespace: default
  labels:
    app: gitea-actions-runner
spec:
  replicas: 1
  selector:
    matchLabels:
      app: gitea-actions-runner
  template:
    metadata:
      labels:
        app: gitea-actions-runner
    spec:
      securityContext:
        fsGroup: 1000
      initContainers:
      - name: wait-for-gitea
        image: busybox
        command:
          - sh
          - -c
          - |
            until nc -z -v -w30 gitea-int-service 3000; do
              echo "Waiting for gitea to be ready..."
              sleep 2
            done
      containers:
      - name: runner
        image: gitea/act_runner:0.2.11-dind-rootless
        securityContext:
          privileged: true
        env:
        - name: GITEA_INSTANCE_URL
          value: "http://gitea-int-service:3000/"
        - name: GITEA_RUNNER_REGISTRATION_TOKEN
          valueFrom:
            secretKeyRef:
              name: gitea-runner-token
              key: token
        - name: DOCKER_HOST
          value: tcp://localhost:2376
        - name: DOCKER_CERT_PATH
          value: /certs/client
        - name: DOCKER_TLS_VERIFY
          value: "1"
        volumeMounts:
        - name: storage
          mountPath: /data
      volumes:
      - name: storage
        persistentVolumeClaim:
          claimName: longhorn-gitea-dind