feat(edge-connect): Added Forgejo Runner Deployment in Edge Connect Example

2025-10-15 16:00:38 +02:00 · 2025-10-15 16:00:38 +02:00 · 8f6fd94442
commit 8f6fd94442
parent 4ded2e193e
3 changed files with 143 additions and 0 deletions
--- a/sdk/examples/forgejo-runner/EdgeConnectConfig.yaml
+++ b/sdk/examples/forgejo-runner/EdgeConnectConfig.yaml
@ -0,0 +1,29 @@
+# Is there a swagger file for the new EdgeConnect API?
+# How does it differ from the EdgeXR API?
+kind: edgeconnect-deployment
+metadata:
+  name: "forgejo-runner-test" # name could be used for appName
+  appVersion: "1.0.0"
+  organization: "edp2"
+spec:
+  # dockerApp: # Docker is OBSOLETE
+  #   appVersion: "1.0.0"
+  #   manifestFile: "./docker-compose.yaml"
+  #   image: "https://registry-1.docker.io/library/nginx:latest"
+  k8sApp:
+    manifestFile: "./forgejo-runner-deployment.yaml"
+  infraTemplate:
+    - region: "EU"
+      cloudletOrg: "TelekomOP"
+      cloudletName: "Munich"
+      flavorName: "EU.small"
+  network:
+    outboundConnections:
+      - protocol: "tcp"
+        portRangeMin: 80
+        portRangeMax: 80
+        remoteCIDR: "0.0.0.0/0"
+      - protocol: "tcp"
+        portRangeMin: 443
+        portRangeMax: 443
+        remoteCIDR: "0.0.0.0/0"
--- a/sdk/examples/forgejo-runner/README.md
+++ b/sdk/examples/forgejo-runner/README.md
@ -0,0 +1,7 @@
+# Forgejo Runner in Edge Connect Example
+
+Execute in the projects main directory:
+
+```
+go run . apply -f forgejo-runner/EdgeConnectConfig.yaml
+```
--- a/sdk/examples/forgejo-runner/forgejo-runner-deployment.yaml
+++ b/sdk/examples/forgejo-runner/forgejo-runner-deployment.yaml
@ -0,0 +1,107 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: edgeconnect-coder-tcp
+  labels:
+    app: forgejo-runner
+spec:
+  type: LoadBalancer
+  ports:
+    - name: tcp80
+      protocol: TCP
+      port: 80
+      targetPort: 80
+  selector:
+    app: forgejo-runner
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: forgejo-runner
+  name: forgejo-runner
+spec:
+  # Two replicas means that if one is busy, the other can pick up jobs.
+  replicas: 3
+  selector:
+    matchLabels:
+      app: forgejo-runner
+  strategy: {}
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: forgejo-runner
+    spec:
+      restartPolicy: Always
+      volumes:
+      - name: docker-certs
+        emptyDir: {}
+      - name: runner-data
+        emptyDir: {}
+      # Initialise our configuration file using offline registration
+      # https://forgejo.org/docs/v1.21/admin/actions/#offline-registration
+      initContainers:
+        - name: runner-register
+          image: code.forgejo.org/forgejo/runner:6.4.0
+          command:
+          - "sh"
+          - "-c"
+          - |
+            forgejo-runner \
+              register \
+              --no-interactive \
+              --token "#####RUNNER_REGISTRATION_TOKEN#####" \
+              --name "edge-test" \
+              --instance "https://garm-provider-test.t09.de" \
+              --labels docker:docker://node:20-bookworm,ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04,ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-22.04
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+      containers:
+      - name: runner
+        image: code.forgejo.org/forgejo/runner:6.4.0
+        command: 
+          - "sh"
+          - "-c"
+          - |
+            while ! nc -z 127.0.0.1 2376 </dev/null; do
+              echo 'waiting for docker daemon...';
+              sleep 5;
+            done
+            forgejo-runner generate-config > config.yml ;
+            sed -i -e "s|privileged: .*|privileged: true|" config.yml
+            sed -i -e "s|network: .*|network: host|" config.yml ;
+            sed -i -e "s|^  envs:$$|  envs:\n    DOCKER_HOST: tcp://127.0.0.1:2376\n    DOCKER_TLS_VERIFY: 1\n    DOCKER_CERT_PATH: /certs/client|" config.yml ;
+            sed -i -e "s|^  options:|  options: -v /certs/client:/certs/client|" config.yml ;
+            sed -i -e "s|  valid_volumes: \[\]$$|  valid_volumes:\n    - /certs/client|" config.yml ;
+            /bin/forgejo-runner --config config.yml daemon
+        securityContext:
+          allowPrivilegeEscalation: true
+          privileged: true
+          readOnlyRootFilesystem: false
+          runAsGroup: 0
+          runAsNonRoot: false
+          runAsUser: 0
+        env:
+        - name: DOCKER_HOST
+          value: tcp://localhost:2376
+        - name: DOCKER_CERT_PATH
+          value: /certs/client
+        - name: DOCKER_TLS_VERIFY
+          value: "1"
+        volumeMounts:
+        - name: docker-certs
+          mountPath: /certs
+        - name: runner-data
+          mountPath: /data
+      - name: daemon
+        image: docker:28.0.4-dind
+        env:
+        - name: DOCKER_TLS_CERTDIR
+          value: /certs
+        securityContext:
+          privileged: true
+        volumeMounts:
+        - name: docker-certs
+          mountPath: /certs