fix(forgejo-runner): use initContainer to make .runner writeable

forgejo-runner/Chart.yaml

@@ -2,6 +2,6 @@ apiVersion: v2
 name: forgejo-runner
 description: Deploy runner for an forgejo instance (default codeberg.org)
 type: application
-version: 0.1.3
+version: 0.1.4
 
 appVersion: "3.2.0"

forgejo-runner/templates/deployment.yaml

@@ -30,13 +30,25 @@ spec:
       serviceAccountName: {{ include "forgejo-runner.serviceAccountName" . }}
       securityContext:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      initContainers:
+        - name: make-config-writeable
+          image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          command: [ "/bin/cp", "/etc/runner/.runner", "/data/.runner" ]
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+            - name: runner-data
+              mountPath: /data
+            - name: runner-config
+              mountPath: /etc/runner
       containers:
         - name: runner
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
-          command: [ "/bin//forgejo-runner", "daemon" ]
+          command: [ "/bin/forgejo-runner", "daemon" ]
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
           env:
@@ -51,8 +63,6 @@ spec:
               mountPath: /certs
             - name: runner-data
               mountPath: /data
-            - name: runner-cache
-              mountPath: /data/.cache
         - name: dind
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
@@ -72,9 +82,9 @@ spec:
       volumes:
         - name: docker-certs
           emptyDir: {}
-        - name: runner-cache
-          emptyDir: {}
         - name: runner-data
+          emptyDir: {}
+        - name: runner-config
           secret:
             secretName: {{ .Values.runner.config.existingSecret | default (print ( include "forgejo-runner.fullname" . ) "-config") | quote }}
         {{- with .Values.volumes }}

forgejo-runner/templates/jobs.yaml

@@ -9,6 +9,9 @@ metadata:
   labels:
     app.kubernetes.io/component: config-generate-job
     {{- include "forgejo-runner.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
@@ -17,6 +20,9 @@ metadata:
   labels:
     app.kubernetes.io/component: config-generate-job
     {{- include "forgejo-runner.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
 rules:
   - apiGroups:
       - ""
@@ -36,6 +42,9 @@ metadata:
   labels:
     app.kubernetes.io/component: config-generate-job
     {{- include "forgejo-runner.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role