apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: forgejo-runner
  name: forgejo-runner
  namespace: development
spec:
  replicas: 1
  selector:
    matchLabels:
      app: forgejo-runner
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: forgejo-runner
    spec:
      nodeSelector:
        role: worker
      restartPolicy: Always
      volumes:
      - name: docker-certs
        emptyDir: {}
      - name: docker-storage
        hostPath:
          path: /dockerImages
      - name: runner-data
        persistentVolumeClaim: 
          claimName: nfs-git-claim
      initContainers:
        - name: runner-register
          securityContext:
           runAsUser: 1001
           runAsGroup: 1001
          image: code.forgejo.org/forgejo/runner:5.0.4
          command: 
            - sh
            - -c
            - |
              forgejo-runner register \
              --no-interactive \
              --token ${RUNNER_SECRET} \
              --name ${RUNNER_NAME} \
              --instance ${FORGEJO_INSTANCE_URL} \
              --labels "host:host,docker:docker://node:20-bullseye";
          env:
            - name: RUNNER_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
            - name: RUNNER_SECRET
              valueFrom:
                secretKeyRef:
                  name: forgejo-secrets
                  key: token
            - name: FORGEJO_INSTANCE_URL
              value: https://git.askar.tv
          resources:
            limits:
              cpu: "0.50"
              memory: "64Mi"
          volumeMounts:
            - name: runner-data
              mountPath: /data
              subPath: runner-data
      containers:
      - name: runner
        image: code.forgejo.org/forgejo/runner:5.0.4
        securityContext:
          runAsUser: 0
          runAsGroup: 0
        command: 
          - sh
          - -c
          - |
            apk add --no-cache docker nodejs && echo "Docker Installer";

            while ! nc -z localhost 2376 </dev/null; do
              echo 'Waiting for Docker daemon...';
              sleep 5;
            done;

            # while ! docker version >/dev/null 2>&1; do
            #   echo 'Docker CLI is installed but the daemon is not ready yet...';
            #   sleep 5;
            # done;

            echo 'Docker daemon is ready!';

            docker context create multiarch || echo "Context already exists" && \
            docker buildx create multiarch --use || echo "Buildx already set up";

            forgejo-runner daemon;
        env:
        - name: DOCKER_HOST
          value: tcp://localhost:2376
        - name: DOCKER_CERT_PATH
          value: /certs/client
        - name: DOCKER_TLS_VERIFY
          value: "1"
        volumeMounts:
        - name: docker-certs
          mountPath: /certs
        - name: runner-data
          mountPath: /data
          subPath: runner-data
      - name: daemon
        image: docker:27.4.1-dind
        env:
        - name: DOCKER_TLS_CERTDIR
          value: /certs
        securityContext:
          runAsUser: 0
          runAsGroup: 0
          privileged: true
        volumeMounts:
        - name: docker-certs
          mountPath: /certs
        - name: docker-storage
          mountPath: /var/lib/docker