Gitea Actions Runner Bootstrap
This module bootstraps a single organization-scoped Gitea Actions
runner for trade-next on the sol cluster.
Design
- Runner scope: organization-level for
trade-next - Runtime:
docker.io/gitea/act_runner:latest - Job execution:
docker:27-dindsidecar with a shared Unix socket - Cluster access for workflows: dedicated
trade-gitops-deployerservice account, exported as theK3S_KUBECONFIG_B64org secret - Storage model: small persistent
hostPathonly for runner registration state, ephemeral Docker layer cache - Runner labels:
ubuntu-latestandk3s-deploy, both starting from the standard Gitea runner image so deployment jobs can install the exactkubectlversion they need
Operator Flow
- Prepare the org registration token secret in
gitea-actions. - Apply the kustomize module on
sol. - Create or refresh the deployer kubeconfig and sync it to the
trade-nextorg secrets. - Push a workflow to
trade-gitopsand let the runner execute deployment jobs.
Bootstrap Commands
From the repository root:
./bootstrap/gitea-actions/scripts/bootstrap-sol.shNotes
- This runner is intentionally pinned to the
solnode because the target cluster is currently single-node. - The deployer binding is
cluster-adminfor the first bootstrap pass and should be narrowed once the GitOps surface is fully reconstructed. - The runner exposes the labels
ubuntu-latestandk3s-deploy.