Add blog/posts/05-16-2025 Learning to Leverage Gitea Runners.md
All checks were successful
GitOps Automatic Deployment / GitOps Automatic Deployment (push) Successful in 6s
All checks were successful
GitOps Automatic Deployment / GitOps Automatic Deployment (push) Successful in 6s
This commit is contained in:
53
blog/posts/05-16-2025 Learning to Leverage Gitea Runners.md
Normal file
53
blog/posts/05-16-2025 Learning to Leverage Gitea Runners.md
Normal file
@ -0,0 +1,53 @@
|
||||
---
|
||||
draft: false
|
||||
date: 2025-05-16
|
||||
updated: 2025-05-16
|
||||
authors:
|
||||
- nicole
|
||||
categories:
|
||||
- General
|
||||
tags:
|
||||
- Gitea
|
||||
- Docker
|
||||
- GitOps
|
||||
- CI/CD
|
||||
---
|
||||
|
||||
# Learning to Leverage Gitea Runners
|
||||
When I first started my journey with a GitOps mentality to transition a portion of my homelab's infrastructure to an "**Intrastructure-as-Code**" structure, I had made my own self-made Docker container that I called the [Git-Repo-Updater](https://docs.bunny-lab.io/Servers/Containerization/Docker/Custom%20Containers/Git%20Repo%20Updater/). This self-made tool was useful to me because it copied the contents of Gitea repositories into bind-mounted container folders on my Portainer servers. This allowed me to set up configurations for Homepage-Docker, Material MkDocs, Traefik Reverse Proxy, and others to pull configuration changes from Gitea directly into the production servers, causing them to hot-load the changes instantly. (within 10 seconds, give or take).
|
||||
|
||||
## Criticisms of Git-Repo-Updater
|
||||
When I made the [Git-Repo-Updater docker container stack](https://git.bunny-lab.io/container-registry/git-repo-updater), I ran into the issue of having made something I knew existing solutions existed for but simply did not understand well-enough to use yet. This caused me to basically delegate the GitOps workflow to a bash script with a few environment variables, running inside of an Alpine Linux container. While the container did it's job, it would occassionally have hiccups, caching issues, or repository branch errors that made no sense. This lack of transparency and the need to build an entire VSCode development environment to push new docker package updates to Gitea's [package repository for Git-Repo-Updater](https://git.bunny-lab.io/container-registry/-/packages/container/git-repo-updater/latest) caused a lot of development headaches.
|
||||
|
||||
### Additional Concerns
|
||||
In addition to the above, I had security concerns with the method of how I was interacting with the underlying container storage folders. I was running the containers as `privileged: true`, which was not safe nor secure if the container itself was breached (not likely, but you never know). I also didn't like the idea that was using my own CI/CD pipeline for something that I was certain existed elsewhere with much more hardening built-in, and I felt that I was intellectually "*falling-behind*" if I didn't figure out how to use them and migrate away from my Git-Repo-Updater project.
|
||||
|
||||
## Introduction to Gitea Runners
|
||||
When I finally got around to figuring out the general architecture of how Gitea "Runners" operate, it seemed so much more intuitive than the method I was using in Git-Repo-Updater. The runners can run as a standalone packages, docker containers, or can exist in other forms. The general idea of how the Runners operate is as-follows:
|
||||
|
||||
- You spin up a Gitea runner docker container on a server that can access the server files that need to be overwritten/modified
|
||||
- The Gitea runner container registers itself to the Gitea server using a registration token generated by a specific Gitea repository
|
||||
- The Gitea repository has a Gitea-specific workflows folder that holds `.yaml` files that the runner uses to define tasks that occur when the repository has changes made to it / commits pushed to it.
|
||||
- The runner checks out the repository (*clones it to the runner environment*), and leverages rsync to copy the data into the production server's configuration folder(s) based on the unique needs of the task.
|
||||
- The runner cleans up after itself and returns back to an "Idle" state.
|
||||
- The production server hot-loads the changed configuration files (e.g. Material MkDocs, Traefik, Nginx, etc) and the changes go to into effect immediately
|
||||
|
||||
### Docker-Compose Runner Deployment
|
||||
When it comes to deploying a runner, it has a few simple things that need to be configured, the `docker-compose.yml` and the `.env` files. These tell the runner to reach out to Gitea server to register the runner with the given repository that you generated a registration token on.
|
||||
|
||||
```yaml title="docker-compose.yml"
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
image: docker.io/gitea/act_runner:latest
|
||||
environment:
|
||||
CONFIG_FILE: /config.yaml
|
||||
GITEA_INSTANCE_URL: "${INSTANCE_URL}"
|
||||
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
|
||||
GITEA_RUNNER_NAME: "${RUNNER_NAME}"
|
||||
GITEA_RUNNER_LABELS: "gitea-runner-mkdocs" # This can be anything, and is referenced by the workflow task(s) later.
|
||||
volumes:
|
||||
- /srv/containers/gitea-runner-mkdocs/config.yaml:/config.yaml # You have to manually make this file before you start the container
|
||||
- /srv/containers/material-mkdocs/docs/docs:/Gitops_Destination # This is where the repository data will be copied to
|
||||
- /var/run/docker.sock:/var/run/docker.sock #
|
||||
```
|
||||
Reference in New Issue
Block a user