ci: add Forgejo Actions pipeline + runner setup

- apps/forgejo/docker-compose.yml: enable FORGEJO__actions__ENABLED=true - apps/forgejo-runner/docker-compose.yml: forgejo-runner:3.5.0 container mounts docker.sock so jobs can spin up containers on monk - .forgejo/workflows/ci.yml: 3-job pipeline on every push to main compose-lint → validates all apps/*/docker-compose.yml secrets-check → scans for hardcoded passwords/tokens/keys shellcheck → lints all scripts/*.sh - docs/ci-cd-setup.md: runner registration steps + extension guide PENDING (needs user action): 1. docker compose up -d --force-recreate in apps/forgejo/ to apply env 2. Get runner token from Forgejo admin panel 3. Run forgejo-runner register with token, then docker compose up Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19 03:03:29 -05:00 · 2026-06-19 03:03:29 -05:00 · f38decc285
commit f38decc285
parent dbcf51993d
4 changed files with 195 additions and 0 deletions
--- a/apps/forgejo-runner/docker-compose.yml
+++ b/apps/forgejo-runner/docker-compose.yml
@ -0,0 +1,26 @@
+services:
+  forgejo-runner:
+    image: code.forgejo.org/forgejo/runner:3.5.0
+    container_name: forgejo-runner
+    restart: unless-stopped
+    depends_on:
+      - forgejo
+    environment:
+      # Set after running: forgejo-runner register (see docs/ci-cd-setup.md)
+      FORGEJO_INSTANCE_URL: "http://forgejo:3000"
+    volumes:
+      - ./config:/etc/act_runner
+      - /var/run/docker.sock:/var/run/docker.sock
+      - runner_data:/data
+    networks:
+      - default
+      - kitestacks
+    command: daemon
+
+volumes:
+  runner_data:
+    name: forgejo_runner_data
+
+networks:
+  kitestacks:
+    external: true