# Gitea act_runner on the VM (Docker Compose)

Runs the CI/CD runner as a container, but with a **custom image** that bundles the
.NET 8 SDK + Docker CLI + Node, because the ROLAC workflow does both `dotnet test`
and `docker build`/`compose`. The stock `gitea/act_runner` image has neither.

It registers with the label **`ubuntu:host`**:
- `ubuntu` = the label name the workflow targets (`runs-on: ubuntu`).
- `:host` = run each step **inside this runner container** (which has the tools),
  instead of spawning a separate job container that wouldn't have dotnet/docker.

The container mounts the **host Docker socket** (so build/push/compose act on the
host daemon) and **`/home/chris/docker/rolac`** at the same path (so compose's relative volumes
resolve), and uses **host networking** (so the deploy step's
`curl http://localhost:8080/api/health` works).

## Setup

1. **Get a runner registration token** in Gitea:
   Settings → Actions → Runners → **Create new runner** → copy the token.
   (This is the *registration* token — different from the `REGISTRY_TOKEN` repo
   secret used for `docker login`.)

2. **Configure + start** (on the VM, from this directory):
   ```bash
   cd deploy/vm/runner
   cp .env.example .env
   nano .env                 # paste GITEA_RUNNER_REGISTRATION_TOKEN
   docker compose up -d --build
   ```

3. **Verify** it shows up online in Gitea → Settings → Actions → Runners, with the
   `ubuntu` label.

## Notes

- Registration state is stored in `./runner-data/.runner` (a bind mount), so the
  runner does **not** re-register on restart. To re-register from scratch, stop the
  container and delete `runner-data/`.
- `docker login git.golife.love` for the registry is done by the **workflow** using
  the repo secrets `REGISTRY_USER` / `REGISTRY_TOKEN` — you do not need to log in
  inside the runner manually.
- Logs: `docker compose logs -f runner`.
- The runner can build/run containers on the host because it shares the host Docker
  socket. Treat this runner as privileged — only run trusted workflows on it.