sangnn
35 lines
1.7 KiB
YAML
35 lines
1.7 KiB
YAML
---
|
|
# Shared constants for all runner hosts.
|
|
runner_user: gitea-runner
|
|
runner_home: /home/gitea-runner
|
|
|
|
# Base dir for app deploy targets. Each project deploys to <app_base_dir>/<project>
|
|
# (e.g. /opt/gatehouse-api), owned by the runner so the deploy job can write the
|
|
# compose file there. Must match COMPOSE_DIR in the project's workflow files.
|
|
app_base_dir: /opt
|
|
|
|
gitea_instance: "https://source.hawkless.id.au"
|
|
|
|
# Pinned act_runner release. Bump version + sha256 together.
|
|
# Check latest: https://gitea.com/gitea/act_runner/releases
|
|
# sha256 for act_runner-<version>-linux-amd64 is on the release page (act_runner-<version>-linux-amd64.sha256).
|
|
act_runner_version: "1.0.8"
|
|
act_runner_sha256: "027d726127bb67e191d57052fdb66e74ec7f76966f790a18727147fa2b8005e5"
|
|
act_runner_binary: "gitea-runner-{{ act_runner_version }}-linux-amd64"
|
|
act_runner_download_url: "https://gitea.com/gitea/runner/releases/download/v{{ act_runner_version }}/{{ act_runner_binary }}"
|
|
|
|
# Node.js major version installed on the host executor. JS actions
|
|
# (actions/checkout@v4, etc.) are run with `node`; without it act_runner
|
|
# fails with "Cannot find: node in PATH". Bump this to change versions.
|
|
node_major_version: "26"
|
|
|
|
# Security scanners pre-installed on the host so workflow steps use the local
|
|
# binary instead of writing to /usr/local/bin as the runner user ("Permission
|
|
# denied"). gitleaks_version must match GITLEAKS_VERSION in pr-security-check.yml.
|
|
trivy_version: "0.71.2"
|
|
gitleaks_version: "8.30.1"
|
|
|
|
# Registration tokens come from env vars named by each project's `token_env`
|
|
# (e.g. RUNNER_TOKEN_GATEHOUSE_API). Export them on the control node before running.
|
|
# Mint from: Gitea repo → Settings → Actions → Runners → Create new runner token.
|