fix: run registration init container as root #21

Merged

rcsheets merged 1 commit from fix/init-container-root into master

2026-03-27 07:10:50 +00:00

rcsheets commented

2026-03-27 07:09:29 +00:00

Owner

The forgejo-runner image's default user can't write .runner to the
PVC mount. The manually-deployed runners use runAsUser: 0 for the
init container; match that behavior in the operator.

Co-Authored-By: Claude Opus 4.6 (1M context) noreply@anthropic.com

The forgejo-runner image's default user can't write .runner to the PVC mount. The manually-deployed runners use runAsUser: 0 for the init container; match that behavior in the operator. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

rcsheets added 1 commit

2026-03-27 07:09:30 +00:00

fix: run registration init container as root

CI / ci (push) Has been cancelled

Details

CI / ci (pull_request) Has been cancelled

Details

E2E smoke test / e2e (pull_request) Has been cancelled

Details

ede40ced8c

The forgejo-runner image's default user can't write .runner to the
PVC mount. The manually-deployed runners use runAsUser: 0 for the
init container; match that behavior in the operator.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

pr-reviewer-bot commented

2026-03-27 07:09:31 +00:00

Collaborator

Automated review by pr-reviewer v0.15.0 | Safety Check | anthropic | tracking id r-c62d2a-aa3341
This is an AI-generated review and may contain mistakes.

Status: ✅ Completed

✅ Verdict: LGTM — The change appropriately fixes a permission issue by running the init container as root to write to the PVC mount, matching existing manual deployment behavior.
Complexity: trivial

Safety Check Review

This change fixes a permission issue where the forgejo-runner image's default user cannot write to the .runner file in the PVC mount. The fix runs the init container as root (RunAsUser: 0) and adds a helper function for the pointer conversion.

Key observations:

The change matches existing behavior from manual deployments (as noted in PR description)
Only affects the init container, not the main runner container
Adds appropriate comment explaining why root is needed
Includes necessary helper function int64Ptr
Minor formatting adjustment to align with new function

No security concerns - this is a targeted fix for a legitimate permission issue during initialization.

*Automated review by [pr-reviewer](https://git.brooktrails.org/brooktrails/pr-reviewer) v0.15.0 | Safety Check | anthropic | tracking id `r-c62d2a-aa3341`* *This is an AI-generated review and may contain mistakes.* **Status:** ✅ Completed --- **✅ Verdict: LGTM** — The change appropriately fixes a permission issue by running the init container as root to write to the PVC mount, matching existing manual deployment behavior. **Complexity:** trivial # Safety Check Review This change fixes a permission issue where the forgejo-runner image's default user cannot write to the `.runner` file in the PVC mount. The fix runs the init container as root (`RunAsUser: 0`) and adds a helper function for the pointer conversion. **Key observations:** - The change matches existing behavior from manual deployments (as noted in PR description) - Only affects the init container, not the main runner container - Adds appropriate comment explaining why root is needed - Includes necessary helper function `int64Ptr` - Minor formatting adjustment to align with new function No security concerns - this is a targeted fix for a legitimate permission issue during initialization.

rcsheets merged commit 5e433fac1e into master

2026-03-27 07:10:50 +00:00

rcsheets deleted branch fix/init-container-root

2026-03-27 07:10:50 +00:00

rcsheets referenced this pull request from a commit

2026-03-27 07:10:50 +00:00

Merge pull request 'fix: run registration init container as root' (#21) from fix/init-container-root into master