Mount a named Docker volume (pnpm-store) into every job container
at the default pnpm store path. The volume persists in the DinD
sidecar across job runs, so pnpm install reuses cached packages.
Build a runner-image based on node:20-bookworm with all CI tools
baked in, avoiding apt-get install in every workflow run. Runner
labels now point to gitea.coreworlds.io/lazorgurl/runner-image.
TLS between act_runner and DinD in the same pod is unnecessary
and causes race conditions with cert generation. Use port 2375
(no TLS) and set DOCKER_TLS_CERTDIR="" on the DinD sidecar.
The Gitea Helm chart names services as gitea-helm-http and
gitea-helm-ssh, not gitea-http/gitea-ssh. Update IngressRoute
and runner deployment to match.
Deploy Gitea via Helm with dedicated CloudNativePG database,
in-cluster Actions runner (DinD), and built-in container registry.
ArgoCD repoURLs updated to use in-cluster Gitea SSH. Preview
ApplicationSet switched from GitHub PR generator to Gitea PR
generator. App images now pull from gitea.coreworlds.io registry.
Remaining setup after deploy: seal runner token, ArgoCD API token,
and registry pull secret once Gitea is running. Add ArgoCD deploy
key to Gitea repo settings.
