From 513e770b2748e343db589285f5958b5e3f166a70 Mon Sep 17 00:00:00 2001
From: Valerio Lomanto <valerio@sunet.se>
Date: Tue, 11 Feb 2025 16:37:02 +0100
Subject: [PATCH] attempt to fix runner docker config

---
 .../overlay/etc/puppet/modules/soc/manifests/runner.pp |  2 +-
 .../soc/templates/runner/docker-compose.yml.erb        | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/global/overlay/etc/puppet/modules/soc/manifests/runner.pp b/global/overlay/etc/puppet/modules/soc/manifests/runner.pp
index 9d5b53e..c788143 100644
--- a/global/overlay/etc/puppet/modules/soc/manifests/runner.pp
+++ b/global/overlay/etc/puppet/modules/soc/manifests/runner.pp
@@ -5,7 +5,7 @@ class soc::runner(
 {
   $runner_token = lookup({ 'name' => 'runner_token.vuln_management_repo', 'default_value' => undef })
   $runner_labels = join([
-	  "pkthon:docker://nikolaik/python3.12-nodejs23",
+	  "python:docker://nikolaik/python3.12-nodejs23",
 	  "ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04",
   ], ',')
 
diff --git a/global/overlay/etc/puppet/modules/soc/templates/runner/docker-compose.yml.erb b/global/overlay/etc/puppet/modules/soc/templates/runner/docker-compose.yml.erb
index 5bd72b4..87dd815 100644
--- a/global/overlay/etc/puppet/modules/soc/templates/runner/docker-compose.yml.erb
+++ b/global/overlay/etc/puppet/modules/soc/templates/runner/docker-compose.yml.erb
@@ -52,8 +52,8 @@ services:
     volumes:
       - /opt/forgejo-runner/data:/data
       - /opt/forgejo-runner/docker_certs:/certs
-    command:
-      - 'forgejo-runner'
-      - '--config'
-      - 'config.yml'
-      - 'daemon'
+    command: >-
+      if ! grep '--mount type=bind,source=/certs/client,target=/certs/client,readonly' config.yml > /dev/null; then
+        sed -i '\|options:| a \ \ \ \ --mount type=bind,source=/certs/client,target=/certs/client,readonly' config.yml
+      fi
+      forgejo-runner --config config.yml daemon