infra/roles/forgejo_runner/tasks/main.yml

---
- name: Read Forgejo runner registration token
  set_fact:
    forgejo_runner_registration_token: "{{ FORGEJO_RUNNER_REGISTRATION_TOKEN | default(lookup('env', 'FORGEJO_RUNNER_REGISTRATION_TOKEN')) }}"
  no_log: true

- name: Compute Forgejo runner labels
  set_fact:
    forgejo_runner_labels_csv: "{{ forgejo_runner_labels | join(',') }}"

- name: Fail if Forgejo runner labels have an invalid executor scheme
  assert:
    that:
      - item is match('^[^:]+:(docker|host|shell)://')
    fail_msg: >-
      Invalid Forgejo runner label '{{ item }}'.
      Expected format like '<label>:docker://<image>' (e.g. 'self-hosted:docker://ghcr.io/catthehacker/ubuntu:act-22.04').      
  loop: "{{ forgejo_runner_labels }}"

- name: Fail if Forgejo runner registration token is missing
  fail:
    msg: "FORGEJO_RUNNER_REGISTRATION_TOKEN is required"
  when: forgejo_runner_registration_token | length == 0

- name: Create Forgejo runner directories
  file:
    path: "{{ item }}"
    state: directory
    owner: "1000"
    group: "1000"
    mode: "0775"
  loop:
    - /opt/forgejo-runner
    - /opt/forgejo-runner/data
    - /opt/forgejo-runner/data/.cache

- name: Copy Docker Compose file for Forgejo runner
  template:
    src: docker-compose.yml.j2
    dest: /opt/forgejo-runner/docker-compose.yml

- name: Force runner re-registration (reset local registration state)
  file:
    path: "{{ item }}"
    state: absent
  loop:
    - /opt/forgejo-runner/data/.runner
    - /opt/forgejo-runner/data/.labels
  when: forgejo_runner_force_reregister | bool

- name: Check whether Forgejo runner is already registered
  stat:
    path: /opt/forgejo-runner/data/.runner
  register: forgejo_runner_registration

- name: Check whether Forgejo runner labels file exists
  stat:
    path: /opt/forgejo-runner/data/.labels
  register: forgejo_runner_labels_file

- name: Read previously applied Forgejo runner labels (if any)
  slurp:
    src: /opt/forgejo-runner/data/.labels
  register: forgejo_runner_labels_previous
  when: forgejo_runner_labels_file.stat.exists

- name: Determine whether Forgejo runner labels changed
  set_fact:
    forgejo_runner_labels_changed: >-
      {{ (forgejo_runner_labels_previous.content | default('') | b64decode | trim) != (forgejo_runner_labels_csv | trim) }}      

- name: Remove runner registration when labels changed
  file:
    path: /opt/forgejo-runner/data/.runner
    state: absent
  when: forgejo_runner_labels_changed

- name: Register Forgejo runner (one-time)
  command: >-
    docker compose run --rm runner forgejo-runner register
    --no-interactive
    --instance https://{{ forgejo_hostname }}/
    --token {{ forgejo_runner_registration_token }}
    --name {{ inventory_hostname }}
    --labels {{ forgejo_runner_labels_csv }}    
  args:
    chdir: /opt/forgejo-runner
  when: (not forgejo_runner_registration.stat.exists) or forgejo_runner_labels_changed
  no_log: true

- name: Check that runner registration state file exists after registration
  stat:
    path: /opt/forgejo-runner/data/.runner
  register: forgejo_runner_registration_after
  changed_when: false
  when: (not forgejo_runner_registration.stat.exists) or forgejo_runner_labels_changed

- name: Fail if runner registration did not persist state
  assert:
    that:
      - forgejo_runner_registration_after.stat.exists
    fail_msg: >-
      Forgejo runner registration did not create /opt/forgejo-runner/data/.runner.
      Without this file, the runner will re-register and Forgejo will accumulate duplicate runners.
      Ensure the runner container writes its .runner file under /data (the persisted volume).      
  when: (not forgejo_runner_registration.stat.exists) or forgejo_runner_labels_changed

- name: Persist applied Forgejo runner labels
  copy:
    dest: /opt/forgejo-runner/data/.labels
    content: "{{ forgejo_runner_labels_csv }}"
    owner: "1000"
    group: "1000"
    mode: "0644"

- name: Deploy Forgejo runner
  command: docker compose up -d
  args:
    chdir: /opt/forgejo-runner