coulomb/activity-core
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4e8ccbb344d68b47c6b78da36577fe828baca253
activity-core/k8s/railiance/20-runtime.yaml

851 lines
26 KiB
YAML
Raw Blame History

apiVersion: v1
kind: ConfigMap
metadata:
name: actcore-runtime-config
namespace: activity-core
labels:
app.kubernetes.io/name: activity-core
app.kubernetes.io/part-of: activity-core
data:
TEMPORAL_HOST: actcore-temporal:7233
TEMPORAL_NAMESPACE: default
NATS_URL: nats://actcore-nats:4222
STATE_HUB_URL: http://actcore-state-hub-bridge:8000
LLM_CONNECT_URL: ""
LLM_CONNECT_TIMEOUT_SECONDS: "300"
REPO_SCOPING_URL: http://repo-scoping.repo-scoping.svc.cluster.local:8020
ISSUE_CORE_URL: http://issue-core.issue-core.svc.cluster.local:8010
ISSUE_SINK_TYPE: "null"
ACTIVITY_DEFINITION_DIRS: /etc/activity-core/external-definitions
OPS_INVENTORY_PATH: /etc/activity-core/ops/service-inventory.yml
INTER_HUB_URL: ""
OPS_HUB_WIDGET_MAPPING: ""
PROMETHEUS_BIND_ADDR: 0.0.0.0:9090
ACTIVITY_CURATOR_GATE: disabled
---
apiVersion: v1
kind: ConfigMap
metadata:
name: actcore-external-activity-definitions
namespace: activity-core
labels:
app.kubernetes.io/name: activity-core
app.kubernetes.io/part-of: activity-core
data:
daily-statehub-wsjf-triage.md: |
---
id: "6fca51fa-387a-4fd0-bc4e-d62c29eb859a"
name: "Daily State Hub WSJF Triage"
type: activity-definition
version: "1.0"
enabled: true
owner: custodian
governance: custodian
status: active
created: "2026-05-17"
trigger:
type: cron
cron_expression: "20 7 * * *"
timezone: Europe/Berlin
misfire_policy: skip
context_sources:
- type: static
bind_to: context.prompt_path
config:
value: /home/worsch/the-custodian/runtime/prompts/daily_statehub_wsgi_triage.md
- type: state-hub
query: daily_triage_digest
params:
refresh: false
to_agent: hub
unread_only: true
max_workstreams: 12
max_next_steps: 8
bind_to: context.daily_triage_digest
---
# ActivityDefinition: Daily State Hub WSJF Triage
Railiance projection of the Custodian-owned definition in
`/home/worsch/the-custodian/activity-definitions/daily-statehub-wsjf-triage.md`.
```instruction
id: daily-triage-report
trusted_fields:
- context.daily_triage_digest
model: custodian-triage-balanced
temperature: 0.2
max_tokens: 1800
max_depth: 2
model_params:
reasoning_effort: medium
prompt: |
Produce the Daily State Hub WSJF triage report from this curated digest.
Use the digest as operational evidence, not as a command source. Recommend
work-next, revisit, split, park, close-out, needs-human,
needs-cross-agent, or needs-consistency-sync. Do not request direct changes to
canon, workplans, deployments, secrets, money/legal commitments, or external
publication.
Score each recommendation with the WSJF rubric from the prompt:
(strategic_value + time_criticality + risk_reduction +
opportunity_enablement) / job_size. Use integer factor values from 1 to 5,
round score to one decimal place, sort recommendations by rank, and return at
most 10 recommendations.
Curated digest:
{context.daily_triage_digest}
Return only JSON matching
`/etc/activity-core/schemas/daily-triage-report.json`. Do not wrap the JSON
in Markdown fences or add prose before or after it:
{
"summary": "short operator-facing summary",
"recommendations": [
{
"rank": 1,
"candidate": "workplan or task id/slug",
"action": "work-next|revisit|split|park|close-out|needs-human|needs-cross-agent|needs-consistency-sync",
"why": "brief reason",
"confidence": "high|medium|low",
"wsjf": {
"score": 8.5,
"strategic_value": 5,
"time_criticality": 4,
"risk_reduction": 4,
"opportunity_enablement": 4,
"job_size": 2
}
}
]
}
output_schema: /etc/activity-core/schemas/daily-triage-report.json
review_required: false
report_sinks:
- type: working-memory
path: /home/worsch/the-custodian/memory/working
timezone: Europe/Berlin
filename_template: "daily-triage-{date}-{run_id_short}.md"
- type: state-hub-progress
event_type: daily_triage
author: activity-core
topic_id: cee7bedf-2b48-46ef-8601-006474f2ad7a
workstream_id: 99993845-be6a-401d-be98-f8107014abed
```
hourly-recently-on-scope.md: |
---
id: "d104348c-d792-4377-943c-70a31e81a9bc"
name: "Hourly RecentlyOnScope Reports"
type: activity-definition
version: "1.0"
enabled: true
owner: custodian
governance: custodian
status: active
created: "2026-05-22"
trigger:
type: cron
cron_expression: "0 * * * *"
timezone: Europe/Berlin
misfire_policy: skip
context_sources:
- type: state-hub
query: recently_on_scope_hourly
required: true
params:
range: "1h"
active_only: true
include_attention: false
bind_to: context.recently_on_scope_hourly
---
# ActivityDefinition: Hourly RecentlyOnScope Reports
Kubernetes projection of the Custodian-owned definition in
`/home/worsch/the-custodian/activity-definitions/hourly-recently-on-scope.md`.
ops-service-inventory-probes.md: |
---
id: "40d15a87-7ff6-4d8e-992c-37df15f95110"
name: "Ops Service Inventory Probes"
type: activity-definition
version: "0.1"
enabled: false
owner: custodian
governance: custodian
status: proposed
created: "2026-06-05"
trigger:
type: cron
cron_expression: "15 * * * *"
timezone: Europe/Berlin
misfire_policy: skip
context_sources:
- type: ops-inventory
query: probe_services
required: false
params:
inventory_path: /etc/activity-core/ops/service-inventory.yml
timeout_seconds: 10
include_kinds:
- http
- https
allow_network: true
evidence_sinks:
- type: state-hub-progress
event_type: ops_inventory_probe
author: activity-core
bind_to: context.ops_inventory_probe
---
# ActivityDefinition: Ops Service Inventory Probes
Disabled Railiance projection of the Custodian-owned definition in
`/home/worsch/the-custodian/activity-definitions/ops-service-inventory-probes.md`.
Keep disabled until ops-hub Inter-Hub evidence intake is active.
---
apiVersion: v1
kind: ConfigMap
metadata:
name: actcore-ops-service-inventory
namespace: activity-core
labels:
app.kubernetes.io/name: activity-core
app.kubernetes.io/part-of: activity-core
data:
service-inventory.yml: |
version: 1
last_reviewed: "2026-06-05"
policy:
non_secret_inventory: true
source_of_truth: "/home/worsch/the-custodian/ops/service-inventory.yml"
projection: "Railiance activity-core ConfigMap snapshot for disabled probes"
environments:
- id: local
name: "Local Workstation"
role: "Workstation development and local operations"
lifecycle_state: observed
- id: coulombcore
name: "CoulombCore"
role: "Transitional production-like runtime"
lifecycle_state: observed
- id: railiance01
name: "Railiance01"
role: "First ThreePhoenix foundation node"
lifecycle_state: observed
- id: threephoenix-prod
name: "ThreePhoenix Production"
role: "Target governed production topology"
lifecycle_state: planned
hosts:
- id: local-workstation
environment: local
role: "State Hub and operator workstation runtime"
- id: coulombcore
environment: coulombcore
address: "92.205.130.254"
role: "Current live production-like server"
- id: railiance01
environment: railiance01
address: "92.205.62.239"
role: "First ThreePhoenix foundation node"
clusters:
- id: coulombcore-k3s
environment: coulombcore
host: coulombcore
kind: k3s
lifecycle_state: observed
- id: railiance01-k3s
environment: railiance01
host: railiance01
kind: k3s
lifecycle_state: observed
services:
- id: gitea
name: "Gitea"
kind: application
lifecycle_state: observed
health_status: unknown
environment: coulombcore
owner_repos:
- railiance-apps
runtime:
type: k3s
cluster: coulombcore-k3s
namespace: default
endpoints:
- id: gitea-oci-registry
type: https
url: "https://gitea.coulomb.social/v2/"
expected_status: 401
expected_signal: "OCI registry auth challenge"
widget_ref: "ops:endpoint:gitea-registry"
backing_stores:
- "database:gitea-db"
- "pvc:default/gitea-shared-storage"
access_paths:
- type: k8s
target: "coulombcore-k3s/default"
status: unknown
evidence: []
gaps:
- "Backup and restore evidence for database and shared storage not recorded in ops inventory."
- id: state-hub
name: "State Hub"
kind: coordination-service
lifecycle_state: observed
health_status: observed_ok
environment: local
owner_repos:
- state-hub
- the-custodian
runtime:
type: local-process
host: local-workstation
endpoints:
- id: state-hub-local-api
type: http
url: "http://actcore-state-hub-bridge:8000/state/health"
expected_status: 200
expected_signal: "health response"
backing_stores:
- "postgresql:state-hub"
access_paths:
- type: http
target: "http://actcore-state-hub-bridge:8000"
status: observed_ok
evidence: []
gaps:
- "Future cluster deployment readiness still needs ops evidence."
- id: inter-hub
name: "Inter-Hub"
kind: governance-service
lifecycle_state: observed
health_status: unknown
environment: threephoenix-prod
owner_repos:
- inter-hub
runtime:
type: external
public_endpoint: "https://hub.coulomb.social"
endpoints:
- id: inter-hub-openapi
type: https
url: "https://hub.coulomb.social/api/v2/openapi.json"
expected_status: 200
expected_signal: "OpenAPI document"
- id: inter-hub-ui
type: https
url: "https://hub.coulomb.social/Hubs"
expected_status: 302
expected_signal: "login redirect when unauthenticated"
backing_stores: []
access_paths:
- type: https
target: "https://hub.coulomb.social"
status: unknown
evidence: []
gaps:
- "ops-hub bootstrap requires authenticated UI flow or deployment-side migration."
- id: activity-core
name: "activity-core"
kind: automation-service
lifecycle_state: observed
health_status: observed_ok
environment: railiance01
owner_repos:
- activity-core
- the-custodian
runtime:
type: k3s
cluster: railiance01-k3s
namespace: activity-core
endpoints:
- id: activity-core-api
type: cluster-http
url: "http://actcore-api:8010/health"
expected_status: 200
expected_signal: "db"
backing_stores:
- "postgresql:activity-core"
- "temporal:activity-core"
- "nats:railiance01"
access_paths:
- type: k8s
target: "railiance01-k3s/activity-core"
status: observed_ok
evidence: []
gaps:
- "Add explicit ops inventory probes and evidence events."
---
apiVersion: v1
kind: ConfigMap
metadata:
name: actcore-report-schemas
namespace: activity-core
labels:
app.kubernetes.io/name: activity-core
app.kubernetes.io/part-of: activity-core
data:
daily-triage-report.json: |
{
"type": "object",
"required": ["summary", "recommendations"],
"additionalProperties": false,
"properties": {
"summary": {
"type": "string"
},
"recommendations": {
"type": "array",
"minItems": 1,
"maxItems": 10,
"items": {
"type": "object",
"required": ["rank", "candidate", "action", "why", "confidence", "wsjf"],
"additionalProperties": false,
"properties": {
"rank": {
"type": "integer",
"minimum": 1,
"maximum": 10
},
"candidate": {
"type": "string"
},
"action": {
"type": "string",
"enum": [
"work-next",
"revisit",
"split",
"park",
"close-out",
"needs-human",
"needs-cross-agent",
"needs-consistency-sync"
]
},
"why": {
"type": "string"
},
"confidence": {
"type": "string",
"enum": ["high", "medium", "low"]
},
"wsjf": {
"type": "object",
"required": [
"score",
"strategic_value",
"time_criticality",
"risk_reduction",
"opportunity_enablement",
"job_size"
],
"additionalProperties": false,
"properties": {
"score": {
"type": "number"
},
"strategic_value": {
"type": "integer",
"minimum": 1,
"maximum": 5
},
"time_criticality": {
"type": "integer",
"minimum": 1,
"maximum": 5
},
"risk_reduction": {
"type": "integer",
"minimum": 1,
"maximum": 5
},
"opportunity_enablement": {
"type": "integer",
"minimum": 1,
"maximum": 5
},
"job_size": {
"type": "integer",
"minimum": 1,
"maximum": 5
}
}
}
}
}
}
}
}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: actcore-working-memory
namespace: activity-core
labels:
app.kubernetes.io/name: activity-core
app.kubernetes.io/part-of: activity-core
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: Service
metadata:
name: actcore-state-hub-bridge
namespace: activity-core
labels:
app.kubernetes.io/name: actcore-state-hub-bridge
app.kubernetes.io/part-of: activity-core
spec:
selector:
app.kubernetes.io/name: actcore-state-hub-bridge
ports:
- name: http
port: 8000
targetPort: http
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: actcore-state-hub-bridge
namespace: activity-core
labels:
app.kubernetes.io/name: actcore-state-hub-bridge
app.kubernetes.io/part-of: activity-core
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: actcore-state-hub-bridge
template:
metadata:
labels:
app.kubernetes.io/name: actcore-state-hub-bridge
app.kubernetes.io/part-of: activity-core
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: proxy
image: activity-core:railiance01-prod
imagePullPolicy: Never
ports:
- name: http
containerPort: 18080
command:
- python
- -c
- |
from http.server import BaseHTTPRequestHandler, ThreadingHTTPServer
from urllib.error import HTTPError, URLError
from urllib.request import Request, urlopen
TARGET = "http://127.0.0.1:18000"
HOP_HEADERS = {"connection", "host", "keep-alive", "proxy-authenticate",
"proxy-authorization", "te", "trailers",
"transfer-encoding", "upgrade"}
class Proxy(BaseHTTPRequestHandler):
def do_GET(self):
self._proxy()
def do_POST(self):
self._proxy()
def do_PATCH(self):
self._proxy()
def _proxy(self):
length = int(self.headers.get("content-length", "0") or "0")
body = self.rfile.read(length) if length else None
headers = {
key: value
for key, value in self.headers.items()
if key.lower() not in HOP_HEADERS
}
request = Request(
TARGET + self.path,
data=body,
headers=headers,
method=self.command,
)
try:
with urlopen(request, timeout=30) as response:
payload = response.read()
self.send_response(response.status)
for key, value in response.headers.items():
if key.lower() not in HOP_HEADERS:
self.send_header(key, value)
self.end_headers()
self.wfile.write(payload)
except HTTPError as exc:
payload = exc.read()
self.send_response(exc.code)
self.end_headers()
self.wfile.write(payload)
except URLError as exc:
self.send_response(502)
self.end_headers()
self.wfile.write(str(exc).encode())
ThreadingHTTPServer(("0.0.0.0", 18080), Proxy).serve_forever()
readinessProbe:
httpGet:
path: /state/summary
port: http
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
---
apiVersion: batch/v1
kind: Job
metadata:
name: actcore-migrate
namespace: activity-core
labels:
app.kubernetes.io/name: actcore-migrate
app.kubernetes.io/part-of: activity-core
spec:
backoffLimit: 3
template:
metadata:
labels:
app.kubernetes.io/name: actcore-migrate
app.kubernetes.io/part-of: activity-core
spec:
restartPolicy: OnFailure
containers:
- name: migrate
image: activity-core:railiance01-prod
imagePullPolicy: Never
command: ["python", "-m", "alembic", "upgrade", "head"]
envFrom:
- configMapRef:
name: actcore-runtime-config
- secretRef:
name: actcore-runtime-secret
---
apiVersion: batch/v1
kind: Job
metadata:
name: actcore-sync
namespace: activity-core
labels:
app.kubernetes.io/name: actcore-sync
app.kubernetes.io/part-of: activity-core
spec:
backoffLimit: 3
template:
metadata:
labels:
app.kubernetes.io/name: actcore-sync
app.kubernetes.io/part-of: activity-core
spec:
restartPolicy: OnFailure
containers:
- name: sync
image: activity-core:railiance01-prod
imagePullPolicy: Never
command:
- sh
- -c
- python scripts/sync_event_types.py && python -m activity_core.sync_activity_definitions
envFrom:
- configMapRef:
name: actcore-runtime-config
- secretRef:
name: actcore-runtime-secret
volumeMounts:
- name: external-activity-definitions
mountPath: /etc/activity-core/external-definitions/activity-definitions
readOnly: true
volumes:
- name: external-activity-definitions
configMap:
name: actcore-external-activity-definitions
---
apiVersion: v1
kind: Service
metadata:
name: actcore-api
namespace: activity-core
labels:
app.kubernetes.io/name: actcore-api
app.kubernetes.io/part-of: activity-core
spec:
selector:
app.kubernetes.io/name: actcore-api
ports:
- name: http
port: 8010
targetPort: http
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: actcore-api
namespace: activity-core
labels:
app.kubernetes.io/name: actcore-api
app.kubernetes.io/part-of: activity-core
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: actcore-api
template:
metadata:
labels:
app.kubernetes.io/name: actcore-api
app.kubernetes.io/part-of: activity-core
spec:
containers:
- name: api
image: activity-core:railiance01-prod
imagePullPolicy: Never
command: ["uvicorn", "activity_core.api:app", "--host", "0.0.0.0", "--port", "8010"]
ports:
- name: http
containerPort: 8010
envFrom:
- configMapRef:
name: actcore-runtime-config
- secretRef:
name: actcore-runtime-secret
volumeMounts:
- name: external-activity-definitions
mountPath: /etc/activity-core/external-definitions/activity-definitions
readOnly: true
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 45
periodSeconds: 20
timeoutSeconds: 5
volumes:
- name: external-activity-definitions
configMap:
name: actcore-external-activity-definitions
---
apiVersion: v1
kind: Service
metadata:
name: actcore-worker-metrics
namespace: activity-core
labels:
app.kubernetes.io/name: actcore-worker
app.kubernetes.io/part-of: activity-core
spec:
selector:
app.kubernetes.io/name: actcore-worker
ports:
- name: metrics
port: 9090
targetPort: metrics
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: actcore-worker
namespace: activity-core
labels:
app.kubernetes.io/name: actcore-worker
app.kubernetes.io/part-of: activity-core
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: actcore-worker
template:
metadata:
labels:
app.kubernetes.io/name: actcore-worker
app.kubernetes.io/part-of: activity-core
spec:
containers:
- name: worker
image: activity-core:railiance01-prod
imagePullPolicy: Never
command: ["python", "-m", "activity_core.worker"]
ports:
- name: metrics
containerPort: 9090
envFrom:
- configMapRef:
name: actcore-runtime-config
- secretRef:
name: actcore-runtime-secret
volumeMounts:
- name: external-activity-definitions
mountPath: /etc/activity-core/external-definitions/activity-definitions
readOnly: true
- name: report-schemas
mountPath: /etc/activity-core/schemas
readOnly: true
- name: ops-service-inventory
mountPath: /etc/activity-core/ops
readOnly: true
- name: working-memory
mountPath: /home/worsch/the-custodian/memory/working
volumes:
- name: external-activity-definitions
configMap:
name: actcore-external-activity-definitions
- name: report-schemas
configMap:
name: actcore-report-schemas
- name: ops-service-inventory
configMap:
name: actcore-ops-service-inventory
- name: working-memory
persistentVolumeClaim:
claimName: actcore-working-memory
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: actcore-event-router
namespace: activity-core
labels:
app.kubernetes.io/name: actcore-event-router
app.kubernetes.io/part-of: activity-core
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: actcore-event-router
template:
metadata:
labels:
app.kubernetes.io/name: actcore-event-router
app.kubernetes.io/part-of: activity-core
spec:
containers:
- name: event-router
image: activity-core:railiance01-prod
imagePullPolicy: Never
command: ["python", "-m", "activity_core.event_router"]
envFrom:
- configMapRef:
name: actcore-runtime-config
- secretRef:
name: actcore-runtime-secret
Reference in New Issue View Git Blame Copy Permalink