diff --git a/workplans/ISSUE-WP-0003-railiance01-deployment.md b/workplans/ISSUE-WP-0003-railiance01-deployment.md index 2f6c77e..2da2476 100644 --- a/workplans/ISSUE-WP-0003-railiance01-deployment.md +++ b/workplans/ISSUE-WP-0003-railiance01-deployment.md @@ -9,17 +9,17 @@ owner: claude topic_slug: custodian created: "2026-06-19" updated: "2026-06-19" -state_hub_workstream_id: "" +state_hub_workstream_id: "896ace77-21b3-450b-8fb7-254aefc8c570" --- # Deploy issue-core as a service on railiance01 (ArgoCD GitOps pilot) `issue-core` is the authoritative task-lifecycle manager and the REST ingestion -target for activity-core's `IssueSink`. Deployment artifacts (`Dockerfile`, -`docker-entrypoint.sh`, `k8s/railiance/`) are now in-repo; the image builds -locally and `/healthz` returns 200. The railiance01 cluster still has no -`issue-core` namespace or workload — nothing is deployed until T01 push and -T02 ArgoCD bootstrap complete. +target for activity-core's `IssueSink`. Deployment artifacts are on `main` +(`Dockerfile`, `docker-entrypoint.sh`, `k8s/railiance/`); image +`gitea.coulomb.social/coulomb/issue-core:0.2.0` is built, pushed, and +pullable. The railiance01 cluster still has no `issue-core` workload until +T02 live ArgoCD bootstrap (RAILIANCE-WP-0004-T05) and T04 OpenBao secrets land. This workplan stands up `issue-core` as a first-class in-cluster service on railiance01 **via ArgoCD GitOps** — making issue-core the cluster's first @@ -29,8 +29,10 @@ declarative Application and turning on the idle GitOps capability. - **Deployment artifacts in-repo:** `Dockerfile`, `docker-entrypoint.sh`, and `k8s/railiance/` (Kustomize: ExternalSecret, ConfigMap, Deployment, Service). - Image builds locally; `docker run` + `GET /healthz` returns 200. Image **not - yet pushed** to `gitea.coulomb.social/coulomb/issue-core:0.2.0`. + Image builds locally; `docker run` + `GET /healthz` returns 200. Image pushed + and pullable as `gitea.coulomb.social/coulomb/issue-core:0.2.0` (digest + `sha256:153fbe43…`). `coulomb` org packages are public — no `imagePullSecret` + required per `railiance-forge/docs/gitea-container-registry.md`. - **Dockerfile fix (2026-06-19):** build arg renamed `GITEA_PYPI_INDEX_URL` — `ARG PIP_INDEX_URL` leaked into the build env and pip used Gitea as the sole index, so dependencies like `click` were not found. @@ -78,9 +80,8 @@ declarative Application and turning on the idle GitOps capability. bootstrap (T02 dependency): where issue-core's `Application` + manifests are expected to live (its own `issue-core/k8s/` vs. a platform GitOps repo) and the AppProject/app-of-apps convention to follow. -- **Registry path & pull secret.** Confirm the Coulomb Gitea container registry - path and the cluster pull-secret posture (tracked in `railiance-forge` - container-registry docs and `railiance-apps-WP-0004` I03). +- **Registry path & pull secret.** Resolved: `gitea.coulomb.social/coulomb/issue-core:`; + public org packages need no pull secret (see `railiance-forge` container-registry docs). --- @@ -88,8 +89,9 @@ declarative Application and turning on the idle GitOps capability. ```task id: ISSUE-WP-0003-T01 -status: in_progress +status: done priority: high +state_hub_task_id: "3723e896-3ec9-49b8-86f8-403993444da3" ``` **Goal.** A reproducible, registry-hosted image ArgoCD-managed pods can pull. @@ -98,10 +100,11 @@ priority: high PyPI index (with explicit PyPI primary index). Entrypoint renders `backends.json` then `issue serve --host 0.0.0.0 --port 8765`. - [x] Local build succeeds; `docker run` + `GET /healthz` returns 200. -- [ ] Build and **push to the Coulomb Gitea container registry** (confirm path - per Open questions); tag `0.2.0`. -- [ ] Configure the cluster pull secret so `issue-core` namespace pods can pull. -- [ ] Verify: `POST /issues/` smoke; pushed tag pullable from the cluster. +- [x] Pushed `gitea.coulomb.social/coulomb/issue-core:0.2.0`; `docker pull` + succeeds. +- [x] No cluster pull secret needed (`coulomb` org packages are public). +- [ ] `POST /issues/` smoke against a running deployment (deferred to T03/T04 + cluster verification). ## ArgoCD bootstrap (railiance-platform dependency) + issue-core Application @@ -109,6 +112,7 @@ priority: high id: ISSUE-WP-0003-T02 status: wait priority: high +state_hub_task_id: "9b199b1d-d3c0-4621-b8f8-58c376cbf878" ``` **Owner split.** ArgoCD bootstrap is **railiance-platform's** (operator @@ -120,10 +124,12 @@ workload manifests into the layout platform defines. - **(railiance-platform)** Register the GitOps source repo (repository Secret + creds); define AppProject for cluster services; publish the source-repo/path convention and sync policy. -- **(issue-core)** Once the convention is known: author the `issue-core` ArgoCD - `Application` manifest (source repo/path/revision → destination `issue-core` - namespace) per the platform layout. -- Verify: `kubectl get applications -n argocd` shows `issue-core` +- [x] **(issue-core)** Workload manifests in `k8s/railiance/` on `main` per + platform contract (`docs/argocd-gitops.md`). Tenant `Application` lives in + `railiance-platform/argocd/applications/issue-core.application.yaml`. +- [ ] **(railiance-platform)** RAILIANCE-WP-0004-T05 live bootstrap: register + repo creds, deploy bootstrap, sync `issue-core` Application. +- [ ] Verify: `kubectl get applications -n argocd` shows `issue-core` Synced/Healthy; ArgoCD reconciles a trivial manifest change. ## Kubernetes manifests (namespace, Deployment, Service) in GitOps source @@ -132,6 +138,7 @@ workload manifests into the layout platform defines. id: ISSUE-WP-0003-T03 status: in_progress priority: high +state_hub_task_id: "38887dd6-0988-4ad1-bc6b-2a1b8839829f" ``` **Goal.** Declarative manifests in the GitOps source repo, synced by T02. @@ -151,6 +158,7 @@ priority: high id: ISSUE-WP-0003-T04 status: todo priority: high +state_hub_task_id: "ad52527f-6222-4c11-9284-d8a3ed3b49ad" ``` **Goal.** The shared ingestion key delivered to both sides from OpenBao. @@ -170,6 +178,7 @@ priority: high id: ISSUE-WP-0003-T05 status: in_progress priority: medium +state_hub_task_id: "10923f1e-050d-4f3e-980e-b061fef5f33a" ``` **Goal.** issue-core's `backends.json` inside the cluster points `default` at @@ -188,6 +197,7 @@ the cluster Gitea (markitect) backend. id: ISSUE-WP-0003-T06 status: todo priority: high +state_hub_task_id: "96b14cdb-364f-4eab-a80e-dd8b3859c694" ``` **Goal.** activity-core emits to the live issue-core Service. @@ -211,6 +221,7 @@ priority: high id: ISSUE-WP-0003-T07 status: todo priority: medium +state_hub_task_id: "8d853b8e-cfca-441d-b817-0a29e37bd66e" ``` **Goal.** Confirm the deployed service is healthy and document the new path.