88 lines
2.4 KiB
Markdown
88 lines
2.4 KiB
Markdown
---
|
|
id: RAILIANCE-WP-0011
|
|
type: workplan
|
|
title: "Inter-Hub production trigger hardening"
|
|
domain: railiance
|
|
repo: railiance-apps
|
|
status: finished
|
|
owner: codex
|
|
topic_slug: railiance
|
|
created: "2026-06-15"
|
|
updated: "2026-06-15"
|
|
state_hub_workstream_id: "98cf42ae-9b64-4736-97e1-bae325ded1f9"
|
|
---
|
|
|
|
# Inter-Hub production trigger hardening
|
|
|
|
## Goal
|
|
|
|
Turn the local Inter-Hub deploy surface into a safe production trigger for
|
|
Railiance01. The trigger must refuse missing images before Helm, use the
|
|
current Inter-Hub v2 API smoke contract, and expose a manual workflow path that
|
|
has the same gates as an attended local operator deploy.
|
|
|
|
## Add OCI Image Preflight
|
|
|
|
```task
|
|
id: RAILIANCE-WP-0011-T01
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "10e27372-fb8b-40ac-b1f8-1c2c78fea0da"
|
|
```
|
|
|
|
Add a reusable image manifest preflight for
|
|
`gitea.coulomb.social/coulomb/inter-hub:<tag>` and wire production deploys to
|
|
fail before Helm when the requested tag is absent or inaccessible.
|
|
|
|
## Split Baseline Render From Production Dry-Run
|
|
|
|
```task
|
|
id: RAILIANCE-WP-0011-T02
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "c48320db-9ed7-4792-89a6-f55691919891"
|
|
```
|
|
|
|
Keep a baseline render target for chart validation with checked-in values, but
|
|
make production-facing Inter-Hub dry-runs require an explicit
|
|
`INTER_HUB_IMAGE_TAG`.
|
|
|
|
## Update Inter-Hub Smoke Contract
|
|
|
|
```task
|
|
id: RAILIANCE-WP-0011-T03
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "b3260f7a-6dcb-4bb4-ae53-bf81c0081e86"
|
|
```
|
|
|
|
Update `inter-hub-smoke` to match the current public-read/authenticated-write
|
|
contract: `/api/v2/hubs` returns public discovery, protected resources reject
|
|
anonymous access, and OpenAPI is served from `/api/v2/openapi.json`.
|
|
|
|
## Add Manual Production Deploy Workflow
|
|
|
|
```task
|
|
id: RAILIANCE-WP-0011-T04
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "32ca0b17-fb7c-4cd5-a846-ff92933daf89"
|
|
```
|
|
|
|
Add a `workflow_dispatch` Gitea Actions workflow that requires an immutable
|
|
image tag and confirmation text, verifies the image manifest, runs Helm
|
|
server-side dry-run, deploys, shows status, and runs smoke checks.
|
|
|
|
## Update Runbook And Closure Evidence
|
|
|
|
```task
|
|
id: RAILIANCE-WP-0011-T05
|
|
status: done
|
|
priority: medium
|
|
state_hub_task_id: "0369b47a-09f0-4780-9c91-556049a0d505"
|
|
```
|
|
|
|
Document the local and workflow production paths, failure classification for a
|
|
missing image tag, current smoke expectations, and validation evidence for the
|
|
implemented deploy surface.
|