generated from coulomb/repo-seed
Standardize public Gitea HTTPS endpoint
Some checks failed
Forge Runner Smoke / compatibility-smoke (push) Has been cancelled
Some checks failed
Forge Runner Smoke / compatibility-smoke (push) Has been cancelled
This commit is contained in:
@@ -27,11 +27,11 @@ while app-release ownership remains there.
|
||||
|-------|--------------|--------------------|-------|
|
||||
| `helm/gitea-values.sops.yaml` | SOPS-encrypted Gitea Helm values. | Moved | Now `railiance-forge/helm/gitea-values.sops.yaml`; moved without decrypting. |
|
||||
| `helm/gitea-registry-values.yaml` | Non-secret overlay enabling Gitea package/container registry behavior. | Moved | Now `railiance-forge/helm/gitea-registry-values.yaml`. |
|
||||
| `manifests/gitea-ingress.yaml` | Registry-facing Gitea ingress for `/v2`. | Moved | Now `railiance-forge/manifests/gitea-ingress.yaml`; labels left unchanged until next reviewed deploy. |
|
||||
| `manifests/gitea-ingress.yaml` | Public Gitea HTTPS ingress for `/`, `/api/packages`, and `/v2`. | Moved | Now `railiance-forge/manifests/gitea-ingress.yaml`; labels reconciled to forge ownership during the reviewed public-root deploy. |
|
||||
| `releases/gitea/values.yaml` | Legacy/plain Gitea release values reference. | Moved | Now `railiance-forge/releases/gitea/values.yaml`; review before using as active deploy input. |
|
||||
| `Makefile` variables `GITEA_*` | Gitea release/chart/value/ingress defaults. | Moved | Forge owns canonical variables; apps keeps only release/name compatibility variables. |
|
||||
| `make gitea-deploy` | Deploy/upgrade current Gitea release. | Moved | Forge owns target; apps delegates during compatibility window. |
|
||||
| `make gitea-ingress-deploy` | Apply Gitea registry ingress. | Moved | Forge owns target; apps delegates during compatibility window. |
|
||||
| `make gitea-ingress-deploy` | Apply public Gitea HTTPS ingress. | Moved | Forge owns target; apps delegates during compatibility window. |
|
||||
| `make gitea-status` | Check Gitea pod/service/ingress and `gitea-db` status. | Moved | Forge owns target; apps delegates during compatibility window. |
|
||||
|
||||
## Copy With Compatibility Pointer
|
||||
|
||||
@@ -29,6 +29,10 @@ Collected from `/home/worsch/railiance-forge` on 2026-06-07.
|
||||
|
||||
Public endpoint checks from this environment:
|
||||
|
||||
Historical note: the root/API `404` results below were collected before
|
||||
`FORGE-WP-0004` made `https://gitea.coulomb.social/` the standard public Gitea
|
||||
web endpoint on 2026-06-13.
|
||||
|
||||
| Endpoint | Result | Interpretation |
|
||||
| --- | --- | --- |
|
||||
| `https://gitea.coulomb.social/` | HTTP `404` | Public root route is not a useful Gitea web health signal here. |
|
||||
|
||||
@@ -6,15 +6,16 @@ Gitea Helm and manifest files now live in this repo.
|
||||
|
||||
## Registry Target
|
||||
|
||||
Use `gitea.coulomb.social` as the approved registry host. The `/v2` ingress is
|
||||
live as of 2026-05-15 and returns the OCI registry authentication challenge over
|
||||
HTTPS.
|
||||
Use `gitea.coulomb.social` as the approved forge and registry host. The public
|
||||
ingress serves the Gitea web route at `https://gitea.coulomb.social/`, the OCI
|
||||
registry route at `/v2`, and the Python package route at `/api/packages`. The
|
||||
`/v2` route returns the OCI registry authentication challenge over HTTPS.
|
||||
|
||||
Registry-specific Gitea settings are carried in
|
||||
`helm/gitea-registry-values.yaml`, a non-secret overlay applied after the SOPS
|
||||
values file by `make gitea-deploy`. It explicitly enables packages, permits
|
||||
container and PyPI uploads without an app-level size cap, clears globally
|
||||
disabled repo units, and moves `ROOT_URL` to the HTTPS host.
|
||||
disabled repo units, and keeps `ROOT_URL` on the HTTPS host.
|
||||
|
||||
Image names should use the Gitea owner and package path:
|
||||
|
||||
|
||||
@@ -8,14 +8,15 @@ Gitea package support is enabled by `helm/gitea-registry-values.yaml`. That
|
||||
overlay is applied after the encrypted base values by `make gitea-deploy` and
|
||||
enables both container packages and Python packages.
|
||||
|
||||
The public ingress intentionally exposes `/api/packages` and `/v2` only. The
|
||||
package route is required for Python package upload and install traffic; the
|
||||
general Gitea web UI and API remain outside this ingress manifest.
|
||||
The public ingress exposes the Gitea web route at
|
||||
`https://gitea.coulomb.social/`, the Python package route at `/api/packages`,
|
||||
and the OCI registry route at `/v2`. The standard endpoint is HTTPS; if package
|
||||
simple-index pages render `http://gitea.coulomb.social/...` artifact links,
|
||||
reconcile the Gitea Helm release with `helm/gitea-registry-values.yaml` so
|
||||
`ROOT_URL` is restored to the HTTPS host.
|
||||
|
||||
The live simple-index pages currently render package artifact links with
|
||||
`http://gitea.coulomb.social/...`. `uv lock` and clean `pip install` checks work
|
||||
against the public package route, but the next Gitea config reconciliation
|
||||
should align `ROOT_URL` with the HTTPS package endpoint.
|
||||
Status on 2026-06-13: the root web route returns `200`, live `ROOT_URL` is
|
||||
`https://gitea.coulomb.social/`, and package artifact links render HTTPS URLs.
|
||||
|
||||
## Python Packages
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# Forge Observability And Operating Evidence
|
||||
|
||||
Last reviewed: 2026-06-07
|
||||
Last reviewed: 2026-06-13
|
||||
|
||||
Status: contract v1. This document defines checks, evidence, and future
|
||||
monitoring expectations. It does not authorize a live monitoring deployment,
|
||||
@@ -44,7 +44,7 @@ Railiance cluster.
|
||||
Additional checks should stay read-only:
|
||||
|
||||
```bash
|
||||
# Web/API health: expect HTTP 200/3xx for the web route, not 5xx.
|
||||
# Web/API health: expect HTTP 200/3xx for the web route, not 404/5xx.
|
||||
curl -fsSI https://gitea.coulomb.social/
|
||||
curl -fsS https://gitea.coulomb.social/api/v1/version
|
||||
|
||||
|
||||
Reference in New Issue
Block a user