From 2ad38b4a1aed6e9437914794aab59151ad48082d Mon Sep 17 00:00:00 2001 From: tegwick Date: Thu, 4 Jun 2026 01:34:33 +0200 Subject: [PATCH] docs: start Forgejo migration inventory --- docs/forgejo-migration-inventory.md | 206 ++++++++++++++++++ ...HO-WP-0005-forgejo-production-migration.md | 6 +- 2 files changed, 210 insertions(+), 2 deletions(-) create mode 100644 docs/forgejo-migration-inventory.md diff --git a/docs/forgejo-migration-inventory.md b/docs/forgejo-migration-inventory.md new file mode 100644 index 0000000..dd047b4 --- /dev/null +++ b/docs/forgejo-migration-inventory.md @@ -0,0 +1,206 @@ +# Forgejo Migration Inventory + +Date: 2026-06-04 +Workplan: RAIL-HO-WP-0005 +Task: RAIL-HO-WP-0005-T01 + +## Scope + +This is the first-pass inventory for migrating the current Gitea installation +to Forgejo on railiance01. It captures facts that were safe to verify from +public Gitea API metadata, State Hub repo records, and Kubernetes object +metadata. It deliberately does not dump Helm values, Kubernetes Secrets, user +tokens, deploy keys, SMTP credentials, or other secret-bearing configuration. + +## Current Gitea Runtime + +- Public URL: `http://gitea.coulomb.social` +- API URL checked: `http://92.205.130.254:32166/api/v1` +- Kubernetes namespace: `default` +- Helm release: `gitea` +- Chart/app observed by Helm metadata: `gitea-12.5.0`, app `1.25.4` +- Workload image observed from Kubernetes metadata: `docker.gitea.com/gitea:1.25.4-rootless` +- Main service: `gitea`, NodePort `3000:32166/TCP` +- SSH service: `gitea-ssh-nodeport`, NodePort `22:30022/TCP` +- Ingress: `gitea.coulomb.social`, class `traefik`, address `92.205.130.254`, ports `80,443` +- Gitea pod status observed: `1/1 Running` + +## Current Storage + +Gitea-related PVCs observed in namespace `default`: + +| PVC | Size | StorageClass | Age | Migration classification | +| --- | ---: | --- | --- | --- | +| `gitea-shared-storage` | 10Gi | `local-path` | 276d | Must migrate or restore; contains Git/app shared state. | +| `data-gitea-postgresql-ha-postgresql-0` | 10Gi | `local-path` | 276d | Legacy bundled PostgreSQL data; preserve until final cutover rollback expires. | +| `data-gitea-postgresql-ha-postgresql-1` | 10Gi | `local-path` | 276d | Legacy bundled PostgreSQL data; preserve until final cutover rollback expires. | +| `data-gitea-postgresql-ha-postgresql-2` | 10Gi | `local-path` | 276d | Legacy bundled PostgreSQL data; preserve until final cutover rollback expires. | +| `valkey-data-gitea-valkey-cluster-0` | 8Gi | `local-path` | 276d | Cache/session data; likely disposable, confirm before cutover. | +| `valkey-data-gitea-valkey-cluster-1` | 8Gi | `local-path` | 276d | Cache/session data; likely disposable, confirm before cutover. | +| `valkey-data-gitea-valkey-cluster-2` | 8Gi | `local-path` | 276d | Cache/session data; likely disposable, confirm before cutover. | + +Related platform services already available: + +| Service | Namespace | Status | +| --- | --- | --- | +| `gitea-db` CNPG cluster | `databases` | Healthy, 1/1 ready | +| `apps-pg` CNPG cluster | `databases` | Healthy, 1/1 ready | +| `valkey` Helm release | `platform` | Deployed | +| `openbao` Helm release | `openbao` | Deployed | + +## Public Repository Inventory + +The public `coulomb` organization API exposed 49 repositories. All visible repos +are public, use `main` as default branch, and have code enabled. + +| Repository | Issues | Wiki | Releases | Packages | Actions | Open issues | Updated | +| --- | --- | --- | --- | --- | --- | ---: | --- | +| `coulomb/artifact-store` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/audit-core` | yes | yes | yes | yes | yes | 0 | 2026-06-01 | +| `coulomb/binect-chrome` | yes | yes | yes | yes | yes | 2 | 2026-01-16 | +| `coulomb/binect-js` | yes | yes | yes | yes | yes | 0 | 2026-01-16 | +| `coulomb/can-you-assist` | yes | yes | yes | yes | yes | 0 | 2026-05-28 | +| `coulomb/citation-engine` | yes | yes | yes | yes | yes | 0 | 2026-05-24 | +| `coulomb/citation-evidence` | yes | yes | yes | yes | yes | 0 | 2026-05-26 | +| `coulomb/citation-work` | yes | yes | yes | yes | yes | 0 | 2026-05-25 | +| `coulomb/coordination-engine` | yes | yes | yes | yes | yes | 0 | 2026-06-01 | +| `coulomb/direkt-vermittlung-de` | yes | yes | yes | yes | yes | 0 | 2025-12-01 | +| `coulomb/domain-tree` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/email-connect` | yes | yes | yes | yes | yes | 0 | 2026-06-02 | +| `coulomb/evidence-anchor` | yes | yes | yes | yes | yes | 0 | 2026-05-24 | +| `coulomb/evidence-binder` | yes | yes | yes | yes | yes | 0 | 2026-05-24 | +| `coulomb/evidence-source` | yes | yes | yes | yes | yes | 0 | 2026-05-24 | +| `coulomb/flex-auth` | yes | yes | yes | yes | yes | 0 | 2026-05-22 | +| `coulomb/guide-board` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/helix-forge` | yes | yes | yes | yes | yes | 0 | 2026-05-22 | +| `coulomb/info-tech-canon` | yes | yes | yes | yes | yes | 0 | 2026-05-27 | +| `coulomb/infospace-bench` | yes | yes | yes | yes | yes | 0 | 2026-05-20 | +| `coulomb/issue-core` | yes | yes | yes | no | yes | 0 | 2026-05-23 | +| `coulomb/kaizen-agentic` | yes | yes | yes | no | yes | 4 | 2026-03-24 | +| `coulomb/key-cape` | yes | yes | yes | yes | yes | 0 | 2026-06-01 | +| `coulomb/kontextual-engine` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/llm-connect` | yes | yes | yes | yes | yes | 0 | 2026-06-03 | +| `coulomb/marki-docx` | yes | yes | yes | yes | yes | 0 | 2026-03-18 | +| `coulomb/markitect-filter` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/markitect-main` | yes | yes | yes | no | yes | 60 | 2026-05-23 | +| `coulomb/markitect-quarkdown` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/markitect-tool` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/open-cmis-tck` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/open-reuse` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/ops-bridge` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/ops-warden` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/phase-memory` | yes | yes | yes | yes | yes | 0 | 2026-05-19 | +| `coulomb/polycode-sim` | yes | yes | yes | no | yes | 0 | 2025-10-30 | +| `coulomb/railiance-fabric` | yes | yes | yes | yes | yes | 0 | 2026-06-03 | +| `coulomb/ralph-workplan` | yes | yes | yes | yes | yes | 0 | 2026-03-16 | +| `coulomb/repo-scoping` | yes | yes | yes | yes | yes | 0 | 2026-05-18 | +| `coulomb/repo-seed` | yes | yes | yes | no | no | 0 | 2025-11-18 | +| `coulomb/shard-wiki` | yes | yes | yes | yes | yes | 0 | 2026-05-15 | +| `coulomb/state-hub` | yes | yes | yes | yes | yes | 0 | 2026-06-03 | +| `coulomb/tele-mcp` | yes | yes | yes | yes | yes | 0 | 2025-09-07 | +| `coulomb/testdrive-jsui` | yes | yes | yes | no | yes | 0 | 2025-12-17 | +| `coulomb/the-custodian` | yes | yes | yes | yes | yes | 0 | 2026-06-03 | +| `coulomb/timeline-svg` | yes | yes | yes | yes | yes | 0 | 2026-01-23 | +| `coulomb/user-engine` | yes | yes | yes | yes | yes | 0 | 2026-06-03 | +| `coulomb/vantage-point` | yes | yes | yes | yes | yes | 0 | 2026-05-15 | +| `coulomb/vergabe-teilnahme` | yes | yes | yes | yes | yes | 0 | 2026-05-23 | + +## State Hub Registration Cross-Check + +Matched to State Hub repo records: + +- `artifact-store` +- `can-you-assist` +- `citation-engine` +- `citation-evidence` +- `citation-work` +- `domain-tree` +- `email-connect` +- `evidence-anchor` +- `evidence-binder` +- `evidence-source` +- `flex-auth` +- `guide-board` +- `helix-forge` +- `info-tech-canon` +- `infospace-bench` +- `issue-core` +- `kaizen-agentic` +- `key-cape` +- `kontextual-engine` +- `llm-connect` +- `marki-docx` +- `markitect-filter` +- `markitect-main` +- `markitect-quarkdown` +- `markitect-tool` +- `open-cmis-tck` +- `open-reuse` +- `ops-bridge` +- `ops-warden` +- `phase-memory` +- `railiance-fabric` +- `repo-scoping` +- `state-hub` +- `the-custodian` +- `user-engine` +- `vergabe-teilnahme` + +Missing or uncertain in State Hub by simple name/remote matching: + +- `audit-core` +- `binect-chrome` +- `binect-js` +- `coordination-engine` +- `direkt-vermittlung-de` +- `polycode-sim` +- `ralph-workplan` +- `repo-seed` +- `shard-wiki` +- `tele-mcp` +- `testdrive-jsui` +- `timeline-svg` +- `vantage-point` + +These may be intentionally unregistered, registered under aliases, or outside +current State Hub ownership. They need review before cutover so no repository is +lost or left with an untracked remote. + +## Feature Classification + +| Feature | Observed state | Migration class | +| --- | --- | --- | +| Git repositories | 49 public repos in `coulomb` org | Automatic plus verification clone/push for sample repos. | +| Issues | Enabled on all visible repos; open issues at least on `markitect-main`, `kaizen-agentic`, `binect-chrome` | Must preserve or explicitly classify unsupported. | +| Wiki | Enabled on all visible repos | Must verify actual wiki content per repo with credentialed or git-based check. | +| Releases | Enabled on all visible repos | Must preserve release records and assets where present. | +| Packages | Enabled on most repos; disabled on a few older/template repos | Must verify actual package data with authenticated API or storage inspection. | +| Actions | Enabled on most repos; disabled on `repo-seed` | Must verify whether workflows/runners are actually in use. | +| Pull requests/projects | API reports pull requests and projects enabled on visible repos | Must include in migration drill result matrix. | +| Users/org/team membership | Not safely inventoried from public API in this pass | Requires authenticated admin inventory. | +| Deploy keys/SSH keys/tokens/webhooks | Not inspected | Requires authenticated admin inventory; cannot be inferred from public repo fields. | +| LFS/attachments | Not inspected | Requires authenticated API/storage inventory and restore drill. | +| SMTP/account recovery | Not inspected | Covered by T06; requires approved test account and mail path. | + +## Immediate Gaps Before Probe or Cutover + +1. Resolve WP-0005 T02 production choices before creating durable Forgejo + manifests. +2. Complete an authenticated Gitea admin inventory for users, teams, deploy + keys, SSH keys, access tokens, webhooks, packages, LFS, attachments, and + actual wiki/release asset contents. +3. Decide whether the 13 missing/uncertain Gitea repos should be registered in + State Hub, archived, or explicitly excluded from migration. +4. Fix host preflight drift observed by `make status`: + - `CoulombCore` UFW reported inactive. + - Both `CoulombCore` and `Railiance01` reported `PasswordAuthentication yes`. +5. Establish a backup target and restore drill before migrating any production + repository data. +6. Keep legacy Gitea as source of truth until Forgejo probe and restore checks + pass. + +## Current T01 Status + +This first pass satisfies the public and infrastructure metadata part of T01. +T01 should remain open until the authenticated admin inventory and missing repo +classification are complete. diff --git a/workplans/RAIL-HO-WP-0005-forgejo-production-migration.md b/workplans/RAIL-HO-WP-0005-forgejo-production-migration.md index 15f2d12..f44f550 100644 --- a/workplans/RAIL-HO-WP-0005-forgejo-production-migration.md +++ b/workplans/RAIL-HO-WP-0005-forgejo-production-migration.md @@ -8,7 +8,7 @@ status: active owner: railiance topic_slug: railiance created: "2026-05-03" -updated: "2026-05-03" +updated: "2026-06-04" state_hub_workstream_id: "84e17675-0d15-4268-a8bd-540124d37018" --- @@ -115,13 +115,15 @@ operator / agents / developers ```task id: RAIL-HO-WP-0005-T01 -status: todo +status: in_progress priority: high state_hub_task_id: "cf59d171-5629-45c9-9d44-8d6499827ffc" ``` Create a source-of-truth inventory of current Gitea usage. +First-pass inventory artifact: `docs/forgejo-migration-inventory.md`. + Minimum inventory: - All repositories in the `coulomb` organization.