Reviewed state and next todos

This commit is contained in:
2026-05-03 00:03:29 +02:00
parent 83d041fe1c
commit 301a63d843
2 changed files with 234 additions and 11 deletions

View File

@@ -8,7 +8,7 @@ status: active
owner: worsch
topic_slug: railiance
created: "2026-03-26"
updated: "2026-03-27"
updated: "2026-05-02"
supersedes: RAIL-PL-WP-0001
state_hub_workstream_id: "cee078e9-b18c-4f84-8a8a-6f27c2f9f407"
---
@@ -432,7 +432,7 @@ context.
---
### T09 — Deploy state-hub to cluster (S5)
### T09 — Deploy state-hub to railiance01 as cluster primary (S5)
```task
id: RAIL-HO-WP-0004-T09
@@ -440,12 +440,16 @@ status: todo
priority: medium
state_hub_task_id: "d2afe78a-eb51-4ce9-b332-f181323d2370"
needs_human: true
intervention_note: "Requires decisions: final hostname/domain for state-hub, whether to use Gitea container registry or ghcr.io, and approval before data migration from workstation postgres."
intervention_note: "Requires decisions: final hostname/domain or tunnel-only endpoint, registry choice, private exposure model, and approval before freezing workstation writes and migrating production State Hub data."
```
**Pre-condition:** T04 done (cnpg Gitea DB working); T08 done (deploy sequence
documented). State-hub needs a PostgreSQL database — use a cnpg cluster in
`databases` namespace.
documented). Custodian-side safety gate `CUST-WP-0011-T01` must have passed:
a fresh WSL2 State Hub backup restore drill with matching row counts.
State-hub needs a PostgreSQL database — use a cnpg cluster in `databases`
namespace. This is the pragmatic railiance01 migration path; full multi-node
ThreePhoenix HA remains a separate Custodian follow-up (`CUST-WP-0038`).
Steps:
1. Define `state-hub-db` cnpg Cluster in `railiance-platform` (same pattern as T03).
@@ -456,13 +460,18 @@ Steps:
- Service + Ingress (https://state-hub.<domain>)
- ConfigMap for environment (DB URL, etc.)
- Secret for DB credentials (SOPS-managed)
5. Migrate data: `pg_dump` from workstation postgres → `pg_restore` into
cnpg cluster.
6. Update ops-bridge tunnel targets if the state-hub URL changes.
7. Update `~/.claude/CLAUDE.md` global instructions to point to cluster URL.
5. Deploy empty State Hub and run Alembic migrations in-cluster.
6. Restore a copy of WSL2 data into the cnpg cluster and compare table counts
while the workstation remains the source of truth.
7. With explicit human approval, freeze workstation writes, take a final dump,
restore it to the cluster, and make railiance01 the primary endpoint.
8. Update ops-bridge tunnel targets or MCP `API_BASE` if the State Hub URL changes.
9. Update operator instructions to describe cluster primary plus WSL2 fallback.
**Done when:** `curl https://state-hub.<domain>/state/health` returns healthy;
all MCP tools functional; workstation state-hub can be decommissioned.
**Done when:** the private State Hub endpoint returns healthy, MCP tools work
against the cluster-backed API, and WSL2 is retained as documented fallback.
Permanent WSL2 retirement is out of scope here and requires a later explicit
approval after stabilisation.
---