feat(statehub): publish railiance image

2026-06-25 14:01:10 +02:00
parent b536741539
commit 48815b3db9
3 changed files with 54 additions and 20 deletions
--- a/13
+++ b/13
@@ -20,10 +20,10 @@ with open("pyproject.toml", "rb") as f:
    project = tomllib.load(f)["project"]

 for dep in project["dependencies"]:
-    # llm-connect is currently a local editable test integration in this repo.
-    # The State Hub API/MCP runtime does not import it, and a container build
-    # must not depend on /home/worsch existing inside the image.
-    if dep == "llm-connect":
+    # llm-connect is a local editable test integration and must not be pulled
+    # into the production image. hub-core is runtime code, but it is installed
+    # from the named Docker build context below because it is not published yet.
+    if dep in {"llm-connect", "hub-core"}:
        continue
    print(dep)
 PY
@@ -31,6 +31,11 @@ PY
 RUN uv venv /app/.venv \
    && uv pip install --python /app/.venv/bin/python --no-cache -r /tmp/requirements.txt

+COPY --from=hub_core_src pyproject.toml /tmp/hub-core/pyproject.toml
+COPY --from=hub_core_src hub_core/ /tmp/hub-core/hub_core/
+
+RUN uv pip install --python /app/.venv/bin/python --no-cache /tmp/hub-core
+
 COPY alembic.ini ./
 COPY api/ ./api/
 COPY flows/ ./flows/
--- a/docs/container-image.md
+++ b/docs/container-image.md
@@ -6,13 +6,15 @@ The State Hub production image is built from `state-hub/Dockerfile`.

 ```bash
 cd state-hub
-docker build -t state-hub:local .
+docker build --build-context hub_core_src=/home/worsch/hub-core \
+  -t state-hub:local \
+  -t gitea.coulomb.social/coulomb/state-hub:<git-sha> .
 ```

-The image installs runtime dependencies from `pyproject.toml` and excludes the
-local editable `llm-connect` dependency. `llm-connect` is currently used by the
-test suite only; the API and MCP runtime do not import it. Removing that
-workstation-local path from the image keeps cluster builds reproducible.
+The image installs runtime dependencies from `pyproject.toml` and excludes
+workstation-local editable sources from registry resolution. `llm-connect` is
+test-only and omitted. `hub-core` is runtime code and is installed from the
+named `hub_core_src` Docker build context until it is published as a package.

 ## Runtime

@@ -49,7 +51,28 @@ Expected response:
 {"status":"ok","db":"connected"}
 ```

-## Current Local Build
+## Current Published Build
+
+Verified and published on 2026-06-25:
+
+```text
+image: gitea.coulomb.social/coulomb/state-hub:b536741
+source commit: b536741
+local image id / index digest: sha256:3184dfd67f127cf8bd5303d7a210d6dc32e7ab05a5da5d51eab5b9a37dab4d4e
+linux/amd64 manifest digest: sha256:a8f30b35c10d9c90fecf4e3ec82849ccb484b6c137cfce7948931005b9690377
+config digest pulled by railiance01: sha256:5ce9c52fa554d6415e7d65d954e0778a8d8f7f8ebb5387c9e6694e1caac9b522
+created: 2026-06-25T13:51:55+02:00
+size: 106675605 bytes
+alembic heads: e9f0a1b2c3d4 (head)
+health: GET /state/health -> {"status":"ok","db":"connected"}
+registry: docker push succeeded
+railiance01: sudo crictl pull gitea.coulomb.social/coulomb/state-hub:b536741 succeeded
+```
+
+Smoke command used a temporary container on host port 18082 so it did not
+conflict with the live workstation State Hub on port 8000.
+
+## Historical Local Build

 Verified local build on 2026-05-15:

@@ -62,11 +85,9 @@ alembic: t7o8p9q0r1s2 (head)
 health: GET /state/health -> {"status":"ok","db":"connected"}
 ```

-Smoke command used a temporary container on host port 18000 so it did not
-conflict with the live workstation State Hub on port 8000.
-
 ## Registry

-The registry target for CUST-WP-0011 is the self-hosted Gitea registry, but
-publishing remains blocked until the Gitea package/container registry endpoint
-is enabled and Docker can authenticate against `/v2/`.
+The registry target for CUST-WP-0011 is the self-hosted Gitea registry at
+`gitea.coulomb.social/coulomb/state-hub`. As of 2026-06-25, `/v2/` returns the
+Docker Registry auth challenge and the `b536741` image tag has been pushed and
+pulled from railiance01.
--- a/workplans/CUST-WP-0011-state-hub-threephoenix-migration.md
+++ b/workplans/CUST-WP-0011-state-hub-threephoenix-migration.md
@@ -8,7 +8,7 @@ status: active
 owner: custodian
 topic_slug: custodian
 created: "2026-03-11"
-updated: "2026-05-17"
+updated: "2026-06-25"
 state_hub_workstream_id: "967baafb-d92d-405a-ba0b-0d00d37c4940"
 supersedes_intent_from: "Migrate Custodian State Hub to ThreePhoenix Cluster"
 follow_up_workplan: CUST-WP-0038
@@ -168,8 +168,9 @@ deferred to `CUST-WP-0038`.

 ```task
 id: CUST-WP-0011-T03
-status: progress
+status: done
 priority: high
+completed: "2026-06-25"
 state_hub_task_id: "79908ade-3e38-451b-a403-2361a16a3f3a"
 ```

@@ -208,8 +209,15 @@ Progress 2026-05-15: rebuilt the image from current State Hub sources as
 18000 and confirmed in-image Alembic reports `t7o8p9q0r1s2 (head)`. Build
 provenance is recorded in `docs/container-image.md`.

-Remaining: enable the Gitea package/container registry, then tag, push, and
-pull the image from railiance01.
+Completed 2026-06-25: adapted the Dockerfile for the current `hub-core`
+runtime dependency by installing it from the named Docker build context
+`hub_core_src=/home/worsch/hub-core`. Built current commit `b536741` as
+`state-hub:local`, `state-hub:b536741`, and
+`gitea.coulomb.social/coulomb/state-hub:b536741`. Verified in-image imports,
+Alembic head `e9f0a1b2c3d4`, and `/state/health` from a temporary container on
+port 18082. Pushed the image to the self-hosted Gitea registry with digest
+`sha256:3184dfd67f127cf8bd5303d7a210d6dc32e7ab05a5da5d51eab5b9a37dab4d4e`
+and verified railiance01 can pull it with `sudo crictl pull`.

 ---