Document tier-2 key-cape Forgejo image pilot (T10 complete)
Adds archive-checkout image workflow evidence and k3s pull verification; tiers 0-2 satisfied before state-hub cutover.
This commit is contained in:
@@ -1,7 +1,13 @@
|
||||
# Forgejo Repo Migration Pilot — glas-harness
|
||||
# Forgejo Repo Migration Pilots (tier 1–2)
|
||||
|
||||
Date: 2026-07-03 (tier 1), 2026-07-04 (tier 2)
|
||||
Workplan: `CUST-WP-0054-T04`, `RAIL-HO-WP-0005-T10`
|
||||
Pilots: `glas-harness` (tier 1), `key-cape` (tier 2)
|
||||
|
||||
---
|
||||
|
||||
## Tier 1 — glas-harness
|
||||
|
||||
Date: 2026-07-03
|
||||
Workplan: `CUST-WP-0054-T04`, `RAIL-HO-WP-0005-T10` (tier 1)
|
||||
Pilot repo: `coulomb/glas-harness` (non-production tooling; safe routing drill)
|
||||
|
||||
## Why this repo
|
||||
@@ -94,12 +100,35 @@ git push "https://<user>:<token>@forgejo.coulomb.social/coulomb/<repo>.git" main
|
||||
7. Leave Gitea repo read-only; do not delete (safety contract).
|
||||
8. Record results in this doc or a per-repo row in the migration inventory.
|
||||
|
||||
## Tier 2 — key-cape (2026-07-04)
|
||||
|
||||
Pilot repo: `coulomb/key-cape` — non-production identity tooling with a real
|
||||
multi-stage `Dockerfile` (Go build + distroless).
|
||||
|
||||
| Step | Result | Notes |
|
||||
| --- | --- | --- |
|
||||
| Mirror git to Forgejo | **pass** | `main` mirrored; `origin=forgejo-remote` |
|
||||
| Port `.gitea/workflows/image.yaml` → `.forgejo/workflows/image.yaml` | **pass** | Archive checkout + static docker-cli; no `actions/checkout` |
|
||||
| Build and push on `container-build` | **pass** | `build-and-push` workflow `success` @ `ec706da` |
|
||||
| k3s pull on railiance01 | **pass** | `sudo crictl pull forgejo.coulomb.social/coulomb/key-cape:latest` |
|
||||
|
||||
Workflow pattern (tier 2+):
|
||||
|
||||
```yaml
|
||||
# Checkout: repo archive (no git binary required on non-root runner)
|
||||
wget -qO /tmp/repo.tar.gz "https://forgejo.coulomb.social/${GITHUB_REPOSITORY}/archive/${GITHUB_SHA}.tar.gz"
|
||||
tar xzf /tmp/repo.tar.gz -C buildctx --strip-components=1
|
||||
# Build: static docker-cli + DOCKER_HOST=tcp://127.0.0.1:2375
|
||||
```
|
||||
|
||||
Image: `forgejo.coulomb.social/coulomb/key-cape:latest`
|
||||
|
||||
## Not ready for state-hub yet
|
||||
|
||||
Before `state-hub`, the pilot still needs:
|
||||
Before `state-hub`, the ladder still needs:
|
||||
|
||||
- [ ] Operator/user SSH identity on Forgejo (not only `forgejo_admin`)
|
||||
- [ ] Reusable workflow template with `hub-core` build context and `git clone` checkout pattern
|
||||
- [ ] Reusable workflow template with `hub-core` build context (multi-repo checkout)
|
||||
- [ ] State Hub `remote_url` + sweep checkout path update playbook
|
||||
- [ ] Gitea read-only mirror or push-disable policy for repos after cutover
|
||||
|
||||
@@ -108,4 +137,5 @@ Before `state-hub`, the pilot still needs:
|
||||
- `docs/forgejo-production-decisions.md`
|
||||
- `railiance-forge/docs/forgejo-actions-runner-substrate.md`
|
||||
- `railiance-apps/docs/forgejo-on-railiance01.md`
|
||||
- Forgejo repo: https://forgejo.coulomb.social/coulomb/glas-harness
|
||||
- Tier 1: https://forgejo.coulomb.social/coulomb/glas-harness
|
||||
- Tier 2: https://forgejo.coulomb.social/coulomb/key-cape
|
||||
@@ -172,8 +172,8 @@ state_hub_task_id: "79b9ee4d-f792-434c-a2ea-2fe216a948ca"
|
||||
|
||||
Execute/absorb `RAIL-HO-WP-0005`: Forgejo production on railiance01 becomes
|
||||
the canonical remote for all repos; coulombcore Gitea becomes a read-only
|
||||
mirror until decommission. Staged migration ladder (T10): tier 0–1 done;
|
||||
tier 2 image pilot next; tier 3 production repos gated on T09 backup +
|
||||
mirror until decommission. Staged migration ladder (T10): tiers 0–2 done (`forgejo-actions-probe`,
|
||||
`glas-harness`, `key-cape`); tier 3 production repos gated on T09 backup +
|
||||
`state-hub` approval. Stand up Actions runners so container images build and
|
||||
push in CI from tags — the workstation stops being the build/publish host.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user