diff --git a/docs/forgejo-repo-migration-pilot-glas-harness.md b/docs/forgejo-repo-migration-pilot-glas-harness.md index cd479a7..2cdad86 100644 --- a/docs/forgejo-repo-migration-pilot-glas-harness.md +++ b/docs/forgejo-repo-migration-pilot-glas-harness.md @@ -1,7 +1,13 @@ -# Forgejo Repo Migration Pilot — glas-harness +# Forgejo Repo Migration Pilots (tier 1–2) + +Date: 2026-07-03 (tier 1), 2026-07-04 (tier 2) +Workplan: `CUST-WP-0054-T04`, `RAIL-HO-WP-0005-T10` +Pilots: `glas-harness` (tier 1), `key-cape` (tier 2) + +--- + +## Tier 1 — glas-harness -Date: 2026-07-03 -Workplan: `CUST-WP-0054-T04`, `RAIL-HO-WP-0005-T10` (tier 1) Pilot repo: `coulomb/glas-harness` (non-production tooling; safe routing drill) ## Why this repo @@ -94,12 +100,35 @@ git push "https://:@forgejo.coulomb.social/coulomb/.git" main 7. Leave Gitea repo read-only; do not delete (safety contract). 8. Record results in this doc or a per-repo row in the migration inventory. +## Tier 2 — key-cape (2026-07-04) + +Pilot repo: `coulomb/key-cape` — non-production identity tooling with a real +multi-stage `Dockerfile` (Go build + distroless). + +| Step | Result | Notes | +| --- | --- | --- | +| Mirror git to Forgejo | **pass** | `main` mirrored; `origin=forgejo-remote` | +| Port `.gitea/workflows/image.yaml` → `.forgejo/workflows/image.yaml` | **pass** | Archive checkout + static docker-cli; no `actions/checkout` | +| Build and push on `container-build` | **pass** | `build-and-push` workflow `success` @ `ec706da` | +| k3s pull on railiance01 | **pass** | `sudo crictl pull forgejo.coulomb.social/coulomb/key-cape:latest` | + +Workflow pattern (tier 2+): + +```yaml +# Checkout: repo archive (no git binary required on non-root runner) +wget -qO /tmp/repo.tar.gz "https://forgejo.coulomb.social/${GITHUB_REPOSITORY}/archive/${GITHUB_SHA}.tar.gz" +tar xzf /tmp/repo.tar.gz -C buildctx --strip-components=1 +# Build: static docker-cli + DOCKER_HOST=tcp://127.0.0.1:2375 +``` + +Image: `forgejo.coulomb.social/coulomb/key-cape:latest` + ## Not ready for state-hub yet -Before `state-hub`, the pilot still needs: +Before `state-hub`, the ladder still needs: - [ ] Operator/user SSH identity on Forgejo (not only `forgejo_admin`) -- [ ] Reusable workflow template with `hub-core` build context and `git clone` checkout pattern +- [ ] Reusable workflow template with `hub-core` build context (multi-repo checkout) - [ ] State Hub `remote_url` + sweep checkout path update playbook - [ ] Gitea read-only mirror or push-disable policy for repos after cutover @@ -108,4 +137,5 @@ Before `state-hub`, the pilot still needs: - `docs/forgejo-production-decisions.md` - `railiance-forge/docs/forgejo-actions-runner-substrate.md` - `railiance-apps/docs/forgejo-on-railiance01.md` -- Forgejo repo: https://forgejo.coulomb.social/coulomb/glas-harness \ No newline at end of file +- Tier 1: https://forgejo.coulomb.social/coulomb/glas-harness +- Tier 2: https://forgejo.coulomb.social/coulomb/key-cape \ No newline at end of file diff --git a/workplans/CUST-WP-0054-workstation-independence-and-fleet-realignment.md b/workplans/CUST-WP-0054-workstation-independence-and-fleet-realignment.md index 174d906..263271f 100644 --- a/workplans/CUST-WP-0054-workstation-independence-and-fleet-realignment.md +++ b/workplans/CUST-WP-0054-workstation-independence-and-fleet-realignment.md @@ -172,8 +172,8 @@ state_hub_task_id: "79b9ee4d-f792-434c-a2ea-2fe216a948ca" Execute/absorb `RAIL-HO-WP-0005`: Forgejo production on railiance01 becomes the canonical remote for all repos; coulombcore Gitea becomes a read-only -mirror until decommission. Staged migration ladder (T10): tier 0–1 done; -tier 2 image pilot next; tier 3 production repos gated on T09 backup + +mirror until decommission. Staged migration ladder (T10): tiers 0–2 done (`forgejo-actions-probe`, +`glas-harness`, `key-cape`); tier 3 production repos gated on T09 backup + `state-hub` approval. Stand up Actions runners so container images build and push in CI from tags — the workstation stops being the build/publish host.