From cbf583f76ccfcb1ea590af3d0bf846a87e6a74ed Mon Sep 17 00:00:00 2001 From: tegwick Date: Sat, 27 Jun 2026 15:55:40 +0200 Subject: [PATCH] Update stabilization checkpoint after overlay scaffold --- ...ructure-stabilization-pickup-checkpoint.md | 4 ++-- ...ar-term-production-service-lanes-status.md | 6 +++--- ...1-infrastructure-stabilization-metaplan.md | 19 +++++++++++++++++-- 3 files changed, 22 insertions(+), 7 deletions(-) diff --git a/docs/infrastructure-stabilization-pickup-checkpoint.md b/docs/infrastructure-stabilization-pickup-checkpoint.md index cdddac6..52b7e59 100644 --- a/docs/infrastructure-stabilization-pickup-checkpoint.md +++ b/docs/infrastructure-stabilization-pickup-checkpoint.md @@ -25,7 +25,7 @@ State Hub active workstreams queried on 2026-06-27: | `cust-wp-0051` | This metaplan is the coordination layer for remaining cross-workplan gates. | | `activity-wp-0016-llm-output-robustness-trust-boundary` | Repo-side output robustness bundle is prepared; live deploy/smoke proof remains. | | `three-phoenix-ha-cluster` | HA substrate remains future critical-workload work, not the current State Hub cutover blocker. | -| `staged-promotion-lifecycle` | T02 `railiance/app.toml` contract is done; continue with T03 overlay repo pattern and T04/T05 command/canary implementation before broad production migrations. | +| `staged-promotion-lifecycle` | T02 `railiance/app.toml` contract and T03 overlay repo pattern/script are done; continue with T04/T05 command/canary implementation before broad production migrations. | | `rail-ho-wp-0005` | Forgejo production migration is parked behind explicit design, SMTP, backup, runner, and cutover decisions. | | `net-wp-0020` | OpenBao unseal/token custody remains an operator design and smoke gate. | | `issue-wp-0003` | issue-core service is healthy; activity-core REST emission wiring remains. | @@ -106,7 +106,7 @@ Resume from `docs/daily-triage-stabilization-status.md` and `ISSUE_SINK_TYPE=rest` and one known-safe emission smoke. 5. Request explicit State Hub cutover approval for `CUST-WP-0011-T07`, or record that WSL2 remains primary for the next operating period. -6. Continue staged-promotion T03/T04/T05 and start artifact-store D7.1/D7.2 +6. Continue staged-promotion T04/T05 and start artifact-store D7.1/D7.2 so Forgejo and storage work inherit clear production promotion gates. 7. Keep Forgejo cutover and State Hub HA work parked until their human decision and drill gates are satisfied. diff --git a/docs/near-term-production-service-lanes-status.md b/docs/near-term-production-service-lanes-status.md index 7565baf..4e5690f 100644 --- a/docs/near-term-production-service-lanes-status.md +++ b/docs/near-term-production-service-lanes-status.md @@ -14,7 +14,7 @@ before starting larger migrations. | `issue-wp-0003` | issue-core is live through ArgoCD; image `0.2.1`, Service port `8765`, ExternalSecret Ready, authenticated smoke created Gitea issue `175`. | Do not flip activity-core blindly. First inject `ISSUE_CORE_API_KEY` into `actcore-runtime-secret` through route `activity-core-issue-sink`; then set activity-core `ISSUE_CORE_URL` to port `8765`, set `ISSUE_SINK_TYPE=rest`, restart/sync, and run one safe emission smoke. | | `rail-ho-wp-0005` | Forgejo migration remains pre-implementation. Inventory is in progress; production decisions, SMTP/email recovery, cutover, and legacy retirement are human-gated. | Resolve T02 production decisions first, then build the disposable Forgejo probe. Do not start production cutover before promotion lifecycle, email recovery, package registry, Actions, backup/restore, and migration drill pass. | | `artifact-store-wp-0007` | All tasks are still `todo`; no live secret gate is currently recorded. | Start with D7.1 fork/object-store landscape and D7.2 compatibility harness. Route D7.3 STS credential vending to NetKingdom if implementation belongs outside artifact-store. | -| `staged-promotion-lifecycle` | Lifecycle spec and T02 `railiance/app.toml` contract are done; overlay pattern, CLI commands, canary template, deployment observation, promotion, and rollback tasks remain. | Start T03 overlay repo pattern, then T04/T05 command and canary template implementation using issue-core/Forgejo as reference consumers for Stage 1/2/3 promotion gates. | +| `staged-promotion-lifecycle` | Lifecycle spec, T02 `railiance/app.toml` contract, and T03 overlay repo pattern/script are done; CLI commands, canary template, deployment observation, promotion, and rollback tasks remain. | Start T04 `railiance run` and T05 canary Helm chart template using generated overlays as reference consumers for Stage 1/2 promotion gates. | ## Credential And Operator Routing @@ -40,8 +40,8 @@ No secret value was read or written. The required non-secret evidence is: 1. Close the issue-core handoff gate because the service is already healthy and only activity-core live emission remains. -2. Continue staged-promotion with T03 overlay repo pattern, then T04/T05 - command and canary template implementation before Forgejo cutover work accelerates. +2. Continue staged-promotion with T04 `railiance run` and T05 canary + template implementation before Forgejo cutover work accelerates. 3. Run artifact-store D7.1/D7.2 as an assessment/build harness lane, with D7.3 routed to NetKingdom if STS vending is not artifact-store-owned. 4. Keep Forgejo production cutover parked behind explicit T02 decisions and the diff --git a/workplans/CUST-WP-0051-infrastructure-stabilization-metaplan.md b/workplans/CUST-WP-0051-infrastructure-stabilization-metaplan.md index 38b203b..db371f8 100644 --- a/workplans/CUST-WP-0051-infrastructure-stabilization-metaplan.md +++ b/workplans/CUST-WP-0051-infrastructure-stabilization-metaplan.md @@ -295,8 +295,23 @@ Progress 2026-06-27 staged promotion: rollback, and human approval gates. - `make fix-consistency REPO=railiance-cluster` passed with pre-existing C-12 warnings and synced the T02 status into State Hub. -- Next staged-promotion picks are T03 overlay repo pattern, then T04/T05 - command and canary template implementation. +- Next staged-promotion picks are T04/T05 command and canary template + implementation; T03 overlay repo pattern is now complete. + +Progress 2026-06-27 staged promotion T03: + +- Completed `RAIL-BS-WP-0006-T03` in `/home/worsch/railiance-cluster`. + Added `docs/overlay-repo-pattern.md`, + `tools/create_railiance_overlay_repo.sh`, and the `bin/railiance + create-overlay` dispatcher entry. The scaffold writes a separate overlay + repo with `railiance/upstream.toml`, schema-valid `railiance/app.toml`, + stage values, a thin Helm chart, Stage 1 test script, rollback runbook, and + promotion notes without cloning upstream code or handling secrets. +- Verified the generated Forgejo overlay sample against + `schemas/railiance-app.schema.json`; generated Stage 1 script ran with Helm + skipped because Helm is unavailable in this environment. +- `make fix-consistency REPO=railiance-cluster` passed with pre-existing + C-12 warnings and synced the T03 status into State Hub. ## Task: Decide State Hub Migration Strategy