From da0735a05a6d05145feeae4e58ae70cd2d971758 Mon Sep 17 00:00:00 2001 From: tegwick Date: Sat, 27 Jun 2026 17:08:48 +0200 Subject: [PATCH] Update stabilization checkpoint after staged promotion finish --- ...tructure-stabilization-pickup-checkpoint.md | 8 +++++--- ...ear-term-production-service-lanes-status.md | 4 ++-- ...51-infrastructure-stabilization-metaplan.md | 18 +++++++++++++++--- 3 files changed, 22 insertions(+), 8 deletions(-) diff --git a/docs/infrastructure-stabilization-pickup-checkpoint.md b/docs/infrastructure-stabilization-pickup-checkpoint.md index e30a9a3..a5ba2f4 100644 --- a/docs/infrastructure-stabilization-pickup-checkpoint.md +++ b/docs/infrastructure-stabilization-pickup-checkpoint.md @@ -25,7 +25,6 @@ State Hub active workstreams queried on 2026-06-27: | `cust-wp-0051` | This metaplan is the coordination layer for remaining cross-workplan gates. | | `activity-wp-0016-llm-output-robustness-trust-boundary` | Repo-side output robustness bundle is prepared; live deploy/smoke proof remains. | | `three-phoenix-ha-cluster` | HA substrate remains future critical-workload work, not the current State Hub cutover blocker. | -| `staged-promotion-lifecycle` | T02 `railiance/app.toml` contract, T03 overlay repo pattern/script, T04 Stage 1 runner, T05 canary template, and T06 deploy/observe tooling are done; continue with T07 promote/rollback/onboarding before broad production migrations. | | `rail-ho-wp-0005` | Forgejo production migration is parked behind explicit design, SMTP, backup, runner, and cutover decisions. | | `net-wp-0020` | OpenBao unseal/token custody remains an operator design and smoke gate. | | `issue-wp-0003` | issue-core service is healthy; activity-core REST emission wiring remains. | @@ -44,6 +43,9 @@ Hygiene status: cleared during this stabilization session. - `make fix-consistency REPO=the-custodian` still reports pre-existing C-12 orphan-row warnings, but the relevant workplan lifecycle and task states sync. +- `RAIL-BS-WP-0006-staged-promotion-lifecycle` is finished: all seven tasks + are done, the workstream is finished in State Hub, and the file frontmatter + is `status: finished`. ## Blocker Board @@ -106,8 +108,8 @@ Resume from `docs/daily-triage-stabilization-status.md` and `ISSUE_SINK_TYPE=rest` and one known-safe emission smoke. 5. Request explicit State Hub cutover approval for `CUST-WP-0011-T07`, or record that WSL2 remains primary for the next operating period. -6. Continue staged-promotion T07 and start artifact-store D7.1/D7.2 - so Forgejo and storage work inherit clear production promotion gates. +6. Start artifact-store D7.1/D7.2; Forgejo and storage work can now inherit + the finished staged-promotion gates. 7. Keep Forgejo cutover and State Hub HA work parked until their human decision and drill gates are satisfied. diff --git a/docs/near-term-production-service-lanes-status.md b/docs/near-term-production-service-lanes-status.md index f0d1007..22a6d25 100644 --- a/docs/near-term-production-service-lanes-status.md +++ b/docs/near-term-production-service-lanes-status.md @@ -14,7 +14,7 @@ before starting larger migrations. | `issue-wp-0003` | issue-core is live through ArgoCD; image `0.2.1`, Service port `8765`, ExternalSecret Ready, authenticated smoke created Gitea issue `175`. | Do not flip activity-core blindly. First inject `ISSUE_CORE_API_KEY` into `actcore-runtime-secret` through route `activity-core-issue-sink`; then set activity-core `ISSUE_CORE_URL` to port `8765`, set `ISSUE_SINK_TYPE=rest`, restart/sync, and run one safe emission smoke. | | `rail-ho-wp-0005` | Forgejo migration remains pre-implementation. Inventory is in progress; production decisions, SMTP/email recovery, cutover, and legacy retirement are human-gated. | Resolve T02 production decisions first, then build the disposable Forgejo probe. Do not start production cutover before promotion lifecycle, email recovery, package registry, Actions, backup/restore, and migration drill pass. | | `artifact-store-wp-0007` | All tasks are still `todo`; no live secret gate is currently recorded. | Start with D7.1 fork/object-store landscape and D7.2 compatibility harness. Route D7.3 STS credential vending to NetKingdom if implementation belongs outside artifact-store. | -| `staged-promotion-lifecycle` | Lifecycle spec, T02 `railiance/app.toml` contract, T03 overlay repo pattern/script, T04 `railiance run` Stage 1 runner, T05 canary Helm template, and T06 deploy/observe tooling are done; promotion, rollback, and onboarding remain. | Start T07 `railiance promote`, `railiance rollback`, and onboarding guide using generated overlays as reference consumers for Stage 3 gates. | +| `staged-promotion-lifecycle` | Finished. Lifecycle spec, app contract, overlay scaffold, Stage 1 runner, canary template, deploy/observe tooling, promote/rollback tooling, and onboarding guide are done. | Use the finished promotion gates as prerequisites for Forgejo/source-forge and storage production work. | ## Credential And Operator Routing @@ -40,7 +40,7 @@ No secret value was read or written. The required non-secret evidence is: 1. Close the issue-core handoff gate because the service is already healthy and only activity-core live emission remains. -2. Continue staged-promotion with T07 promote/rollback/onboarding before +2. Treat staged-promotion as complete; use it as the gate model before Forgejo cutover work accelerates. 3. Run artifact-store D7.1/D7.2 as an assessment/build harness lane, with D7.3 routed to NetKingdom if STS vending is not artifact-store-owned. diff --git a/workplans/CUST-WP-0051-infrastructure-stabilization-metaplan.md b/workplans/CUST-WP-0051-infrastructure-stabilization-metaplan.md index a4f83fd..6295155 100644 --- a/workplans/CUST-WP-0051-infrastructure-stabilization-metaplan.md +++ b/workplans/CUST-WP-0051-infrastructure-stabilization-metaplan.md @@ -44,7 +44,7 @@ Active registered workstreams with open work: | cust-wp-0049 | 1 wait, 5 done | Access lane is ready; live bootstrap needs approved admin execution. | | activity-wp-0016 | 1 wait, 2 progress, 5 todo, 2 done | Daily-triage output robustness needs live deploy/smoke evidence. | | three-phoenix-ha-cluster | 7 todo | Target HA substrate is planned but not executed. | -| staged-promotion-lifecycle | 1 todo, 6 done | Promotion discipline needed before broad production cutovers. | +| staged-promotion-lifecycle | finished, 7 done | Promotion discipline ready for broad production cutovers. | | rail-ho-wp-0005 | 11 todo, 1 progress | Forgejo production migration needs human design and cutover decisions. | | cust-wp-0045-cutover-runbook | 0 tasks | Registered runbook is appearing as an active no-task workstream. | | net-wp-0020 | 2 wait, 1 todo, 2 done | OpenBao unseal custody models still need operator profile decisions. | @@ -295,8 +295,7 @@ Progress 2026-06-27 staged promotion: rollback, and human approval gates. - `make fix-consistency REPO=railiance-cluster` passed with pre-existing C-12 warnings and synced the T02 status into State Hub. -- T02 through T06 are complete; the next staged-promotion pick is T07 - promote/rollback/onboarding. +- T02 through T07 are complete; the staged-promotion lifecycle is finished. Progress 2026-06-27 staged promotion T03: @@ -357,6 +356,19 @@ Progress 2026-06-27 staged promotion T06: - `make fix-consistency REPO=railiance-cluster` passed with pre-existing C-12 warnings and synced the T06 status into State Hub. +Progress 2026-06-27 staged promotion T07 and finish: + +- Completed `RAIL-BS-WP-0006-T07` in `/home/worsch/railiance-cluster`. + Added `tools/cmd/railiance-stage3`, `bin/railiance promote`, + `bin/railiance rollback`, and `docs/promote-rollback-onboarding.md`. + Generated overlays now declare promote/rollback plan commands. +- Verified a fresh generated Forgejo overlay through Stage 1 run, Stage 2 + deploy/observe plans, Stage 3 promote/rollback plans, and blocked apply paths + for missing approval/Helm/revision evidence. +- Marked `RAIL-BS-WP-0006` `status: finished`; `make fix-consistency + REPO=railiance-cluster` synced the finished workstream with only pre-existing + C-12 orphan-row warnings. + ## Task: Decide State Hub Migration Strategy ```task