Document Forgejo tier 2.5: operator SSH, templates, railiance stack promotion
Record tegwick SSH identity, enablement workflow templates, and five railiance repos on Forgejo with ci-smoke. Update state-hub gate checklist.
This commit is contained in:
@@ -83,7 +83,7 @@ git push "https://<user>:<token>@forgejo.coulomb.social/coulomb/<repo>.git" main
|
|||||||
|
|
||||||
| Gap | Impact | Mitigation for next repos |
|
| Gap | Impact | Mitigation for next repos |
|
||||||
| --- | --- | --- |
|
| --- | --- | --- |
|
||||||
| `tegwick` Gitea user not on Forgejo | SSH as `git@92.205.130.254` (Gitea) ≠ `git@92.205.62.239` (Forgejo); keys are per-forge | Register operator keys on Forgejo users before cutover; or use `forgejo_admin` interim |
|
| ~~`tegwick` not on Forgejo~~ | **Resolved 2026-07-04** — `tegwick` admin user + `workstation-automation` SSH key; `forgejo-remote` greets `Hi there, tegwick!` | Add other operator keys before team cutover |
|
||||||
| No automated Gitea→Forgejo mirror | Gitea copy drifts after Forgejo becomes canonical | Staged cutover: freeze Gitea pushes, one-way mirror, or retire Gitea remote after verification |
|
| No automated Gitea→Forgejo mirror | Gitea copy drifts after Forgejo becomes canonical | Staged cutover: freeze Gitea pushes, one-way mirror, or retire Gitea remote after verification |
|
||||||
| `actions/checkout@v4` on host runner | Breaks multi-step workflows that depend on checkout | `git clone` in `run:` step (see image-build probe) |
|
| `actions/checkout@v4` on host runner | Breaks multi-step workflows that depend on checkout | `git clone` in `run:` step (see image-build probe) |
|
||||||
| Issues/wiki/releases/LFS | Not exercised in pilot | Classify per repo in migration inventory before production repos |
|
| Issues/wiki/releases/LFS | Not exercised in pilot | Classify per repo in migration inventory before production repos |
|
||||||
@@ -123,14 +123,35 @@ tar xzf /tmp/repo.tar.gz -C buildctx --strip-components=1
|
|||||||
|
|
||||||
Image: `forgejo.coulomb.social/coulomb/key-cape:latest`
|
Image: `forgejo.coulomb.social/coulomb/key-cape:latest`
|
||||||
|
|
||||||
|
## Tier 2.5 — railiance stack (2026-07-04)
|
||||||
|
|
||||||
|
Infra/platform repos promoted before tier-3 production set. Canonical remote is
|
||||||
|
Forgejo; Gitea `gitea` remote retained for rollback mirror.
|
||||||
|
|
||||||
|
| Repo | Forgejo | `origin` | CI workflow | Notes |
|
||||||
|
| --- | --- | --- | --- | --- |
|
||||||
|
| `railiance-enablement` | yes | `forgejo-remote` | `ci-smoke` + templates in `workflows/` | S4 canonical templates |
|
||||||
|
| `railiance-infra` | yes | `forgejo-remote` | `ci-smoke` | |
|
||||||
|
| `railiance-apps` | yes | `forgejo-remote` | `ci-smoke` | |
|
||||||
|
| `railiance-platform` | yes | `forgejo-remote` | `ci-smoke` | Local uncommitted `Makefile`/helm edits not in promotion |
|
||||||
|
| `railiance-cluster` | yes | `forgejo-remote` | `ci-smoke` | |
|
||||||
|
|
||||||
|
Promotion helper: `railiance-enablement/tools/promote-repo-to-forgejo.sh`
|
||||||
|
|
||||||
|
Template docs: `railiance-enablement/docs/forgejo-actions-workflow-templates.md`
|
||||||
|
|
||||||
|
Operator SSH (2026-07-04): user `tegwick` on Forgejo (admin, `coulomb` Owners
|
||||||
|
team); workstation key moved from `forgejo_admin` to `tegwick`.
|
||||||
|
|
||||||
## Not ready for state-hub yet
|
## Not ready for state-hub yet
|
||||||
|
|
||||||
Before `state-hub`, the ladder still needs:
|
Before `state-hub`, the ladder still needs:
|
||||||
|
|
||||||
- [ ] Operator/user SSH identity on Forgejo (not only `forgejo_admin`)
|
- [x] Operator/user SSH identity on Forgejo (`tegwick` + workstation key)
|
||||||
- [ ] Reusable workflow template with `hub-core` build context (multi-repo checkout)
|
- [x] Reusable workflow templates in `railiance-enablement` (incl. multi-repo / `hub-core` context template)
|
||||||
- [ ] State Hub `remote_url` + sweep checkout path update playbook
|
- [ ] State Hub `remote_url` + sweep checkout path update playbook
|
||||||
- [ ] Gitea read-only mirror or push-disable policy for repos after cutover
|
- [ ] Gitea read-only mirror or push-disable policy for repos after cutover
|
||||||
|
- [ ] Scheduled Forgejo backups (disaster-control track; restore drill passed)
|
||||||
|
|
||||||
## References
|
## References
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user