diff --git a/.claude/rules/credential-routing.md b/.claude/rules/credential-routing.md index 092434f..104986d 100644 --- a/.claude/rules/credential-routing.md +++ b/.claude/rules/credential-routing.md @@ -20,7 +20,7 @@ Requires the `warden` CLI from `~/ops-warden` (`uv tool install .` or `uv run wa | Agent runtime | How to orient | | --- | --- | | **Codex / Grok** (shell, HTTP State Hub) | `warden route` commands above; inbox `to_agent=railiance-apps` is for coordination, not secret vending | -| **Claude Code** (MCP when available) | `get_domain_summary("custodian")` for workplans; **still** use `warden route` for credential ownership | +| **Claude Code** (MCP when available) | `get_domain_summary("custodian")` for workstreams; **still** use `warden route` for credential ownership | | **llm-connect** (inference service) | Never put secret retrieval in prompts; route custody to OpenBao/operator paths surfaced by `warden route` | ### Quick routing table diff --git a/.claude/rules/first-session.md b/.claude/rules/first-session.md index 358e6d1..886fe61 100644 --- a/.claude/rules/first-session.md +++ b/.claude/rules/first-session.md @@ -1,41 +1,37 @@ ## First Session Protocol -Triggered when `get_domain_summary("financials")` shows **no workplans**. +Triggered when `get_domain_summary("railiance")` shows **no workstreams**. The project is registered but work has not yet been structured. **Step 1 — Read, don't write** -- `~/the-custodian/canon/projects/financials/project_charter_v0.1.md` — purpose, scope -- `~/the-custodian/canon/projects/financials/roadmap_v0.1.md` — planned phases +- `~/the-custodian/canon/projects/railiance/project_charter_v0.1.md` — purpose, scope +- `~/the-custodian/canon/projects/railiance/roadmap_v0.1.md` — planned phases - Scan repo root: README, directory structure, existing code or docs **Step 2 — Survey in-progress work** Look for TODOs, open branches, half-finished files. Note done vs. started but incomplete. -**Step 3 — Propose workplans to Bernd** -Propose 1–3 workplans — each a coherent strand, weeks to months, anchored to a +**Step 3 — Propose workstreams to Bernd** +Propose 1–3 workstreams — each a coherent strand, weeks to months, anchored to a roadmap phase. **Wait for approval before creating.** -**Step 4 — Write the workplan file; fix-consistency registers it (ADR-001)** +**Step 4 — Create workplan file first, then DB record (ADR-001)** ``` -workplans/RAILIANCE-WP-NNNN-.md ← write this, commit it +workplans/railiance-apps-WP-NNNN-.md ← write this first ``` -Then register by running the consistency check — do **not** call -`create_workplan`/`create_task` (or legacy `create_workstream`) yourself; -manual registration duplicates what C-06 creates from the file: -```bash -statehub fix-consistency --repo railiance-apps +Then register in the hub: +``` +create_workstream(topic_id="ca369340-a64e-442e-98f1-a4fa7dc74a38", title="...", owner="...", description="...") +create_task(workstream_id="", title="...", priority="high|medium|low") ``` -C-06 creates the hub workplan + tasks and writes `state_hub_workstream_id` / -`state_hub_task_id` back into the file (legacy field names, kept for -compatibility — they hold workplan/task IDs). **Step 5 — Record the setup** ``` add_progress_event( - summary="First session: structured financials into N workplans, M tasks", + summary="First session: structured railiance into N workstreams, M tasks", event_type="milestone", topic_id="ca369340-a64e-442e-98f1-a4fa7dc74a38", - detail={"workplans": [...], "tasks_created": M} + detail={"workstreams": [...], "tasks_created": M} ) ``` diff --git a/.claude/rules/repo-identity.md b/.claude/rules/repo-identity.md index 1185027..1d87748 100644 --- a/.claude/rules/repo-identity.md +++ b/.claude/rules/repo-identity.md @@ -1,5 +1,5 @@ **Purpose:** OAS S5 Workloads & Experience Endpoints — application Helm releases, Gitea, coulomb services -**Domain:** financials +**Domain:** railiance **Repo slug:** railiance-apps **Topic ID:** ca369340-a64e-442e-98f1-a4fa7dc74a38 diff --git a/.claude/rules/session-protocol.md b/.claude/rules/session-protocol.md index 51392df..993fb73 100644 --- a/.claude/rules/session-protocol.md +++ b/.claude/rules/session-protocol.md @@ -1,7 +1,6 @@ ## Session Protocol -Dev Hub (State Hub API): http://127.0.0.1:8000 -MCP server name in `~/.claude.json`: `dev-hub` +State Hub: http://127.0.0.1:8000 **Step 1 — Orient** @@ -11,7 +10,7 @@ cat .custodian-brief.md ``` Then call the MCP tool for richer cross-domain context when MCP tools are exposed: ``` -get_domain_summary("financials") +get_domain_summary("railiance") ``` If MCP tools are unavailable in the current agent session, use the REST API: ```bash @@ -40,11 +39,11 @@ curl -s -X PATCH "http://127.0.0.1:8000/messages//read" \ ls workplans/ ``` For each file with `status: ready`, `active`, or `blocked`, note pending -`wait`/`todo`/`progress` tasks. +`todo`/`in_progress` tasks. **Step 4 — Present brief** -1. **Active workplans** for `financials` — title, task counts, blocking decisions +1. **Active workstreams** for `railiance` — title, task counts, blocking decisions 2. **Pending tasks** from `workplans/` + any `[repo:railiance-apps]` hub tasks 3. **Goal guidance** — if `goal_guidance` in summary: - `needs_workplan`: surface as top action — *"Repo goal '{title}' has no workplan yet"* @@ -52,42 +51,33 @@ For each file with `status: ready`, `active`, or `blocked`, note pending 4. **Suggested next action** — highest-priority open item 5. **SBOM status** — flag if `last_sbom_at` is unset for this repo -If no workplans: follow First Session Protocol (`first-session.md`). +If no workstreams: follow First Session Protocol (`first-session.md`). **During work:** `record_decision()` · `add_progress_event()` · `resolve_decision()` -> State Hub is a *read model*. **Never register workplans or tasks by hand** -> (`create_workplan`, `create_task`, or the legacy `create_workstream`) — write -> the workplan file in `workplans/` and run `fix-consistency`; its C-06 check -> registers the workplan and its tasks in the hub and writes the IDs back into -> the file. Manual registration creates duplicates the moment fix-consistency -> runs. Work structure belongs in repo files (ADR-001). -> -> Terminology: "workstream" is the legacy name for workplan. Some API/frontmatter -> field names keep it for compatibility (`state_hub_workstream_id`, -> `workstream_id` params) — treat them as workplan IDs. +> State Hub is a *read model*. Bootstrap tools (`create_workstream`, `create_task`) +> are First Session Protocol only. Work structure belongs in repo files (ADR-001). **Session close:** With MCP tools: ``` -add_progress_event(summary="...", topic_id="ca369340-a64e-442e-98f1-a4fa7dc74a38", workplan_id="") +add_progress_event(summary="...", topic_id="ca369340-a64e-442e-98f1-a4fa7dc74a38", workstream_id="") ``` Without MCP tools: ```bash curl -s -X POST http://127.0.0.1:8000/progress/ \ -H "Content-Type: application/json" \ - -d '{"topic_id":"ca369340-a64e-442e-98f1-a4fa7dc74a38","workplan_id":"","event_type":"note","summary":"what changed","author":"codex"}' + -d '{"topic_id":"ca369340-a64e-442e-98f1-a4fa7dc74a38","workstream_id":"","event_type":"note","summary":"what changed","author":"codex"}' ``` -If workplan files were modified, ensure the local copy is up to date first, -then sync from the repo checkout: +If workplan files were modified, ensure the local copy is up to date first: ```bash -git pull --ff-only -statehub fix-consistency +git -C pull --ff-only +cd ~/state-hub && make fix-consistency REPO=railiance-apps ``` For repos where implementation runs on a remote machine (e.g. CoulombCore), -use the pull-before-fix mode from any shell with the State Hub CLI: +use the combined target which pulls before fixing: ```bash -statehub fix-consistency --repo railiance-apps --remote +cd ~/state-hub && make fix-consistency-remote REPO=railiance-apps ``` **C-15** (DB task ahead of file) is normal in multi-machine workflows — writeback will sync the file to match DB. **C-16** (repo behind remote) blocks all writes diff --git a/.claude/rules/stack-and-commands.md b/.claude/rules/stack-and-commands.md index 1166d78..dc53ac6 100644 --- a/.claude/rules/stack-and-commands.md +++ b/.claude/rules/stack-and-commands.md @@ -1,20 +1,19 @@ ## Stack -- **Language:** Helm values + Kubernetes manifests, Bash Make targets -- **Key deps:** vergabe-teilnahme (Django) and inter-hub releases, shared apps-pg cnpg cluster, SOPS/age; runs against the S2 cluster on railiance01 + +- **Language:** +- **Key deps:** ## Dev Commands ```bash -make help # list all targets -make check-tools && make check-sops # operator preflight (read-only) -make apps-pg-status # shared DB health (read-only) -make vergabe-dry-run # helm template render, no apply -make vergabe-status # pod / svc / ingress / cert state (read-only) -make vergabe-deploy # production-touching -make vergabe-migrate | vergabe-seed # production-touching (Django management) -make check-inter-hub-image-tag # gate: explicit image tag for prod deploys -``` +# TODO: Fill in the standard commands for this repo -`*-deploy` / `*-migrate` / `*-seed` change production workloads — operator -approval required. Dry-run/status/check targets are safe. +# Install dependencies + +# Run tests + +# Lint / type check + +# Build / package (if applicable) +``` diff --git a/.claude/rules/workplan-convention.md b/.claude/rules/workplan-convention.md index 659020d..3cb10cf 100644 --- a/.claude/rules/workplan-convention.md +++ b/.claude/rules/workplan-convention.md @@ -1,45 +1,28 @@ ## Workplan Convention (ADR-001) -File location: `workplans/RAILIANCE-WP-NNNN-.md` -ID prefix: `RAILIANCE-WP-` +File location: `workplans/railiance-apps-WP-NNNN-.md` +ID prefix: `RAILIANCE-WP` Work items originate as files in this repo **before** being registered in the hub. -Canonical workplan frontmatter statuses are: +Canonical workplan/workstream frontmatter statuses are: `proposed`, `ready`, `active`, `blocked`, `backlog`, `finished`, `archived`. Use `proposed` for a newly drafted plan, `ready` after review against current repo state, and `finished` when implementation is complete. `stalled` and `needs_review` are derived health labels, not stored statuses. Closed workplans may be moved to `workplans/archived/` with a completion-date -prefix: `YYMMDD-RAILIANCE-WP-NNNN-.md`. The frontmatter id remains +prefix: `YYMMDD-railiance-apps-WP-NNNN-.md`. The frontmatter id remains unchanged; the prefix is only for quick visual reference. Small opportunistic tasks discovered during another session use **Ad Hoc Tasks**: -`workplans/ADHOC-YYYY-MM-DD.md`, workplan slug `adhoc-YYYY-MM-DD`, and task ids +`workplans/ADHOC-YYYY-MM-DD.md`, workstream slug `adhoc-YYYY-MM-DD`, and task ids `ADHOC-YYYY-MM-DD-T01`, `T02`, etc. Use adhocs only for low-risk work completed directly. Promote anything requiring analysis, design, approval, dependencies, or multiple planned phases into a normal workplan. Ecosystem todos from other agents arrive as `[repo:railiance-apps]` hub tasks — -visible at session start. Pick one up by creating the workplan file, committing, -and running `statehub fix-consistency` — C-06 registers the workplan in the hub. -Never register by hand with `create_workplan`/`create_workstream`. - -Task blocks use this shape: - -```task -id: RAILIANCE-WP-NNNN-T01 -status: wait | todo | progress | done | cancel -priority: high | medium | low -state_hub_task_id: "" # written by fix-consistency — do not edit -``` - -Status progression is `todo` → `progress` → `done`; use `wait` for waiting or -blocked work and `cancel` for stopped work. - -Workplan frontmatter carries `state_hub_workstream_id` — a legacy field name -kept for compatibility ("workstream" is the old term for workplan); it holds -the hub workplan id and is written by fix-consistency. Do not edit or rename it. +visible at session start. Pick one up by creating the workplan file, then registering +the workstream. diff --git a/.custodian-brief.md b/.custodian-brief.md index b81f6e5..bdfb0a3 100644 --- a/.custodian-brief.md +++ b/.custodian-brief.md @@ -1,8 +1,8 @@ # Custodian Brief — railiance-apps -**Domain:** financials -**Last synced:** 2026-07-01 22:23 UTC +**Domain:** railiance +**Last synced:** 2026-06-15 13:58 UTC **State Hub:** http://127.0.0.1:8000 *(adjust if running on a remote machine)* ## Active Workstreams @@ -13,6 +13,6 @@ ## MCP Orientation (when available) If the state-hub MCP server is reachable, call: -`get_domain_summary("financials")` +`get_domain_summary("railiance")` This provides richer cross-domain context. If the MCP call fails, use this file as your orientation source. diff --git a/.forgejo/workflows/ci-smoke.yaml b/.forgejo/workflows/ci-smoke.yaml deleted file mode 100644 index bd44c56..0000000 --- a/.forgejo/workflows/ci-smoke.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Canonical CI smoke template (tier 1 routing drill). -# Copy to: .forgejo/workflows/ci-smoke.yaml in consumer repos. -name: CI Smoke - -on: - push: - branches: - - main - workflow_dispatch: - -jobs: - host-smoke: - runs-on: self-hosted - steps: - - name: Routing probe (host runner) - run: | - set -eu - echo "repository=${GITHUB_REPOSITORY:-unknown}" - echo "sha=${GITHUB_SHA:-unknown}" - echo "runner=${RUNNER_NAME:-unknown}" - uname -a - - container-smoke: - runs-on: ubuntu-latest - steps: - - name: Routing probe (container label) - run: | - set -eu - echo "container-smoke ok for ${GITHUB_REPOSITORY:-unknown}" \ No newline at end of file diff --git a/AGENTS.md b/AGENTS.md index d432ef6..48af712 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -2,9 +2,9 @@ ## Repo Identity -**Purpose:** OAS S5 Workloads & Experience Endpoints — application Helm releases, Gitea, coulomb services +**Purpose:** OAS S5 Workloads & Experience Endpoints — application Helm releases, app runbooks, and deployment guardrails -**Domain:** financials +**Domain:** railiance **Repo slug:** railiance-apps **Topic ID:** `ca369340-a64e-442e-98f1-a4fa7dc74a38` **Workplan prefix:** `RAILIANCE-WP-` @@ -20,12 +20,6 @@ there is no MCP server for Codex agents. |---------|-----| | Local workstation | `http://127.0.0.1:8000` | | Remote via tunnel | `http://127.0.0.1:18000` | -| Optional local edge relay | http://127.0.0.1:18080 | - -When an operator has enabled the edge relay, set API_BASE to the relay URL. -Queueable writes return an explicit queued receipt if the central hub is -unreachable. Treat that as pending local evidence, then ask the operator to run -statehub outbox status/replay after connectivity returns. ### Orient at session start @@ -33,8 +27,8 @@ statehub outbox status/replay after connectivity returns. # Offline brief — works without hub connection cat .custodian-brief.md -# Active workplans for this domain -curl -s "http://127.0.0.1:8000/workplans/?topic_id=ca369340-a64e-442e-98f1-a4fa7dc74a38&status=active" \ +# Active workstreams for this domain +curl -s "http://127.0.0.1:8000/workstreams/?topic_id=ca369340-a64e-442e-98f1-a4fa7dc74a38&status=active" \ | python3 -m json.tool # Check inbox @@ -57,12 +51,12 @@ curl -s -X POST http://127.0.0.1:8000/progress/ \ "summary": "what was done", "event_type": "note", "author": "codex", - "workplan_id": "", + "workstream_id": "", "task_id": "" }' ``` -Omit `workplan_id` / `task_id` when not applicable. +Omit `workstream_id` / `task_id` when not applicable. ### Update task status @@ -86,10 +80,10 @@ curl -s -X PATCH "http://127.0.0.1:8000/tasks/" \ ## Session Protocol **Start:** -1. `cat .custodian-brief.md` — domain goal and open workplans (offline-safe) +1. `cat .custodian-brief.md` — domain goal and open workstreams (offline-safe) 2. Check inbox: `GET /messages/?to_agent=railiance-apps&unread_only=true`; mark read 3. Scan workplans: `ls workplans/` — note `status: ready`, `active`, or `blocked` files and open tasks -4. Check human-needed tasks: `GET /tasks/?needs_human=true` +4. Check blocked tasks: `GET /tasks/?needs_human=true` **During work:** - Update task statuses in workplan files as tasks progress @@ -98,12 +92,12 @@ curl -s -X PATCH "http://127.0.0.1:8000/tasks/" \ **Close:** 1. Update workplan file task statuses to reflect progress 2. Log: `POST /progress/` with a summary of what changed -3. After workplan file changes, run: +3. Note for the custodian operator: after workplan file changes, run from + `~/state-hub`: ```bash - statehub fix-consistency + make fix-consistency REPO=railiance-apps ``` - Coding agents should run this directly; ask the operator only if the CLI or - State Hub API is unavailable. This syncs task status from files into the hub DB. + This syncs task status from files into the hub DB. --- @@ -129,7 +123,7 @@ Requires the `warden` CLI from `~/ops-warden` (`uv tool install .` or `uv run wa | Agent runtime | How to orient | | --- | --- | | **Codex / Grok** (shell, HTTP State Hub) | `warden route` commands above; inbox `to_agent=railiance-apps` is for coordination, not secret vending | -| **Claude Code** (MCP when available) | `get_domain_summary("custodian")` for workplans; **still** use `warden route` for credential ownership | +| **Claude Code** (MCP when available) | `get_domain_summary("custodian")` for workstreams; **still** use `warden route` for credential ownership | | **llm-connect** (inference service) | Never put secret retrieval in prompts; route custody to OpenBao/operator paths surfaced by `warden route` | ### Quick routing table @@ -157,11 +151,6 @@ every repo's agent instructions because it is high-frequency, high-risk, and eas get wrong. **Canon:** `~/ops-warden/wiki/CredentialRouting.md` · catalog `~/ops-warden/registry/routing/catalog.yaml` - - - - --- ## Workplan Convention (ADR-001) @@ -187,7 +176,7 @@ anything needing analysis, design, approval, dependencies, or multiple phases. id: RAILIANCE-WP-NNNN type: workplan title: "..." -domain: financials +domain: railiance repo: railiance-apps status: proposed | ready | active | blocked | backlog | finished | archived owner: codex @@ -217,7 +206,7 @@ state_hub_task_id: "" # written by fix-consistency — do not edit Task description text. ``` -Status progression: `todo` → `progress` → `done`; use `wait` for waiting/blocked work and `cancel` for stopped work. +Status progression: `wait` → `todo` → `progress` → `done` (or `cancel`) To create a new workplan: 1. Write the file following the format above diff --git a/Makefile b/Makefile index fb4d1ba..8fd33a1 100644 --- a/Makefile +++ b/Makefile @@ -32,26 +32,10 @@ REUSE_CERTIFICATE ?= reuse-surface-tls RAILIANCE01_KUBECONFIG ?= $(HOME)/.kube/config-hosteurope INTER_HUB_KUBECONFIG ?= $(RAILIANCE01_KUBECONFIG) REUSE_KUBECONFIG ?= $(RAILIANCE01_KUBECONFIG) -FORGEJO_KUBECONFIG ?= $(RAILIANCE01_KUBECONFIG) -FORGEJO_RELEASE ?= forgejo -FORGEJO_NAMESPACE ?= forgejo -FORGEJO_CHART ?= gitea-charts/gitea -# Forgejo 11.x (Gitea 1.22) lacks `gitea config edit-ini`; chart 12.6+ requires Gitea 1.26+. -FORGEJO_CHART_VERSION ?= 12.5.0 -FORGEJO_VALUES ?= helm/forgejo-values.yaml -FORGEJO_REGISTRY_VALUES ?= helm/forgejo-registry-values.yaml -FORGEJO_SECRETS ?= helm/forgejo-secrets.sops.yaml -FORGEJO_INGRESS ?= manifests/forgejo-ingress.yaml -FORGEJO_SSH_NODEPORT ?= manifests/forgejo-ssh-nodeport.yaml -FORGEJO_BASE_URL ?= https://forgejo.coulomb.social -FORGEJO_DB_CLUSTER ?= forgejo-db -FORGEJO_DB_NAMESPACE ?= databases -FORGEJO_RUNNER_MANIFEST ?= manifests/forgejo-runner.yaml -FORGEJO_RUNNER_REGISTRATION_SECRET ?= helm/forgejo-runner-registration.sops.yaml INTER_HUB_IMAGE_REF = $(INTER_HUB_IMAGE_REPOSITORY):$(INTER_HUB_IMAGE_TAG) INTER_HUB_IMAGE_SET_ARG = $(if $(strip $(INTER_HUB_IMAGE_TAG)),--set image.tag=$(INTER_HUB_IMAGE_TAG),) -SOPS_SENTINEL ?= $(FORGEJO_SECRETS) +SOPS_SENTINEL ?= DRY_RUN_CREATE_NAMESPACES ?= false ##@ Operator checks @@ -169,75 +153,6 @@ inter-hub-smoke: ## Verify public inter-hub v2 route and OpenAPI surface after r inter-hub-logs: check-railiance01-kubeconfig ## Tail inter-hub app logs from Railiance01 KUBECONFIG="$(INTER_HUB_KUBECONFIG)" kubectl logs -n $(INTER_HUB_NAMESPACE) -l app=$(INTER_HUB_RELEASE) -f --tail=50 -##@ Forgejo (forgejo.coulomb.social) - -forgejo-dry-run: check-railiance01-kubeconfig check-sops ## helm template render for Forgejo - KUBECONFIG="$(FORGEJO_KUBECONFIG)" helm template $(FORGEJO_RELEASE) $(FORGEJO_CHART) \ - --version $(FORGEJO_CHART_VERSION) \ - --namespace $(FORGEJO_NAMESPACE) \ - -f $(FORGEJO_VALUES) \ - -f $(FORGEJO_REGISTRY_VALUES) \ - -f <(sops -d $(FORGEJO_SECRETS)) - -forgejo-server-dry-run: check-railiance01-kubeconfig check-sops ## Helm server dry-run Forgejo upgrade - KUBECONFIG="$(FORGEJO_KUBECONFIG)" helm upgrade --install $(FORGEJO_RELEASE) $(FORGEJO_CHART) \ - --version $(FORGEJO_CHART_VERSION) \ - --namespace $(FORGEJO_NAMESPACE) --create-namespace \ - -f $(FORGEJO_VALUES) \ - -f $(FORGEJO_REGISTRY_VALUES) \ - -f <(sops -d $(FORGEJO_SECRETS)) \ - --dry-run=server --timeout 5m - -forgejo-deploy: check-railiance01-kubeconfig check-sops ## Deploy / upgrade Forgejo on railiance01 - KUBECONFIG="$(FORGEJO_KUBECONFIG)" helm repo add gitea-charts https://dl.gitea.com/charts/ --force-update - KUBECONFIG="$(FORGEJO_KUBECONFIG)" helm upgrade --install $(FORGEJO_RELEASE) $(FORGEJO_CHART) \ - --version $(FORGEJO_CHART_VERSION) \ - --namespace $(FORGEJO_NAMESPACE) --create-namespace \ - -f $(FORGEJO_VALUES) \ - -f $(FORGEJO_REGISTRY_VALUES) \ - -f <(sops -d $(FORGEJO_SECRETS)) \ - --wait --timeout 10m - -forgejo-ingress-deploy: check-railiance01-kubeconfig ## Apply Forgejo HTTPS ingress - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl apply -f $(FORGEJO_INGRESS) - -forgejo-ssh-nodeport-deploy: check-railiance01-kubeconfig ## Apply Forgejo SSH NodePort (30022) - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl apply -f $(FORGEJO_SSH_NODEPORT) - -forgejo-status: check-railiance01-kubeconfig ## Show Forgejo pods, svc, ingress, cert, database - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl get pods,svc,ingress,certificate,pvc -n $(FORGEJO_NAMESPACE) --ignore-not-found - @if KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl cnpg status $(FORGEJO_DB_CLUSTER) -n $(FORGEJO_DB_NAMESPACE) >/dev/null 2>&1; then \ - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl cnpg status $(FORGEJO_DB_CLUSTER) -n $(FORGEJO_DB_NAMESPACE); \ - else \ - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl get cluster $(FORGEJO_DB_CLUSTER) -n $(FORGEJO_DB_NAMESPACE) --ignore-not-found; \ - fi - -forgejo-smoke: ## Verify Forgejo web and OCI registry challenge - FORGEJO_BASE_URL="$(FORGEJO_BASE_URL)" tools/forgejo-smoke.sh - -forgejo-logs: check-railiance01-kubeconfig ## Tail Forgejo application logs - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl logs -n $(FORGEJO_NAMESPACE) -l app.kubernetes.io/instance=$(FORGEJO_RELEASE) -f --tail=50 - -forgejo-runner-registration-deploy: check-railiance01-kubeconfig check-sops ## Apply SOPS runner registration secret - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl apply -f <(sops -d $(FORGEJO_RUNNER_REGISTRATION_SECRET)) - -forgejo-runner-deploy: check-railiance01-kubeconfig ## Deploy in-cluster Forgejo Actions runner (ADR-004) - @test -n "$$(KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl get secret forgejo-runner-registration -n $(FORGEJO_NAMESPACE) -o name 2>/dev/null)" || { \ - echo "Missing secret forgejo-runner-registration in $(FORGEJO_NAMESPACE)." >&2; \ - echo "Apply helm/forgejo-runner-registration.sops.yaml or bootstrap once:" >&2; \ - echo " kubectl create secret generic forgejo-runner-registration -n forgejo --from-literal=token=" >&2; \ - exit 1; \ - } - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl apply -f $(FORGEJO_RUNNER_MANIFEST) - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl rollout status deployment/forgejo-runner -n $(FORGEJO_NAMESPACE) --timeout=5m - -forgejo-runner-status: check-railiance01-kubeconfig ## Show in-cluster runner pod and PVC state - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl get deploy,pods,pvc -n $(FORGEJO_NAMESPACE) -l app.kubernetes.io/name=forgejo-runner --ignore-not-found - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl logs -n $(FORGEJO_NAMESPACE) deploy/forgejo-runner -c runner --tail=20 2>/dev/null || true - -forgejo-runner-logs: check-railiance01-kubeconfig ## Tail in-cluster runner logs - KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl logs -n $(FORGEJO_NAMESPACE) deploy/forgejo-runner -c runner -f --tail=50 - ##@ reuse-surface (reuse.coulomb.social) reuse-dry-run: check-railiance01-kubeconfig ## helm template render (no apply) for reuse-surface @@ -268,4 +183,4 @@ help: ## Show this help /^[a-zA-Z0-9_-]+:.*?##/ { printf " \033[36m%-20s\033[0m %s\n", $$1, $$2 } \ /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) }' $(MAKEFILE_LIST) -.PHONY: check-tools check-sops k8s-server-dry-run apps-pg-status check-railiance01-kubeconfig check-inter-hub-image-tag check-inter-hub-image vergabe-dry-run vergabe-deploy vergabe-ingress-deploy vergabe-status vergabe-migrate vergabe-seed vergabe-superuser vergabe-logs vergabe-db-url-secret forgejo-dry-run forgejo-server-dry-run forgejo-deploy forgejo-ingress-deploy forgejo-ssh-nodeport-deploy forgejo-status forgejo-smoke forgejo-logs forgejo-runner-registration-deploy forgejo-runner-deploy forgejo-runner-status forgejo-runner-logs inter-hub-render-baseline inter-hub-dry-run inter-hub-server-dry-run inter-hub-deploy inter-hub-status inter-hub-release-info inter-hub-smoke inter-hub-logs reuse-dry-run reuse-deploy reuse-status reuse-smoke reuse-logs help +.PHONY: check-tools check-sops k8s-server-dry-run apps-pg-status check-railiance01-kubeconfig check-inter-hub-image-tag check-inter-hub-image vergabe-dry-run vergabe-deploy vergabe-ingress-deploy vergabe-status vergabe-migrate vergabe-seed vergabe-superuser vergabe-logs vergabe-db-url-secret inter-hub-render-baseline inter-hub-dry-run inter-hub-server-dry-run inter-hub-deploy inter-hub-status inter-hub-release-info inter-hub-smoke inter-hub-logs reuse-dry-run reuse-deploy reuse-status reuse-smoke reuse-logs help diff --git a/docs/forgejo-on-railiance01.md b/docs/forgejo-on-railiance01.md deleted file mode 100644 index 1f228fd..0000000 --- a/docs/forgejo-on-railiance01.md +++ /dev/null @@ -1,93 +0,0 @@ -# Forgejo on railiance01 - -Production source forge at **`https://forgejo.coulomb.social`**. - -Mirrors the coulombcore Gitea pattern (`railiance-forge`) but targets -**railiance01** using the same OAS split as other S5 apps (`inter-hub`, -`reuse-surface`). - -## Layer ownership - -| Layer | Repo | Concern | -| --- | --- | --- | -| S3 | `railiance-platform` | `forgejo-db` CNPG cluster + network policies | -| S5 | `railiance-apps` | Helm release, ingress, operator Makefile | -| S2 | `railiance-cluster` | Traefik, cert-manager, cnpg operator | - -Hostname decision: `the-custodian/docs/forgejo-production-decisions.md`. - -## Hosts - -| Item | Value | -| --- | --- | -| Server | railiance01 `92.205.62.239` | -| Namespace | `forgejo` | -| Helm release | `forgejo` | -| HTTP service | `forgejo-gitea-http` (chart naming; ingress must target this) | -| Chart | `gitea-charts/gitea` **12.5.0** (Forgejo-compatible; 12.6+ needs Gitea 1.26 `config edit-ini`) | -| Image | `code.forgejo.org/forgejo/forgejo:11.0.3` | -| Database | `forgejo-db-rw.databases.svc.cluster.local:5432` | -| Kubeconfig | `~/.kube/config-hosteurope` | - -## Bootstrap (first deploy) - -### 1. Database credentials (platform) - -```bash -cd ~/railiance-platform -# One-time: create and SOPS-encrypt helm/forgejo-db-secret.sops.yaml from template -KUBECONFIG=~/.kube/config-hosteurope make forgejo-db-deploy -KUBECONFIG=~/.kube/config-hosteurope make forgejo-db-status -``` - -### 2. Application secrets (apps) - -```bash -cd ~/railiance-apps -# Encrypt helm/forgejo-secrets.sops.yaml from template (DB PASSWD must match platform secret) -make check-sops -``` - -### 3. Deploy Forgejo - -```bash -cd ~/railiance-apps -make forgejo-dry-run -make forgejo-deploy -make forgejo-ingress-deploy -make forgejo-ssh-nodeport-deploy # optional; git+ssh via nodePort 30022 -# In-cluster Actions runner (ADR-004, railiance-infra/docs/adr/ADR-004-...) -# One-time: encrypt helm/forgejo-runner-registration.sops.yaml from template -make forgejo-runner-registration-deploy -make forgejo-runner-deploy -make forgejo-status -make forgejo-smoke -make forgejo-runner-status -``` - -## Upgrade notes - -- Pin `FORGEJO_CHART_VERSION=12.5.0` — chart 12.6+ requires Gitea 1.26 `config edit-ini`. -- `strategy.type: Recreate` in `helm/forgejo-values.yaml` — avoids leveldb queue lock - on the shared RWO PVC during rolling updates. -- Actions enabled via `gitea.config.actions.ENABLED: true`. -- Ingress backend service name is `forgejo-gitea-http` (Helm release naming). - -## Day-2 operator targets - -```bash -make forgejo-status -make forgejo-logs -make forgejo-smoke -``` - -## Coexistence with Gitea - -Gitea on coulombcore remains canonical until `RAIL-HO-WP-0005` migration drills -and cutover pass. Do not repoint repo remotes until Wave 1 cutover is approved. - -## Related - -- Gitea reference: `~/railiance-forge/Makefile` (`gitea-deploy`) -- Drain plan: `the-custodian/docs/coulombcore-drain-placement-plan.md` Wave 1 -- Onboarding checklist: `docs/s5-app-onboarding-checklist.md` \ No newline at end of file diff --git a/helm/forgejo-registry-values.yaml b/helm/forgejo-registry-values.yaml deleted file mode 100644 index c4d27c1..0000000 --- a/helm/forgejo-registry-values.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# Public endpoint and package registry settings for Forgejo on railiance01. -service: - http: - type: ClusterIP - -gitea: - config: - packages: - ENABLED: true - LIMIT_SIZE_CONTAINER: -1 - repository: - DISABLED_REPO_UNITS: "" - server: - ROOT_URL: "https://forgejo.coulomb.social/" \ No newline at end of file diff --git a/helm/forgejo-runner-registration.sops.yaml.template b/helm/forgejo-runner-registration.sops.yaml.template deleted file mode 100644 index 261f1bc..0000000 --- a/helm/forgejo-runner-registration.sops.yaml.template +++ /dev/null @@ -1,15 +0,0 @@ -# Encrypt as helm/forgejo-runner-registration.sops.yaml, then: -# kubectl apply -f <(sops -d helm/forgejo-runner-registration.sops.yaml) -# -# Generate token (one-time, do not commit plaintext): -# kubectl exec -n forgejo deploy/forgejo-gitea -- \ -# forgejo actions generate-runner-token --scope coulomb ---- -apiVersion: v1 -kind: Secret -metadata: - name: forgejo-runner-registration - namespace: forgejo -type: Opaque -stringData: - token: REPLACE_WITH_RUNNER_REGISTRATION_TOKEN \ No newline at end of file diff --git a/helm/forgejo-secrets.sops.yaml.template b/helm/forgejo-secrets.sops.yaml.template deleted file mode 100644 index 80a77e7..0000000 --- a/helm/forgejo-secrets.sops.yaml.template +++ /dev/null @@ -1,15 +0,0 @@ -# Encrypt as helm/forgejo-secrets.sops.yaml before production deploy. -# Contains database PASSWD and admin password consumed by the gitea chart. -# -# gitea: -# admin: -# password: -# config: -# database: -# PASSWD: -gitea: - admin: - password: REPLACE_WITH_ADMIN_PASSWORD - config: - database: - PASSWD: REPLACE_WITH_DB_PASSWORD \ No newline at end of file diff --git a/helm/forgejo-values.yaml b/helm/forgejo-values.yaml deleted file mode 100644 index 0d40017..0000000 --- a/helm/forgejo-values.yaml +++ /dev/null @@ -1,53 +0,0 @@ -# Non-secret Forgejo Helm values (gitea-charts/gitea chart + Forgejo image). -# Layer helm/forgejo-secrets.sops.yaml for database password and admin credentials. -# Recreate avoids leveldb queue lock fights on the shared RWO PVC during upgrades. -strategy: - type: Recreate - -service: - http: - type: ClusterIP - -image: - registry: code.forgejo.org - repository: forgejo/forgejo - tag: "11.0.3" - rootless: true - -persistence: - enabled: true - size: 10Gi - -postgresql: - enabled: false - -postgresql-ha: - enabled: false - -redis-cluster: - enabled: false - -valkey-cluster: - enabled: false - -gitea: - admin: - username: forgejo_admin - email: admin@coulomb.social - passwordMode: initialOnlyRequireReset - config: - database: - DB_TYPE: postgres - HOST: forgejo-db-rw.databases.svc.cluster.local:5432 - NAME: forgejo - USER: forgejo - server: - DOMAIN: forgejo.coulomb.social - SSH_DOMAIN: forgejo.coulomb.social - SSH_PORT: 22 - SSH_LISTEN_PORT: 2222 - DISABLE_SSH: false - service: - DISABLE_REGISTRATION: true - actions: - ENABLED: true \ No newline at end of file diff --git a/manifests/forgejo-ingress.yaml b/manifests/forgejo-ingress.yaml deleted file mode 100644 index 8d2a52c..0000000 --- a/manifests/forgejo-ingress.yaml +++ /dev/null @@ -1,45 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: forgejo - namespace: forgejo - labels: - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - app.kubernetes.io/part-of: railiance-apps - railiance/component: forgejo-public-endpoint - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" -spec: - ingressClassName: traefik - rules: - - host: forgejo.coulomb.social - http: - paths: - - path: /api/packages - pathType: Prefix - backend: - service: - name: forgejo-gitea-http - port: - number: 3000 - - path: /v2 - pathType: Prefix - backend: - service: - name: forgejo-gitea-http - port: - number: 3000 - - path: / - pathType: Prefix - backend: - service: - name: forgejo-gitea-http - port: - number: 3000 - tls: - - hosts: - - forgejo.coulomb.social - secretName: forgejo-tls \ No newline at end of file diff --git a/manifests/forgejo-runner.yaml b/manifests/forgejo-runner.yaml deleted file mode 100644 index 3db38ea..0000000 --- a/manifests/forgejo-runner.yaml +++ /dev/null @@ -1,142 +0,0 @@ -# In-cluster Forgejo Actions runner (ADR-004). -# DinD sidecar + forgejo-runner; registration via init container on first boot. ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: forgejo-runner-data - namespace: forgejo - labels: - app.kubernetes.io/name: forgejo-runner - app.kubernetes.io/part-of: railiance-apps -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 5Gi - storageClassName: local-path ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: forgejo-runner-init - namespace: forgejo - labels: - app.kubernetes.io/name: forgejo-runner -data: - register.sh: | - #!/bin/sh - set -eu - cd /data - if [ ! -f config.yaml ]; then - forgejo-runner generate-config > config.yaml - fi - if [ ! -f .runner ]; then - forgejo-runner register --no-interactive \ - --config /data/config.yaml \ - --instance "${FORGEJO_INSTANCE}" \ - --token "${REGISTRATION_TOKEN}" \ - --name "${RUNNER_NAME}" \ - --labels "${RUNNER_LABELS}" - fi ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: forgejo-runner - namespace: forgejo - labels: - app.kubernetes.io/name: forgejo-runner - app.kubernetes.io/part-of: railiance-apps -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/name: forgejo-runner - template: - metadata: - labels: - app.kubernetes.io/name: forgejo-runner - spec: - securityContext: - fsGroup: 1000 - initContainers: - - name: register - image: code.forgejo.org/forgejo/runner:6.3.1 - imagePullPolicy: IfNotPresent - command: ["/bin/sh", "/scripts/register.sh"] - env: - - name: FORGEJO_INSTANCE - value: "https://forgejo.coulomb.social/" - - name: RUNNER_NAME - value: "railiance01-build-01" - - name: RUNNER_LABELS - value: "self-hosted:host,linux:host,linux_amd64:host,container-build:host,registry-publish:host,railiance01:host,ubuntu-latest:docker://node:20-bookworm,docker:docker://node:20-bookworm" - - name: REGISTRATION_TOKEN - valueFrom: - secretKeyRef: - name: forgejo-runner-registration - key: token - volumeMounts: - - name: data - mountPath: /data - - name: init-scripts - mountPath: /scripts - readOnly: true - containers: - - name: dind - image: docker:27-dind - imagePullPolicy: IfNotPresent - securityContext: - privileged: true - env: - - name: DOCKER_TLS_CERTDIR - value: "" - args: - - dockerd - - -H - - tcp://0.0.0.0:2375 - - --tls=false - readinessProbe: - tcpSocket: - port: 2375 - initialDelaySeconds: 10 - periodSeconds: 10 - - name: runner - image: code.forgejo.org/forgejo/runner:6.3.1 - imagePullPolicy: IfNotPresent - env: - - name: DOCKER_HOST - value: tcp://127.0.0.1:2375 - command: ["/bin/sh", "-c"] - args: - - | - set -eu - echo "waiting for DinD..." - for i in $(seq 1 90); do - if wget -q -O- http://127.0.0.1:2375/_ping 2>/dev/null | grep -q OK; then - echo "DinD ready" - break - fi - sleep 2 - done - exec forgejo-runner daemon --config /data/config.yaml - volumeMounts: - - name: data - mountPath: /data - readinessProbe: - exec: - command: ["/bin/sh", "-c", "wget -q -O- http://127.0.0.1:2375/_ping | grep -q OK"] - initialDelaySeconds: 15 - periodSeconds: 30 - volumes: - - name: data - persistentVolumeClaim: - claimName: forgejo-runner-data - - name: init-scripts - configMap: - name: forgejo-runner-init - defaultMode: 0555 \ No newline at end of file diff --git a/manifests/forgejo-ssh-nodeport.yaml b/manifests/forgejo-ssh-nodeport.yaml deleted file mode 100644 index 42998e2..0000000 --- a/manifests/forgejo-ssh-nodeport.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Git/SSH access for Forgejo (NodePort pattern mirrors coulombcore Gitea). -apiVersion: v1 -kind: Service -metadata: - name: forgejo-ssh-nodeport - namespace: forgejo - labels: - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - app.kubernetes.io/part-of: railiance-apps -spec: - type: NodePort - selector: - app.kubernetes.io/instance: forgejo - app.kubernetes.io/name: gitea - ports: - - name: ssh - port: 22 - targetPort: 2222 - nodePort: 30022 - protocol: TCP \ No newline at end of file diff --git a/tools/forgejo-smoke.sh b/tools/forgejo-smoke.sh deleted file mode 100755 index 582680e..0000000 --- a/tools/forgejo-smoke.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -BASE_URL="${FORGEJO_BASE_URL:-https://forgejo.coulomb.social}" - -curl -fsS "${BASE_URL}/" -o /dev/null -w "root_http=%{http_code}\n" -# HEAD returns 405 on Forgejo/Gitea; GET returns 401 + Docker-Distribution-Api-Version. -curl -sSI -X GET "${BASE_URL}/v2/" | awk 'BEGIN{code=""; ok=0} /^HTTP/{code=$2} /^[Dd]ocker-[Dd]istribution-[Aa]pi-[Vv]ersion:/{ok=1; print "registry_challenge=ok"} END{if (code=="" || !ok) exit 1; if (code!="401" && code!="200") {print "registry_http=" code; exit 1} else {print "registry_http=" code}}' -echo "forgejo smoke ok: ${BASE_URL}" \ No newline at end of file diff --git a/workplans/archived/260702-RAILIANCE-WP-0005-s5-app-release-readiness.md b/workplans/RAILIANCE-WP-0005-s5-app-release-readiness.md similarity index 99% rename from workplans/archived/260702-RAILIANCE-WP-0005-s5-app-release-readiness.md rename to workplans/RAILIANCE-WP-0005-s5-app-release-readiness.md index c9b8435..6db934a 100644 --- a/workplans/archived/260702-RAILIANCE-WP-0005-s5-app-release-readiness.md +++ b/workplans/RAILIANCE-WP-0005-s5-app-release-readiness.md @@ -2,7 +2,7 @@ id: RAILIANCE-WP-0005 type: workplan title: "S5 app release readiness and scope alignment" -domain: financials +domain: railiance repo: railiance-apps status: finished owner: codex diff --git a/workplans/archived/260702-RAILIANCE-WP-0006-railiance-forge-extraction.md b/workplans/RAILIANCE-WP-0006-railiance-forge-extraction.md similarity index 99% rename from workplans/archived/260702-RAILIANCE-WP-0006-railiance-forge-extraction.md rename to workplans/RAILIANCE-WP-0006-railiance-forge-extraction.md index ff3614f..73d9e4a 100644 --- a/workplans/archived/260702-RAILIANCE-WP-0006-railiance-forge-extraction.md +++ b/workplans/RAILIANCE-WP-0006-railiance-forge-extraction.md @@ -2,7 +2,7 @@ id: RAILIANCE-WP-0006 type: workplan title: "Extract railiance-forge and formalize forge-layer contracts" -domain: financials +domain: railiance repo: railiance-apps status: finished owner: codex diff --git a/workplans/archived/260702-RAILIANCE-WP-0007-reuse-surface-hub-on-railiance01.md b/workplans/RAILIANCE-WP-0007-reuse-surface-hub-on-railiance01.md similarity index 99% rename from workplans/archived/260702-RAILIANCE-WP-0007-reuse-surface-hub-on-railiance01.md rename to workplans/RAILIANCE-WP-0007-reuse-surface-hub-on-railiance01.md index c973463..b88ca77 100644 --- a/workplans/archived/260702-RAILIANCE-WP-0007-reuse-surface-hub-on-railiance01.md +++ b/workplans/RAILIANCE-WP-0007-reuse-surface-hub-on-railiance01.md @@ -2,7 +2,7 @@ id: RAILIANCE-WP-0007 type: workplan title: "Deploy reuse-surface federation service on railiance01" -domain: financials +domain: railiance repo: railiance-apps status: finished owner: codex diff --git a/workplans/archived/260702-RAILIANCE-WP-0008-service-landing-pages.md b/workplans/RAILIANCE-WP-0008-service-landing-pages.md similarity index 99% rename from workplans/archived/260702-RAILIANCE-WP-0008-service-landing-pages.md rename to workplans/RAILIANCE-WP-0008-service-landing-pages.md index bf8c7bd..78a7695 100644 --- a/workplans/archived/260702-RAILIANCE-WP-0008-service-landing-pages.md +++ b/workplans/RAILIANCE-WP-0008-service-landing-pages.md @@ -2,7 +2,7 @@ id: RAILIANCE-WP-0008 type: workplan title: "Add friendly landing pages for S5 service endpoints" -domain: financials +domain: railiance repo: railiance-apps status: finished owner: codex diff --git a/workplans/archived/260702-RAILIANCE-WP-0009-inter-hub-chart-handoff.md b/workplans/RAILIANCE-WP-0009-inter-hub-chart-handoff.md similarity index 97% rename from workplans/archived/260702-RAILIANCE-WP-0009-inter-hub-chart-handoff.md rename to workplans/RAILIANCE-WP-0009-inter-hub-chart-handoff.md index cbc76fb..eff2009 100644 --- a/workplans/archived/260702-RAILIANCE-WP-0009-inter-hub-chart-handoff.md +++ b/workplans/RAILIANCE-WP-0009-inter-hub-chart-handoff.md @@ -2,7 +2,7 @@ id: RAILIANCE-WP-0009 type: workplan title: "Inter-hub chart handoff" -domain: financials +domain: railiance repo: railiance-apps status: finished owner: codex diff --git a/workplans/archived/260702-RAILIANCE-WP-0010-inbox-suggestion-guardrails.md b/workplans/RAILIANCE-WP-0010-inbox-suggestion-guardrails.md similarity index 98% rename from workplans/archived/260702-RAILIANCE-WP-0010-inbox-suggestion-guardrails.md rename to workplans/RAILIANCE-WP-0010-inbox-suggestion-guardrails.md index dfd4898..2c4381c 100644 --- a/workplans/archived/260702-RAILIANCE-WP-0010-inbox-suggestion-guardrails.md +++ b/workplans/RAILIANCE-WP-0010-inbox-suggestion-guardrails.md @@ -2,7 +2,7 @@ id: RAILIANCE-WP-0010 type: workplan title: "Inbox suggestion guardrails" -domain: financials +domain: railiance repo: railiance-apps status: finished owner: codex diff --git a/workplans/archived/260702-RAILIANCE-WP-0011-inter-hub-production-trigger-hardening.md b/workplans/RAILIANCE-WP-0011-inter-hub-production-trigger-hardening.md similarity index 99% rename from workplans/archived/260702-RAILIANCE-WP-0011-inter-hub-production-trigger-hardening.md rename to workplans/RAILIANCE-WP-0011-inter-hub-production-trigger-hardening.md index 9dd177a..be3dfc7 100644 --- a/workplans/archived/260702-RAILIANCE-WP-0011-inter-hub-production-trigger-hardening.md +++ b/workplans/RAILIANCE-WP-0011-inter-hub-production-trigger-hardening.md @@ -2,7 +2,7 @@ id: RAILIANCE-WP-0011 type: workplan title: "Inter-Hub production trigger hardening" -domain: financials +domain: railiance repo: railiance-apps status: finished owner: codex diff --git a/workplans/archived/260702-railiance-apps-WP-0002-vergabe-teilnahme-on-railiance01.md b/workplans/railiance-apps-WP-0002-vergabe-teilnahme-on-railiance01.md similarity index 99% rename from workplans/archived/260702-railiance-apps-WP-0002-vergabe-teilnahme-on-railiance01.md rename to workplans/railiance-apps-WP-0002-vergabe-teilnahme-on-railiance01.md index 4cc999f..c3c6431 100644 --- a/workplans/archived/260702-railiance-apps-WP-0002-vergabe-teilnahme-on-railiance01.md +++ b/workplans/railiance-apps-WP-0002-vergabe-teilnahme-on-railiance01.md @@ -2,7 +2,7 @@ id: RAILIANCE-WP-0002 type: workplan title: "Establish vergabe-teilnahme as an Application on railiance01" -domain: financials +domain: railiance repo: railiance-apps status: finished owner: railiance diff --git a/workplans/archived/260702-railiance-apps-WP-0004-app-deployment-improvements.md b/workplans/railiance-apps-WP-0004-app-deployment-improvements.md similarity index 99% rename from workplans/archived/260702-railiance-apps-WP-0004-app-deployment-improvements.md rename to workplans/railiance-apps-WP-0004-app-deployment-improvements.md index ce9bd16..ddaaf37 100644 --- a/workplans/archived/260702-railiance-apps-WP-0004-app-deployment-improvements.md +++ b/workplans/railiance-apps-WP-0004-app-deployment-improvements.md @@ -2,7 +2,7 @@ id: RAILIANCE-WP-0004 type: workplan title: "App deployment improvements (lessons from RAILIANCE-WP-0002)" -domain: financials +domain: railiance repo: railiance-apps status: finished owner: railiance