feat(canary): deploy r001 app surface on sol
All checks were successful
deploy-trade-r001-canary / apply (push) Successful in 1m1s

This commit is contained in:
mpabi
2026-04-12 17:18:42 +02:00
parent 060dcc38a6
commit 6672e1043d
19 changed files with 4511 additions and 3 deletions

View File

@@ -7,6 +7,7 @@ Minimal canary namespace for migration baseline `R001` on `sol`.
- Reserve a dedicated namespace for the first reconstructed trade deployment.
- Put hard upper bounds on namespace-level CPU, memory, object count, and PVC growth before application manifests land.
- Verify that workloads in the namespace can resolve and reach the shared `trade-infra` services for `Postgres` and `Redis`.
- Recreate the `R001` application surface in a controlled way: `Hasura`, `trade-api`, and `trade-frontend`.
## Current Guardrails
@@ -30,7 +31,28 @@ Minimal canary namespace for migration baseline `R001` on `sol`.
## Notes
- This namespace is intentionally conservative until item `14` and the validator protection envelope are fully defined.
- The namespace does not yet recreate `gitea-registry`; that remains a separate migration prerequisite.
- Current shared infrastructure endpoints expected by canary workloads:
- `postgres-host.trade-infra.svc.cluster.local:5432`
- `redis-host.trade-infra.svc.cluster.local:6379`
## Application Surface
- `postgres` in this namespace is an `ExternalName` alias that points to `postgres-host.trade-infra.svc.cluster.local`.
- `Hasura` uses the live `R001` secrets copied from `trade-staging`, but connects to the host `Postgres` on `sol`.
- `trade-api` and `trade-frontend` use the current live images from Gitea registry and the same bootstrap wrapper/config pattern as the source environment.
- The canary workflow re-runs:
- `postgres-migrate`
- `hasura-bootstrap`
before it waits for `Hasura`, `trade-api`, and `trade-frontend` to become healthy.
## Operator Flow
From the repository root:
```bash
./environments/sol/trade-r001-canary/scripts/prepare-sol-postgres.sh
./environments/sol/trade-r001-canary/scripts/create-gitea-registry-secret.sh
./environments/sol/trade-r001-canary/scripts/sync-live-secrets.sh
```
After the prerequisites are seeded, push to `main` and let `deploy-trade-r001-canary` apply the environment.