docs(#20): mark hook phases 1+2 done; resume notes point to phase 3 (indeedhub)
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
archipelago
parent
955c54b713
commit
ccb5b7ca39
@ -150,6 +150,14 @@ phases 2–6 (`dual-ecash-design.md`).
|
|||||||
## 8b. SESSION STATE + RESUME (2026-06-21, live)
|
## 8b. SESSION STATE + RESUME (2026-06-21, live)
|
||||||
|
|
||||||
**Landed + committed on main this session (newest first):**
|
**Landed + committed on main this session (newest first):**
|
||||||
|
- `955c54b7` hook capability (#20) **phase 2** — `container::hooks::run_post_install`
|
||||||
|
executor (podman exec + copy_from_host w/ allowlist canonicalise + symlink-escape
|
||||||
|
prefix check; best-effort/idempotent) wired into `install_fresh` after container
|
||||||
|
is up (fresh-container-only). 5 unit tests; `cargo test -p archipelago` green.
|
||||||
|
- `4c1a4e59` hook capability (#20) **phase 1** — `LifecycleHooks`/`HookStep`/`HostCopy`
|
||||||
|
schema + validate() + re-exports + 3 schema tests; also fixed 3 pre-existing
|
||||||
|
`ContainerConfig` test literals missing `generated_secrets` (container crate now
|
||||||
|
compiles; `cargo test -p archipelago-container` green, 53 pass).
|
||||||
- `f0c6b79d` immich containers named underscore (immich_server/_postgres/_redis) to
|
- `f0c6b79d` immich containers named underscore (immich_server/_postgres/_redis) to
|
||||||
match runtime lifecycle code — fixes package.stop/start/restart. **immich fully
|
match runtime lifecycle code — fixes package.stop/start/restart. **immich fully
|
||||||
migrated + verified on .228** (manifest-driven stack via orchestrator).
|
migrated + verified on .228** (manifest-driven stack via orchestrator).
|
||||||
@ -161,19 +169,14 @@ phases 2–6 (`dual-ecash-design.md`).
|
|||||||
- `192238cb` docs consolidation 56→28 + CLAUDE.md.
|
- `192238cb` docs consolidation 56→28 + CLAUDE.md.
|
||||||
- `03a4ee1b` generated-secrets system + companion/quadlet fixes.
|
- `03a4ee1b` generated-secrets system + companion/quadlet fixes.
|
||||||
|
|
||||||
**IN FLIGHT — hook capability (#20), phase 1 (schema):** building controlled
|
**DONE — hook capability (#20), phases 1+2 (schema + executor + wiring):**
|
||||||
post-install hooks so indeedhub/netbird can migrate. Design: `docs/manifest-hooks-design.md`.
|
controlled post-install hooks so indeedhub/netbird can migrate. Design:
|
||||||
- DONE: `LifecycleHooks`/`HookStep`/`HostCopy` types + `hooks` field on AppDefinition
|
`docs/manifest-hooks-design.md`. Schema, validate(), executor, and install-path
|
||||||
+ validate() + re-exports + 3 schema tests (manifest.rs).
|
wiring all landed + green (commits `4c1a4e59`/`955c54b7` above). Remaining #20
|
||||||
- **BLOCKING COMPILE FIX NEEDED:** `cargo test -p archipelago-container` fails —
|
phases: 3 = indeedhub migration (NEXT, below); 4 = netbird; 5 = `pre_start` hooks
|
||||||
3 pre-existing test `ContainerConfig {…}` literals (manifest.rs ~1658/1711/1752)
|
(type exists, NOT yet executed — wire into `prepare_for_start` if/when needed).
|
||||||
are missing the `generated_secrets` field (added in 03a4ee1b but the container
|
|
||||||
crate's own tests were never run since). Add `generated_secrets: vec![],` to each.
|
|
||||||
- THEN: implement executor `core/archipelago/src/container/hooks.rs`
|
|
||||||
(run_post_install: podman exec + copy_from_host with allowlist canonicalisation),
|
|
||||||
wire into orchestrator install (post-create, install-only), tests, commit.
|
|
||||||
|
|
||||||
**NEXT (after #20):** indeedhub migration — author 7 member manifests
|
**NEXT — #20 phase 3, indeedhub migration:** author 7 member manifests
|
||||||
(postgres/redis/minio/relay/api/ffmpeg + frontend) on archy-net with container-name
|
(postgres/redis/minio/relay/api/ffmpeg + frontend) on archy-net with container-name
|
||||||
hostnames; frontend carries the `post_install` hook (strip X-Frame-Options, copy
|
hostnames; frontend carries the `post_install` hook (strip X-Frame-Options, copy
|
||||||
nostr-provider.js, inject script, nginx reload — see `patch_indeedhub_nostr_provider`
|
nostr-provider.js, inject script, nginx reload — see `patch_indeedhub_nostr_provider`
|
||||||
|
|||||||
@ -94,10 +94,14 @@ the `post_install` hook above. `install_indeedhub_stack` becomes orchestrator-fi
|
|||||||
|
|
||||||
## 6. Phases
|
## 6. Phases
|
||||||
|
|
||||||
1. **Schema + executor + validation + unit tests** (this design) — `exec` +
|
1. ✅ **Schema + validation + unit tests** — `LifecycleHooks`/`HookStep`/`HostCopy`
|
||||||
`copy_from_host`, allowlist-enforced.
|
in `archipelago-container::manifest`, allowlist-enforced at `validate()`.
|
||||||
2. **Wire into orchestrator install** (post-create, install-only).
|
(commit `4c1a4e59`)
|
||||||
3. **indeedhub**: author member manifests + frontend `post_install` hook; wire
|
2. ✅ **Executor + wire into orchestrator install** — `container::hooks::run_post_install`
|
||||||
|
(`exec` + `copy_from_host`, canonicalise + symlink-escape prefix check, best-effort);
|
||||||
|
called from `install_fresh` after the container is up, fresh-container-only.
|
||||||
|
(commit `955c54b7`)
|
||||||
|
3. ⏳ **indeedhub**: author member manifests + frontend `post_install` hook; wire
|
||||||
`install_indeedhub_stack` orchestrator-first; live-migrate + verify on .228.
|
`install_indeedhub_stack` orchestrator-first; live-migrate + verify on .228.
|
||||||
4. **netbird**: assess its setup steps; migrate with hooks.
|
4. ⏳ **netbird**: assess its setup steps; migrate with hooks.
|
||||||
5. `pre_start` hooks (repair/ownership) if needed.
|
5. ⏳ `pre_start` hooks (repair/ownership) — type exists; executor not yet wired.
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user