feat(bootstrap): rustfs S3 data-plane + buckets/service account (T04)

foundation-rustfs (rustfs/rustfs digest-pinned) on foundation-net, internal only
(9000/9001 unpublished); named volume foundation-rustfs-data with retainOnDelete.
The four buckets (forgejo-packages/-artifacts/-lfs, foundation-backups) and a
scoped service account with generated keys (CONTRACT_002 rustfs slice) are
provisioned post-boot by an idempotent, readiness-gated remote.Command using a
throwaway mc container (ADR-007). RustFS speaks enough MinIO admin API for
`svcacct add`; `mc ready` is unreliable so readiness gates on `mc ls`; the mc
image's busybox lacks grep so existence checks use a shell `case`. Pins the
IMAGE_MC tool image in VERSIONS.

Live on cx33 Helsinki: 4 buckets present, service key registered, put/get
roundtrip OK, no published ports. Acceptance T04 met.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Andreas Niemann 2026-06-30 21:19:53 +02:00
parent 6edba60612
commit 1792fd9f89
4 changed files with 147 additions and 4 deletions

View file

@ -60,10 +60,15 @@ IMAGE_CADDY=caddy:2.10@sha256:PIN_DIGEST
IMAGE_FORGEJO=codeberg.org/forgejo/forgejo:11@sha256:PIN_DIGEST
IMAGE_POSTGRES=postgres:17@sha256:5c855ad7b85e68e48a62f34662853f38b57c1c1d80f3a927ab58034fd6d31c5e
IMAGE_VAULT=hashicorp/vault:1.18@sha256:PIN_DIGEST
IMAGE_RUSTFS=rustfs/rustfs:latest@sha256:PIN_DIGEST
IMAGE_RUSTFS=rustfs/rustfs:latest@sha256:fa19210ac4697c79d7ccca1ec9b0eb91aebacc6691991ffb14014bb3c67e6cc3
IMAGE_ACT_RUNNER=code.forgejo.org/forgejo/runner:6@sha256:PIN_DIGEST
IMAGE_REGISTRY=registry:2@sha256:PIN_DIGEST
# Tool image: MinIO client `mc` — used transiently (never a long-running service)
# for S3 control-plane ops against RustFS: bucket creation + service accounts
# (T04) and backup put/get (T12). RustFS speaks enough of the MinIO admin API.
IMAGE_MC=minio/mc:latest@sha256:a7fe349ef4bd8521fb8497f55c6042871b2ae640607cf99d9bede5e9bdf11727
# NOTE on specific images:
# IMAGE_RUSTFS uses `latest` because RustFS does not (yet) publish stable
# semver tags reliably (PLAN-002 R3 — RustFS is young). MUST be pinned by