olsitec-foundation platform repo
|
All checks were successful
CI / preflight (push) Successful in 5s
CI / typecheck (push) Successful in 15s
ecosystem-selftest / semantic-release-bumptest (push) Successful in 13s
ecosystem-selftest / eslint-gate (push) Successful in 3s
ecosystem-selftest / yamllint-gate (push) Successful in 3s
pulumi-preview / preview (push) Successful in 16s
Forgejo 11.0.15 does NOT support reusable workflows (job-level `uses:` / `workflow_call`): the call is silently dropped and no run is scheduled (verified live — a same-repo and a cross-repo reusable call both produced zero runs, while an equivalent inline job ran green). The working cross-repo reuse primitive here is the COMPOSITE ACTION referenced by FULL URL (a short-form `uses: olsitec/foundation/...@master` resolves against the runner's DEFAULT_ACTIONS_URL = data.forgejo.org, not the local instance, and 404s; the full-URL form `uses: https://forge.olsitec.net/olsitec/foundation/actions/<x>@master` was verified green). - Replace the four reusable-*.yml with composite actions under actions/: node-build, docker-build, lint, semantic-release-version (same logic + inputs). - actions/README.md documents the pattern, the Forgejo-11 limitation, and the 999_testing candidate coverage (C2/C3/C4 self-contained; C1/C5 blocked on the not-yet-published @olsitec package registry). - ecosystem-selftest paths filter: actions/** (was reusable-*.yml). The capabilities that need no external repo (semantic-release bump sequence, eslint/yamllint gates) keep running green via ecosystem-selftest's inline jobs. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .forgejo/workflows | ||
| actions | ||
| backup | ||
| bootstrap | ||
| ci | ||
| containers | ||
| documentation | ||
| dr | ||
| offsite-backup | ||
| packages | ||
| preflight | ||
| provision | ||
| .gitignore | ||
| bun.lock | ||
| package.json | ||
| README.md | ||
| VERSIONS | ||
olsitec-foundation
The self-hosting platform "egg": a single Pulumi project that brings up Forgejo (+ Actions +
OCI/npm registry), PostgreSQL, HashiCorp Vault, RustFS (S3), and a reverse proxy as plain OCI
containers on one VM — recoverable from {a VM, this repo, the master passphrase}.
This is Layer 0. Kubernetes, ArgoCD and everything else are Layer-1 consumers of this foundation (see ADR-004).
Layout
bootstrap/— the egg Pulumi project (phases, components, config).packages/— shared, publishable Pulumi modules (@olsitec/pulumi-*).preflight/— host & toolchain validation (run before any deploy).backup/,dr/— backup + disaster-recovery automation..forgejo/workflows/— CI (preflight, pulumi preview/up, backup-verify).documentation/— planning, ADRs, contracts, baseline overlay. Readdocumentation/000_baseline.mdanddocumentation/000_TOPOLOGY.mdfirst.
Status
Planning complete (PLAN-001 vision, PLAN-002 strategy, ADR-004/005 accepted). Implementation not yet started — next step is T00 (contracts) per PLAN-002 §10.
Recovery in one line
git clone this repo → set PULUMI_CONFIG_PASSPHRASE → ./preflight/preflight.sh →
pulumi up → restore latest offsite backup. Full procedure: dr/RUNBOOK.md (TBD, task T13).