jordan c59d348040 chore: prepare for composable monorepo template implementation

This commit captures the current state before implementing the composable
monorepo template system. Key changes included:

Infrastructure:
- Add CockroachDB provisioner adapter for database provisioning
- Add Redis provisioner adapter for cache provisioning
- Add build events system with PostgreSQL storage
- Add WebSocket endpoint for real-time build progress

Code agent improvements:
- Fix Claude Code adapter to use default allowed tools instead of dangerously-skip-permissions
- Add context-aware stream closing for cancellation support
- Improve parser tests for edge cases

Build system:
- Add build event constants and metrics
- Remove deprecated git_operations.go (replaced by pod_git_operations.go)
- Add rollback logic for multi-step provisioning operations

Documentation:
- Add composable-monorepo feature documentation
- Add DNS/Cloudflare service documentation
- Update deployment and troubleshooting guides

Cookbooks:
- Add fullstack-app cookbook
- Refactor landing-test with shared library

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-31 11:39:28 -07:00

8.5 KiB

Raw Blame History

rdev - Remote Developer

Run Claude Code instances in isolated Kubernetes pods with REST API control. Enables bots, CI/CD systems, and external orchestrators to dispatch agentive development work to isolated environments.

Platform: threesix.ai - Agent-driven development at scale with shared worker pools.

Find Your Guide

If you need to...	Read this
Set up local dev	local/setup.md
Run tests	local/testing.md
Write Go code / handlers	backend/go-guidelines.md
Understand pkg/api	packages/api-framework.md
Add a new handler/endpoint	backend/adding-handlers.md
Understand hexagonal architecture	backend/hexagonal.md
Deploy to k3s	ops/deploying.md
Release a new version	ops/releasing.md
Work with Kubernetes adapters	services/kubernetes.md
Database / migrations	ops/database.md
Manage credentials	ops/credentials.md
Work queue system	services/work-queue.md
Worker pool management	services/worker-pool.md
Project templates	services/templates.md
Composable monorepo templates	services/composable-monorepo.md
Build orchestration	services/build-orchestration.md
Build event streaming	services/build-streaming.md
Resource provisioning plan	services/resource-provisioning-plan.md
Database provisioning	services/database-provisioning.md
Cache provisioning	services/cache-provisioning.md
CockroachDB operations	services/cockroachdb.md
Redis operations	services/redis.md
DNS / Cloudflare	services/dns-cloudflare.md

Critical Rules

LLM vs rdev: LLMs generate code; rdev executes deterministic operations (git, lint, deploy). Never rely on LLMs for runbook tasks.
Pod git ops: Git operations run inside pods via PodGitOperations (kubectl exec), never locally.
No dead code: Delete unused code immediately. Don't leave "might use later" exports.
KUBECONFIG: ALWAYS set export KUBECONFIG=~/.kube/orchard9-k3sf.yaml before kubectl commands
Hexagonal: Domain models in internal/domain/ must have ZERO external dependencies
Ports: All adapters implement interfaces from internal/port/
Migrations: NEVER modify committed migrations. Create NEW ones.
500-line limit: Files exceeding 500 lines must be split
Tests: All handlers and services require tests
Multi-step ops: NEVER log-and-continue after partial failure. Rollback or document partial state.

Quick Reference

# Required env vars (add to ~/.zshrc)
export KUBECONFIG=~/.kube/orchard9-k3sf.yaml
export RDEV_API_URL="https://rdev.masq-ops.orchard9.ai"
export RDEV_API_KEY="<from rdev-credentials secret>"

# Infrastructure credentials stored in .secrets (gitignored)
# See: .claude/guides/ops/credentials.md for setup
# Keys: GITEA_TOKEN, CLOUDFLARE_API_TOKEN, CLOUDFLARE_ZONE_ID, WOODPECKER_*

# Run locally
go run ./cmd/rdev-api

# Run tests
go test ./...

# Release + deploy (one command)
./scripts/release.sh v0.10.1 "Description of changes" --deploy

# Release only (no deploy)
./scripts/release.sh v0.10.1 "Description of changes"

# Manual deploy (if needed)
kubectl apply -f deployments/k8s/base/rdev-api.yaml
kubectl rollout restart -n rdev deployment/rdev-api

# Verify pods
kubectl get pods -n rdev

# View logs
./scripts/logs.sh           # Last 100 lines
./scripts/logs.sh -f        # Follow/stream
./scripts/logs.sh -n 500    # Last 500 lines
./scripts/logs.sh -e        # Errors only
./scripts/logs.sh -p        # Previous crashed container

# Shell aliases (after source ~/.zshrc)
rdev-logs                   # Last 100 lines
rdev-logs-f                 # Follow/stream
rdev-pods                   # List pods

# API calls (NOTE: $RDEV_API_KEY doesn't expand in curl -H, use the test script instead)
# ./cookbooks/scripts/landing-test.sh run|status|teardown <name>
curl -H "X-API-Key: $RDEV_API_KEY" $RDEV_API_URL/health
curl -H "X-API-Key: $RDEV_API_KEY" $RDEV_API_URL/projects
curl -H "X-API-Key: $RDEV_API_KEY" $RDEV_API_URL/work/stats

Architecture Overview

cmd/rdev-api/          # Entry point, DI, OpenAPI spec
internal/
├── domain/            # Pure business models (no deps)
├── port/              # Interface contracts
├── service/           # Business logic orchestration
├── handlers/          # HTTP handlers (REST endpoints)
├── adapter/           # Infrastructure implementations
│   ├── kubernetes/    # K8s client, pod executor
│   ├── postgres/      # Audit, queue, webhooks, credentials
│   ├── cockroach/     # Database provisioning (project DBs)
│   ├── redis/         # Cache provisioning via ACLs
│   ├── gitea/         # Git repository management
│   ├── cloudflare/    # DNS provider
│   └── woodpecker/    # CI provider
├── auth/              # API key auth, scopes
├── middleware/        # Rate limiting
├── worker/            # Background queue processor
└── webhook/           # Event dispatcher
pkg/api/               # HTTP framework (app, responses)
deployments/k8s/       # Kustomize manifests
  └── base/templates/  # Project templates
scripts/               # Operational scripts
  ├── load-credentials.sh  # Load secrets to rdev-api
  ├── release.sh           # Build, tag, push releases
  └── logs.sh              # View rdev-api logs
cookbooks/             # End-to-end workflow guides
  ├── landing-page.md      # Landing page deployment flow
  └── scripts/             # Executable cookbook scripts

Key Concepts

Projects: Kubernetes pods with Claude Code, discovered by label rdev.orchard9.ai/project=true
Workers: Shared claudebox pods that execute any project's tasks, labeled rdev.orchard9.ai/role=worker
Work Queue: Async task queue for build/test/deploy jobs
Credentials: Infrastructure secrets (tokens, keys) stored encrypted in PostgreSQL
Commands: Claude/shell/git commands executed via kubectl exec, streamed via SSE
API Keys: Scoped auth with project restrictions, IP filtering, expiration
Webhooks: Event subscriptions with retry delivery
Templates: Project scaffolding with .woodpecker.yml, .claude/, and stack files

threesix.ai Platform Status

Feature	Status	Description
Woodpecker Auto-Activation	Done	CI enabled on project creation via SDK
Project Templates	Done	Embedded templates (astro-landing, go-api, default)
Work Queue	Done	PostgreSQL with atomic dequeue, retry logic
Multi-Provider Agents	Done	Claude Code + OpenCode via registry
Webhooks	Done	Event dispatcher with retry delivery
Embedded Worker	Done	Goroutine in rdev-api, polls queue
Multi-Domain Support	Done	Auto-slugs, custom subdomains, DNS aliases
Build Event Streaming	Done	Real-time SSE/WebSocket for build output
Database Provisioning	Done	CockroachDB adapter with auto-provisioning
Cache Provisioning	Done	Redis ACL-based adapter with auto-provisioning
Build Orchestration	Planned	Structured build specs via API
Composable Monorepo Templates	Planned	Monorepo skeleton + component templates

Current Version: v0.10.12

Constraints

ON-PREM k3s - not GKE, always set KUBECONFIG
Kustomize only - no ArgoCD
chi/v5 router - no gin, echo, or other frameworks
sqlx for DB - no GORM
slog for logging - no logrus, zap

8.5 KiB Raw Blame History