kavi
/
kua-deploy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Authoritative deploy orchestrator. Split out of coder-core 2026-05-21 to break the self-rebuild loop.
9 Commits 2 Branches 1 Tag 249 KiB
JavaScript 99.5%
Dockerfile 0.5%
Go to file
Kavi ed476804f9 feat(registry): engine-owned registry + mutation API (end the git-reconcile loop) 
The registry was a git-committed file bind-mounted :ro from coder-core AND hand-patched
live — two writers, neither authoritative. Root cause of the reconcile commits, dirty-tree
deploy blocks, main-push gating, and multi-session collisions (codex/gpt-5.5 audited).

- Registry is now ENGINE-OWNED at /app/data/registry.json (persistent volume), seeded once
  from the legacy bind-mount on first boot, never overwritten thereafter.
- New authenticated mutation API: PUT/PATCH/DELETE /api/v1/apps/:app (+ ?dry_run=1 returns
  a normalized diff, no write), GET /api/v1/registry/export (+ timestamped snapshot).
- Atomic writeRegistry (temp+rename), in-process mutation lock, schema validateEntry
  (allowed servers, branch-name safety, required fields).
- Append-only hash-chained audit at /app/data/registry-events.jsonl (actor from request
  identity, before/after, prev_hash/event_hash).
- FIX: audit.log moved /app/logs -> /app/data (the /app/logs path was never mounted, so the
  audit trail was lost on every restart).
- compose: removed the deploy-registry.json git bind-mount.

Clients (kua-app, kua-mcp-core) migrate to the API in a follow-up; git becomes an export
sink, not the source of truth.
 		2026-05-26 20:36:55 -04:00
Dockerfile feat: initial commit — extracted from coder-core/services/kua-deploy 2026-05-21 18:04:45 -04:00
NOTES-image-digest-pinning.md feat: initial commit — extracted from coder-core/services/kua-deploy 2026-05-21 18:04:45 -04:00
README.md feat: initial commit — extracted from coder-core/services/kua-deploy 2026-05-21 18:04:45 -04:00
docker-compose.yml feat(registry): engine-owned registry + mutation API (end the git-reconcile loop) 2026-05-26 20:36:55 -04:00
kua.json feat: initial commit — extracted from coder-core/services/kua-deploy 2026-05-21 18:04:45 -04:00
package-lock.json feat: initial commit — extracted from coder-core/services/kua-deploy 2026-05-21 18:04:45 -04:00
package.json feat: initial commit — extracted from coder-core/services/kua-deploy 2026-05-21 18:04:45 -04:00
server.js feat(registry): engine-owned registry + mutation API (end the git-reconcile loop) 2026-05-26 20:36:55 -04:00

README.md

kua-deploy

Authoritative deploy orchestrator for the Kua infrastructure fleet. Receives release triggers (admin API and Forgejo webhooks), runs git-pull → migration gate → docker build → recreate → SHA-verify on managed apps.

Split out of coder-core/services/kua-deploy/ on 2026-05-21 to break the self-rebuild loop that ran every coder-core release through this service as a side-effect.

Layout

  • server.js — Fastify app exposing /api/v1/apps/:app/deploy, /progress, /runtime-status, /webhook/forgejo.
  • Dockerfile — node:22-alpine + docker-cli + ssh + git + kua-vault binary (mounted at runtime).
  • docker-compose.yml — single-service compose project. Joins kua-services + production_proxy networks.
  • kua.json — release-app manifest (mode: direct, server: bruno).
  • NOTES-image-digest-pinning.md — design notes for deferred prevention #4.

Registry

deploy-registry.json lives in coder-core/services/kua-deploy/deploy-registry.json and is bind-mounted in at /app/deploy-registry.json. This is a transitional arrangement; a future change can migrate the registry into this repo.

Deploying kua-deploy

Via release-app:

release-app kua-deploy

Which goes through kua-deploy's own admin POST /api/v1/apps/kua-deploy/deploy and uses the transient-container recreate pattern (Phase A) so the service can replace its own running container without false-success.

See also

  • services/kua-deploy/NOTES-image-digest-pinning.md in this repo
  • infra-docs/docs/04-operations/deploy-listener.md in coder-core (current-state callout + deploy_mode reference)