From 951978bdac01439f85556fa5610a20268d722001 Mon Sep 17 00:00:00 2001 From: claude-code Date: Sun, 19 Apr 2026 18:33:51 -0600 Subject: [PATCH] docs(roadmap): deploy pipeline shipped; #31 polish still outstanding --- Roadmap.md | 41 ++++++++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/Roadmap.md b/Roadmap.md index a1b9c2e..096fc26 100644 --- a/Roadmap.md +++ b/Roadmap.md @@ -17,24 +17,20 @@ | 21 | Budget-side inline edit of entry name and amount | 2026-04-17 | | 26 | `/healthz` endpoint for container healthcheck | 2026-04-19 | | 27 | Emit structured JSON logs to stdout (Loki-ready) | 2026-04-19 | +| 28 | Dockerfile for quartermaster-web container | 2026-04-19 | +| 29 | compose.yml for home-ctr-onyx deploy | 2026-04-19 | +| 30 | Forgejo Actions workflow for deploy to home-ctr-onyx | 2026-04-19 | +| 35 | uvicorn `--proxy-headers` so `url_for` works behind Traefik | 2026-04-19 | -## Next up — deploy to home-ctr-onyx +## Outstanding -Tracked by the platform-contract intake (#25, closed). Platform side is -provisioned (DNS, Traefik middlewares, bind mount, basic-auth creds — -see [PlatformContractQuartermaster](https://forgejo.labbity.unbiasedgeek.com/homelab/homelab-IaC/wiki/PlatformContractQuartermaster)). -App side is broken into three dependent issues: +#31 **small cleanups from platform-prep code review** is non-blocking +polish (logger placement in `service.py`, middleware-vs-router comment +in `routes_health.py`, richer `template_entry_updated` extras). Fold +into whichever follow-up PR naturally touches those files. -| # | Title | Depends on | -|---|---|---| -| 28 | Dockerfile for quartermaster-web container | — | -| 29 | compose.yml for home-ctr-onyx deploy | #28 | -| 30 | Forgejo Actions workflow for deploy | #28 + #29 | -| 31 | Small cleanups from platform-prep code review | — | - -#31 is non-blocking polish (logger placement in `service.py`, -middleware-vs-router comment in `routes_health.py`, richer -`template_entry_updated` extras). Land when convenient. +#23 **MCP proposal for exposing Quartermaster to AI agents** is a +design discussion, not committed work. ## Deferred @@ -97,6 +93,21 @@ Today the open/closed state of section groups resets on every page load. A tiny `localStorage` hook would remember which groups a given browser last had open. +### Browser-rendered-page smoke test + +The `/healthz` smoke in the deploy workflow doesn't exercise template +URL generation, which is how #35 slipped past CI and into production. +A CI step that loads `/` through Traefik and asserts every `` +and `` href is https-scheme would have caught it before the user +did. + +### Rollback automation + +Rollback today is manual: set `QUARTERMASTER_TAG` in the host's +`.env` to a prior SHA, `docker compose up -d`. A one-line re-deploy +job that accepts a tag would be worth ~30 minutes of work once we +have a reason to roll back under pressure. + ### Observability follow-ups The launch alert set is container-down + TLS expiry + elevated 5xx