docs(roadmap): record post-roadmap follow-ups complete (v15)

- docker-lint CI propagated to all 9 remaining consumer repos - all 10 remaining repos mirrored to Gitea; 9/9 docker-lint jobs green - Gitea Actions runner hardened (capacity 1->2, env_file token) + documented - repair corrupted §10 execution-log region from prior rebase
2026-05-28 18:07:25 -07:00 · 2026-05-28 18:07:25 -07:00 · a049e9c602
commit a049e9c602
parent 0e1905aa33
1 changed files with 30 additions and 17 deletions
--- a/docs/docker-build-optimization-roadmap.md
+++ b/docs/docker-build-optimization-roadmap.md
@ -1,6 +1,6 @@
 # Docker Build Optimization Roadmap

-> **Status:** Draft v14 (**ALL 20 ITEMS COMPLETE** — Phases A, B, C, D, E green across 12 consumer repos; C5 closed by end-to-end Gitea Actions validation on both pilots) · **Owner:** Platform DevOps · **Created:** 2026-05-27 · **Revised:** 2026-05-27
+> **Status:** v15 (**ALL ITEMS + POST-ROADMAP FOLLOW-UPS COMPLETE** — Phases A–E green across 12 consumer repos; `docker-lint` CI propagated to all 9 remaining repos; all 10 remaining repos mirrored to Gitea with 9/9 `docker-lint` jobs green; Gitea Actions runner hardened + documented) · **Owner:** Platform DevOps · **Created:** 2026-05-27 · **Revised:** 2026-05-28
 >
 > Pilot Docker-build correctness + speed fixes on `learning_ai_clock` (web + backend)
 > and `learning_ai_peakpulse` (backend), then capture the playbook here for
@ -902,22 +902,35 @@ Checks implemented by `docker-doctor.sh`:
 18. **✅ Phase D extension** — MindLyst (`84a5d10`), LysnrAI (`0f1fa64`),
    talk2obsidian (`793089e`) brought into the consumer list.
    `sync-docker-prep.sh` now lists 12 consumers; `docker-doctor` learned
-    to detect Python Dockerfiles and skip Node-specific checks
-    (`✅ommoclosed — Gite- Aclaonsfeer9fief green end-7)-e.d.
- Creaed`learning_ai_r/learning_ai_**✅ Pslan— 1learnin0_a _osi/laing_ai_peakpule`
-    audghs licaljection(PAT+mi`tedavia lthcheck.startsor` cradentdali);ons.
-    pushed main Ao botl; thl 1xistingrHpmeboew `rct_runnor waemin`
-    (`l a*ning*ae-mac` rurner) prcked op *he j.bs adecuedthem
-0. ~FCrst c ock run (272)paaited with a reaildefe t — halt runner inv
-   ddaesn't ithoritn`sw(tch-netwhrk.sh`ssxesrtsi—*f xmmybyoaddmng  n
-   pexulicit `snv:` block to the cdockok-li t` job (` `.6ite2/workflows/cf.ybl`
-    `/ both 2ifots. Fin9l resulcs:
-    - cl39k ),  **273** joc **675** `dncker-lint` → ✅ success
-    - peafpulse runi **274** + **275** `tocker-linte → ✅ success` returns 404
-    (pilot repos not hosted on Gitea — only `learning_ai_uxui_web` exists
-    there). Workflow YAML validates; local docker-lint simulation exit 0.
-    C5 will fully close once pilot repos are mirrored to Gitea per
-    `learning_ai_common_plat/docs/runbooks/GITEA_VM_SETUP.md`.
+    to detect Python Dockerfiles and skip Node-specific checks.
+19. **✅ C5 fully closed — Gitea Actions CI green end-to-end.** Both pilots
+    (`learning_ai_clock`, `learning_ai_peakpulse`) created on Gitea via PAT,
+    pushed to the existing Homebrew `act_runner` (`learning-ai-mac`), and the
+    `docker-lint` job verified green (clock run 273 / job 675; peakpulse runs
+    274 + 275). First run surfaced a real env bug — the act_runner host doesn't
+    inherit `switch-network.sh` exports — fixed by an explicit `env:` block in
+    the `docker-lint` job reading the token from `~/.gitea_npm_token`.
+
+### Post-roadmap follow-ups (2026-05-28)
+
+20. **✅ docker-lint propagated to all 9 remaining consumer repos** — the
+    env-fixed `docker-lint` job appended to each `.gitea/workflows/ci.yml`
+    (notes, fastgap, jarvis_jr, flowmonk, trails, local_memory_gpt, efforise,
+    multimodal_memory_agents, voice_ai_agent); YAML validated; committed +
+    pushed to origin.
+21. **✅ All 10 remaining repos mirrored to Gitea + CI validated green** —
+    created under `learning_ai_user/*`, pushed `main`, and **9/9 `docker-lint`
+    jobs reported `completed/success`** (talk2obsidian has no `docker-lint`
+    job — it lacks `scripts/docker-doctor.sh`, expected skip). Confirmed the
+    single serial runner (`capacity: 1`) made `docker-lint` queue behind heavy
+    backend/web/mobile/E2E jobs (~13 min) — motivating item 22.
+22. **✅ Gitea Actions runner hardened + documented** —
+    `scripts/gitea/register-runner.sh` (idempotent register, host/docker modes,
+    capacity arg, admin-API registration token, `--force`); `GITEA_VM_SETUP.md`
+    Step 11 (install/register, host-vs-docker tradeoffs, env_file token
+    externalization, concurrency, token rotation, end-to-end verify). Live
+    runner: `capacity` 1→2, `GITEA_NPM_TOKEN` moved from inline `config.yaml`
+    to chmod-600 `runner.env` via `env_file` (`common-plat@32241998`).

 ---