learning_ai_common_plat

bytelyst/learning_ai_common_plat

Fork 0

Commit Graph

Author	SHA1	Message	Date
saravanakumardb1	6bf15eae7a	docs(devops): Hostinger runner prompt v2 — org migration + monitoring + hardening Adds the missing pieces revealed during review: §1 Multi-repo registration decision — choose repo-level vs org-level up-front. Default doc remains repo-level, but explicitly calls out org-level as the scaling path for 20+ repos. §2 Pre-flight check additions: - Arch detection (x86_64 / aarch64) before downloading runner tarball - github.com + objects.githubusercontent.com reachability check - gh CLI auth status check (must be saravanakumardb1) §4 Installation hardening: - Step 1 is now idempotent (getent guards on useradd/usermod) - Step 3 queries latest runner version via gh api (no more stale pin) - Step 3 includes SHA256 verification of the downloaded tarball against the release-notes manifest, with explicit STOP-if-mismatch - Step 3 has REGISTRATION_URL var with commented Option A/B for repo-level vs org-level scope §5 Smoke test — added explicit git checkout/add/commit/push commands for creating the runner/smoke branch (was implicit before). §8 (renamed) — comprehensive org migration guide: - Side-by-side table: personal account today vs under-an-org - Bash loop to transfer all 18 repos via gh api - git remote set-url commands for each local clone - Post-migration org-level registration token fetch - Workflow propagation strategies (reusable workflow vs sync script) §9 (new) — Monitoring + observability: - GitHub Actions tab per-repo + per-org workflow views - Runner pool health (Settings → Actions → Runners) at repo + org level - gh CLI commands for scripted monitoring (run watch, list, view, runners) - Host-side journalctl + _diag/ inspection commands §14 Questions — updated to ask about scope (repo vs org) first. Section numbering shifted by +1 from §9 onward to make room for the new Monitoring section.	2026-05-24 18:04:50 -07:00
saravanakumardb1	d5e0778af6	docs(devops): add Hostinger self-hosted GitHub runner setup prompt Delegation prompt for the Codex agent running on the Hostinger VM to: - Install a dedicated GitHub Actions self-hosted runner under gha-runner user - Register it with saravanakumardb1/learning_ai_common_plat - Run as a systemd service with auto-start - Install Node 20 / pnpm 9 / gh CLI / Docker prerequisites - Wire up local Gitea publish token Includes full end-to-end validation that proves the actual publish pipeline works: - Creates a throwaway @bytelyst/_runner-e2e-test package - Publishes to local Gitea - Uploads tarball as GitHub Release asset - Verifies Gitea registry returns the version - Verifies pnpm install + require works from a clean directory - Verifies the byte-identical-tarball invariant (sha256 match between Gitea-served tarball and GitHub Release asset) — this is the key guarantee that lockfiles will remain portable across corp Mac's local Gitea after sync - Documents cleanup of test artifacts Plus pre-flight checks, hardening (systemd limits, log rotation, workflow approval), scaling notes, deliverables checklist, guardrails, rollback, and follow-up prompt list (publish-packages.yml, bytelyst-sync script, SKILL doc).	2026-05-24 17:59:42 -07:00

Author

SHA1

Message

Date

saravanakumardb1

6bf15eae7a

docs(devops): Hostinger runner prompt v2 — org migration + monitoring + hardening

Adds the missing pieces revealed during review:

§1 Multi-repo registration decision — choose repo-level vs org-level
   up-front. Default doc remains repo-level, but explicitly calls out
   org-level as the scaling path for 20+ repos.

§2 Pre-flight check additions:
  - Arch detection (x86_64 / aarch64) before downloading runner tarball
  - github.com + objects.githubusercontent.com reachability check
  - gh CLI auth status check (must be saravanakumardb1)

§4 Installation hardening:
  - Step 1 is now idempotent (getent guards on useradd/usermod)
  - Step 3 queries latest runner version via gh api (no more stale pin)
  - Step 3 includes SHA256 verification of the downloaded tarball
    against the release-notes manifest, with explicit STOP-if-mismatch
  - Step 3 has REGISTRATION_URL var with commented Option A/B for
    repo-level vs org-level scope

§5 Smoke test — added explicit git checkout/add/commit/push commands
   for creating the runner/smoke branch (was implicit before).

§8 (renamed) — comprehensive org migration guide:
  - Side-by-side table: personal account today vs under-an-org
  - Bash loop to transfer all 18 repos via gh api
  - git remote set-url commands for each local clone
  - Post-migration org-level registration token fetch
  - Workflow propagation strategies (reusable workflow vs sync script)

§9 (new) — Monitoring + observability:
  - GitHub Actions tab per-repo + per-org workflow views
  - Runner pool health (Settings → Actions → Runners) at repo + org level
  - gh CLI commands for scripted monitoring (run watch, list, view, runners)
  - Host-side journalctl + _diag/ inspection commands

§14 Questions — updated to ask about scope (repo vs org) first.

Section numbering shifted by +1 from §9 onward to make room for the
new Monitoring section.

2026-05-24 18:04:50 -07:00

saravanakumardb1

d5e0778af6

docs(devops): add Hostinger self-hosted GitHub runner setup prompt

Delegation prompt for the Codex agent running on the Hostinger VM to:
- Install a dedicated GitHub Actions self-hosted runner under gha-runner user
- Register it with saravanakumardb1/learning_ai_common_plat
- Run as a systemd service with auto-start
- Install Node 20 / pnpm 9 / gh CLI / Docker prerequisites
- Wire up local Gitea publish token

Includes full end-to-end validation that proves the actual publish
pipeline works:
- Creates a throwaway @bytelyst/_runner-e2e-test package
- Publishes to local Gitea
- Uploads tarball as GitHub Release asset
- Verifies Gitea registry returns the version
- Verifies pnpm install + require works from a clean directory
- Verifies the byte-identical-tarball invariant (sha256 match between
  Gitea-served tarball and GitHub Release asset) — this is the key
  guarantee that lockfiles will remain portable across corp Mac's
  local Gitea after sync
- Documents cleanup of test artifacts

Plus pre-flight checks, hardening (systemd limits, log rotation,
workflow approval), scaling notes, deliverables checklist, guardrails,
rollback, and follow-up prompt list (publish-packages.yml,
bytelyst-sync script, SKILL doc).

2026-05-24 17:59:42 -07:00

2 Commits