From 9347fcd3a58a75c4ab8dc4c3b6cbb9580c9aa29c Mon Sep 17 00:00:00 2001 From: kisfenyo Date: Tue, 9 Jun 2026 10:19:23 +0200 Subject: [PATCH] docs(CLAUDE): correct hub/manifests deploy to GitOps via the 'felhom' ArgoCD app No separate hub app; manifests/ synced by app 'felhom' (auto-sync off). Deploy = build+push pinned image -> bump manifests/hub.yaml tag + commit -> manual sync. Never :latest (manifest is ArgoCD's truth). Replaces the stale kubectl apply/set image steps. Co-Authored-By: Claude Opus 4.8 (1M context) --- CLAUDE.md | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 8b20988..cce4aec 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -65,22 +65,27 @@ Use the Windows OpenSSH binary (Git Bash's `/usr/bin/ssh` can't reach the Window | Build server (k3s node) | 192.168.0.180 | kisfenyo | Build + push images, kubectl (needs `sudo`) | | Demo Proxmox host | 192.168.0.162 | root@pam (SSH alias felhom-pve, root, no sudo) | pveum/pct + live Proxmox validation — available to CC | -## Build & deploy — Hub +## Build & deploy — Hub (GitOps via ArgoCD) -After code changes to `hub/`, you **MUST** build, push, and deploy. +The whole k3s cluster is GitOps via a **single ArgoCD app named `felhom`** (`argocd.dooplex.hu`) that syncs this repo's **`manifests/`** to the **`felhom-system`** namespace. **There is no separate `hub` ArgoCD app** — the hub is one `Deployment` (`manifests/hub.yaml`) *inside* the `felhom` app. **Auto-sync is OFF**: deploys are a deliberate manual sync. ArgoCD's source of truth is the **manifest**, so: -1. **Commit + push:** `cd /e/git/felhom.eu && git add -A && git commit -m "" && git push` -2. **Check running version:** `$SSH kisfenyo@192.168.0.180 "sudo kubectl get deploy -n felhom-system hub -o jsonpath='{.spec.template.spec.containers[0].image}'"` -3. **Build + push image** (next version; build script lives on the build server, not in this repo): `$SSH kisfenyo@192.168.0.180 "cd ~/build/felhom-hub && ./build.sh --push"` (pulls latest from Gitea, builds with version+build-time ldflags into `main.Version`, pushes `gitea.dooplex.hu/admin/felhom-hub:` and `:latest`.) -4. **Deploy:** `$SSH kisfenyo@192.168.0.180 "sudo kubectl set image -n felhom-system deploy/hub hub=gitea.dooplex.hu/admin/felhom-hub:"` -5. **Verify:** `$SSH kisfenyo@192.168.0.180 "sudo kubectl get pods -n felhom-system -l app=hub && sudo kubectl logs -n felhom-system -l app=hub --tail 10"` (expect Running + `[INFO] felhom-hub starting`.) +- **A code change + CHANGELOG version bump does NOT deploy anything.** The running image only changes when `manifests/hub.yaml`'s `image:` tag changes in git and the app is synced. +- **Pin explicit versions, never `:latest`.** A `:latest` re-push wouldn't change the manifest, so ArgoCD wouldn't redeploy, and Synced / History / Rollback would all misreport what's actually live. -> If the hub deployment is ArgoCD-managed (auto-sync), a manual `kubectl set image` may be reverted by ArgoCD drift-correction — confirm the deploy path before relying on step 4. +After a code change to `hub/`, to deploy: + +1. **Commit + push the code:** `cd /e/git/felhom.eu && git add -A && git commit -m "" && git push` +2. **Build + push the image** (build script lives on the build server, not in this repo): `$SSH kisfenyo@192.168.0.180 "cd ~/build/felhom-hub && ./build.sh --push"` (pulls latest from Gitea, builds version into `main.Version` via ldflags, pushes `gitea.dooplex.hu/admin/felhom-hub:`). Pin ``; don't rely on `:latest`. +3. **Bump the manifest:** set the `image:` tag in `manifests/hub.yaml` to `:`, commit to `main`, push. The `felhom` app now shows **OutOfSync**. +4. **Sync:** ArgoCD UI → app `felhom` → **Sync**, or `$SSH kisfenyo@192.168.0.180 "argocd app sync felhom"` (argocd CLI v3.2.1 at `/usr/local/bin`). +5. **Verify:** `$SSH kisfenyo@192.168.0.180 "sudo kubectl get deploy -n felhom-system hub -o jsonpath='{.spec.template.spec.containers[0].image}'; echo; sudo kubectl logs -n felhom-system -l app=hub --tail 10"` (expect the new tag + `[INFO] felhom-hub starting`). + +> A bare `kubectl set image` would be reverted on the next sync (the manifest is the truth) — always go through `manifests/hub.yaml`. **The live image can lag the CHANGELOG** when version bumps were committed but step 3/4 was never done; reconcile via the manifest, not by assuming the changelog reflects what's running. ## Build & deploy — Website / Manifests - **Website** auto-deploys via git-sync; just push to `main` (live in 1–2 min). Emergency edits: FileBrowser at `https://files.felhom.eu`. -- **Manifests** are applied manually (git pull on the build server first if you pushed): `$SSH kisfenyo@192.168.0.180 "sudo kubectl apply -f /home/kisfenyo/git/felhom.eu/manifests/.yaml"` +- **Manifests** (`manifests/`) are GitOps via the `felhom` ArgoCD app — commit to `main`, then sync (auto-sync is off): UI Sync or `argocd app sync felhom`. Do **not** `kubectl apply` them directly (a later sync reverts drift; the manifest in git is the truth). ## Key patterns