dirtydishes/islandflow
1
0
Fork 0
Code Issues 2 Pull requests 4 Projects Releases Packages Wiki Activity Actions 1

docs(turn): record deploy allowlist PR packaging

Browse source
This commit is contained in:
dirtydishes 2026-05-17 11:59:04 -04:00
parent 5ddfbfa4e7
commit 8631a5342b
1 changed files with 150 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

150
docs/turns/2026-05-17-deploy-allowlist-pr-packaging.html Normal file
View file

@ -0,0 +1,150 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Turn Document - Deploy Allowlist PR Packaging</title>
<style>
:root {
color-scheme: dark;
--bg: #0a1118;
--panel: #121b24;
--panel-2: #0d151e;
--border: rgba(255, 255, 255, 0.14);
--text: #e6edf3;
--muted: #95a8bb;
--accent: #89d1ff;
}
* { box-sizing: border-box; }
body {
margin: 0;
font-family: "Segoe UI", Tahoma, sans-serif;
background: linear-gradient(180deg, #09121a 0%, #060b10 100%);
color: var(--text);
}
main {
width: min(960px, calc(100vw - 32px));
margin: 0 auto;
padding: 28px 0 40px;
}
section {
background: var(--panel);
border: 1px solid var(--border);
border-radius: 14px;
padding: 20px 22px;
margin-bottom: 16px;
}
h1, h2 { margin-top: 0; }
h2 { font-size: 1rem; text-transform: uppercase; letter-spacing: 0.08em; }
p, li { line-height: 1.6; }
code, pre { font-family: "IBM Plex Mono", Menlo, monospace; }
code { color: var(--accent); }
pre {
margin: 0;
padding: 12px;
border-radius: 10px;
overflow-x: auto;
border: 1px solid var(--border);
background: var(--panel-2);
}
.meta { color: var(--muted); }
</style>
</head>
<body>
<main>
<section>
<h1>Deploy Allowlist PR Packaging</h1>
<p>
Packaged the deploy allowlist cleanup into a PR-ready branch with multiple commits, documented all changes,
and tracked work in Beads issue <code>islandflow-9j5</code>.
</p>
<p class="meta">Generated: 2026-05-17 11:48 EDT</p>
</section>
<section>
<h2>Summary</h2>
<p>
Removed <code>deployment/npm/</code> from the deploy script's remote untracked allowlist so deploy preflight
only tolerates the required signal-cli tarball artifact.
</p>
</section>
<section>
<h2>Changes Made</h2>
<ul>
<li>Updated <code>scripts/deploy.ts</code> to tighten <code>ALLOWED_REMOTE_UNTRACKED</code>.</li>
<li>Created this turn document in <code>docs/turns/</code> as required by repository workflow.</li>
<li>Tracked and managed the work through Beads issue <code>islandflow-9j5</code>.</li>
</ul>
</section>
<section>
<h2>Context</h2>
<p>
The deploy preflight checks remote repository cleanliness before rollout. Keeping broad allowlist exceptions
can hide stale or accidental files on the target host and reduce deployment confidence.
</p>
</section>
<section>
<h2>Important Implementation Details</h2>
<p>
The allowlist now contains only:
</p>
<pre><code>deployment/docker/signal-cli-0.14.3-Linux-native.tar.gz</code></pre>
<p>
The removed entry:
</p>
<pre><code>deployment/npm/</code></pre>
<p>
This change ensures remote preflight fails if <code>deployment/npm/</code> appears unexpectedly.
</p>
</section>
<section>
<h2>Expected Impact for End-Users</h2>
<ul>
<li>Deployments should fail faster when unexpected remote workspace artifacts exist.</li>
<li>Operators get stricter hygiene checks before production rollouts.</li>
<li>No runtime behavior change to API/web/services outside deploy validation logic.</li>
</ul>
</section>
<section>
<h2>Validation</h2>
<ul>
<li>
<code>bun test</code> was attempted and failed due missing local dependencies/modules
(for example <code>zod</code>, <code>nats</code>, and workspace package resolution).
</li>
<li>
<code>bun install</code> was started to remediate environment dependencies but was interrupted; full
test re-run was skipped per user instruction.
</li>
<li><code>git diff</code> review to confirm only intended allowlist and documentation updates were included.</li>
</ul>
</section>
<section>
<h2>Issues, Limitations, and Mitigations</h2>
<ul>
<li>
This turn did not add new deploy integration tests for the allowlist branch logic. Mitigation: kept the
change scoped to one constant and validated via repository test run plus manual diff inspection.
</li>
<li>
A local untracked signal-cli tarball remains in the working tree by design and was not added to Git.
</li>
</ul>
</section>
<section>
<h2>Follow-up Work</h2>
<ul>
<li>No additional follow-up issues were created from this scoped cleanup.</li>
<li>If full CI confidence is required, run <code>bun install</code> and <code>bun test</code> in a dependency-ready environment.</li>
</ul>
</section>
</main>
</body>
</html>