Update acb-enrichment-deployment.yml to use SHA 97b4b0f which is the
commit that triggered the acb-images-build workflow for the enrichment
image. This aligns with declarative-config.
The enrichment Dockerfile was verified as valid. The acb-enrichment
build is now included in acb-images-build workflow (added via
declarative-config commit ce48ad2).
Align deployment with CI/CD pattern:
- Image: forgejo.ardenone.com/ai-code-battle/acb-enrichment:sha-8f1dcc4
- Pull secret: forgejo-container-registry
- ArgoCD annotations configured for Forgejo registry
The acb-images-build workflowtemplate in iad-ci builds this image
and pushes to the Forgejo container registry.
- Change image registry from forgejo.ardenone.com to ronaldraygun (Docker Hub)
- Update to current commit SHA (a13902f)
- Update imagePullSecret from forgejo-container-registry to docker-hub-registry
- Align with acb-enrichment-build workflow which pushes to Docker Hub
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
- Updated acb-eventsensor.yml to ensure acb-build trigger is present
- Push will trigger webhook → acb-build → builds all ACB images including enrichment
- Workflow will update declarative-config with real image SHA
The worker was only configured with B2 (ARMOR) credentials, so replays were
being uploaded to B2 but not to R2. The index builder's B2→R2 promotion
cycle only covers the last 24 hours, so older replays were not available
in R2, causing 404 errors when clicking "Watch Replay".
This fix adds R2 credentials to the worker deployment, allowing it to
upload replays directly to R2 (hot cache) in addition to B2 (cold archive).
This makes replays immediately available for viewing without waiting for
the promotion cycle.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add seedIfEmpty: idempotent startup seeding (20 maps per player count,
ON CONFLICT DO NOTHING) using cellular-automata generation + validate()
- Add continuous evolution loop across all player counts (2/3/4/6)
- ACB_MIN_SEED_COUNT and ACB_EVOLUTION_PERIOD configurable via env vars
- Add Dockerfile (lean Alpine build, no language runtimes)
- Add acb-map-evolver to acb-build.yml CI pipeline
- Add staging K8s Deployment manifest
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The AWS SDK rejects 'us-east-1' as a region when using a custom S3-compatible
endpoint (ARMOR proxy wrapping Backblaze B2). The B2 client code already
hardcodes config.WithRegion('auto') which is correct for S3-compatible APIs.
This fixes the 'Invalid region: region was not a valid DNS name' error that
was preventing replay uploads to B2.
The staging manifest now reflects the actual deployed state in declarative-config:
- EventSource name: forgejo-webhooks (was acb-webhook)
- Endpoint: /ai-code-battle (was /push)
- Namespace: argo-events (was argo-workflows)
- Includes all three triggers: acb-images-build, acb-site-build, acb-bots-build
- Adds Forgejo webhook registration instructions
The forgejo-webhooks EventSource and updated webhook IngressRoute were added
to declarative-config to complete the CI wiring for jedarden/ai-code-battle.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The bot-seeder Deployment runs a shell script at startup that:
- Checks GET /api/bots and skips any bot already registered (idempotent)
- Waits for each bot's /health endpoint before registering
- POSTs to /api/register with name, owner=system, and cluster-internal endpoint_url
- Captures the returned shared_secret and upserts acb-bot-<name>-secret via the K8s REST API
- Sleeps forever after all 6 bots are registered
Also adds reloader.stakater.com/auto: "true" to all 6 bot Deployments so Reloader
triggers a rolling restart when the seeder writes/updates their secrets, ensuring
pods pick up the correct BOT_SECRET for HMAC validation.
RBAC: bot-seeder ServiceAccount + Role (get/create/patch secrets) + RoleBinding.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Creates manifests/acb-bots/ staging directory for the acb-bots namespace,
containing Deployment + Service + ExternalSecret for all 6 strategy bots
(random, gatherer, rusher, guardian, swarm, hunter) plus namespace and
docker-hub-registry ExternalSecret.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace :latest with @sha256: digest for acb-api, acb-evolver, acb-index-builder,
acb-matchmaker, and acb-worker. Add argocd-image-updater annotations to all five
deployments to auto-track future sha-* tag builds. Add missing deployment manifests
for index-builder, matchmaker, and worker.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add ReplayPlayer to type imports in replay-viewer.ts
- Add explicit type annotation for entry parameter in replay.ts transcript map
- Fixes TypeScript compilation errors for §15.3 screen reader transcript feature
Per plan §10.8 (deployment pipeline) and §9.8 (Argo Workflows):
- Add waitForWorkflowCompletion() that polls Argo Workflow API
- Add getWorkflowStatus() to fetch workflow phase/status
- Update Promote() to wait for workflow completion before inserting bot record
- Update Promote() to wait for K8s deployment readiness (waitForDeployment)
- Update triggerArgoWorkflow() to return workflow name for polling
- Add acb-evolved-bot-deploy-workflowtemplate.yml to manifests
The promotion flow now:
1. Writes bot source to bots/evolved/<bot_name>/
2. Commits and pushes source to git
3. Triggers Argo WorkflowTemplate
4. Waits for workflow completion (build + manifest commit)
5. Waits for K8s deployment to be ready
6. Inserts bot record into bots table
7. Updates programs table with bot_id/bot_name
This ensures evolved bots have running containers before being marked active.
PacifistBot never attacks; it survives by maximizing distance from enemies
and retreating toward own core when cornered. Pure evasion strategy that
wins via opponent elimination by third parties.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Staging manifests for sync to declarative-config/k8s/apexalgo-iad/ai-code-battle/:
- acb-evolver: Deployment + ServiceAccount with LLM/PG/R2 secrets
- acb-api: Deployment + Service + IngressRoute for api.ai-code-battle.ardenone.com
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
