The worker was only configured with B2 (ARMOR) credentials, so replays were
being uploaded to B2 but not to R2. The index builder's B2→R2 promotion
cycle only covers the last 24 hours, so older replays were not available
in R2, causing 404 errors when clicking "Watch Replay".
This fix adds R2 credentials to the worker deployment, allowing it to
upload replays directly to R2 (hot cache) in addition to B2 (cold archive).
This makes replays immediately available for viewing without waiting for
the promotion cycle.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add seedIfEmpty: idempotent startup seeding (20 maps per player count,
ON CONFLICT DO NOTHING) using cellular-automata generation + validate()
- Add continuous evolution loop across all player counts (2/3/4/6)
- ACB_MIN_SEED_COUNT and ACB_EVOLUTION_PERIOD configurable via env vars
- Add Dockerfile (lean Alpine build, no language runtimes)
- Add acb-map-evolver to acb-build.yml CI pipeline
- Add staging K8s Deployment manifest
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The AWS SDK rejects 'us-east-1' as a region when using a custom S3-compatible
endpoint (ARMOR proxy wrapping Backblaze B2). The B2 client code already
hardcodes config.WithRegion('auto') which is correct for S3-compatible APIs.
This fixes the 'Invalid region: region was not a valid DNS name' error that
was preventing replay uploads to B2.
The staging manifest now reflects the actual deployed state in declarative-config:
- EventSource name: forgejo-webhooks (was acb-webhook)
- Endpoint: /ai-code-battle (was /push)
- Namespace: argo-events (was argo-workflows)
- Includes all three triggers: acb-images-build, acb-site-build, acb-bots-build
- Adds Forgejo webhook registration instructions
The forgejo-webhooks EventSource and updated webhook IngressRoute were added
to declarative-config to complete the CI wiring for jedarden/ai-code-battle.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The bot-seeder Deployment runs a shell script at startup that:
- Checks GET /api/bots and skips any bot already registered (idempotent)
- Waits for each bot's /health endpoint before registering
- POSTs to /api/register with name, owner=system, and cluster-internal endpoint_url
- Captures the returned shared_secret and upserts acb-bot-<name>-secret via the K8s REST API
- Sleeps forever after all 6 bots are registered
Also adds reloader.stakater.com/auto: "true" to all 6 bot Deployments so Reloader
triggers a rolling restart when the seeder writes/updates their secrets, ensuring
pods pick up the correct BOT_SECRET for HMAC validation.
RBAC: bot-seeder ServiceAccount + Role (get/create/patch secrets) + RoleBinding.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Creates manifests/acb-bots/ staging directory for the acb-bots namespace,
containing Deployment + Service + ExternalSecret for all 6 strategy bots
(random, gatherer, rusher, guardian, swarm, hunter) plus namespace and
docker-hub-registry ExternalSecret.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace :latest with @sha256: digest for acb-api, acb-evolver, acb-index-builder,
acb-matchmaker, and acb-worker. Add argocd-image-updater annotations to all five
deployments to auto-track future sha-* tag builds. Add missing deployment manifests
for index-builder, matchmaker, and worker.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add ReplayPlayer to type imports in replay-viewer.ts
- Add explicit type annotation for entry parameter in replay.ts transcript map
- Fixes TypeScript compilation errors for §15.3 screen reader transcript feature
Per plan §10.8 (deployment pipeline) and §9.8 (Argo Workflows):
- Add waitForWorkflowCompletion() that polls Argo Workflow API
- Add getWorkflowStatus() to fetch workflow phase/status
- Update Promote() to wait for workflow completion before inserting bot record
- Update Promote() to wait for K8s deployment readiness (waitForDeployment)
- Update triggerArgoWorkflow() to return workflow name for polling
- Add acb-evolved-bot-deploy-workflowtemplate.yml to manifests
The promotion flow now:
1. Writes bot source to bots/evolved/<bot_name>/
2. Commits and pushes source to git
3. Triggers Argo WorkflowTemplate
4. Waits for workflow completion (build + manifest commit)
5. Waits for K8s deployment to be ready
6. Inserts bot record into bots table
7. Updates programs table with bot_id/bot_name
This ensures evolved bots have running containers before being marked active.
PacifistBot never attacks; it survives by maximizing distance from enemies
and retreating toward own core when cornered. Pure evasion strategy that
wins via opponent elimination by third parties.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Staging manifests for sync to declarative-config/k8s/apexalgo-iad/ai-code-battle/:
- acb-evolver: Deployment + ServiceAccount with LLM/PG/R2 secrets
- acb-api: Deployment + Service + IngressRoute for api.ai-code-battle.ardenone.com
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
