PLAN.md

# tinqs/ci — Roadmap

## Done (2026-05-22)

- [x] Create `tinqs/ci` repo on tinqs.com
- [x] Composite actions: checkout, setup-go, setup-node, setup-aws
- [x] Wire all 6 studio workflows to `tinqs/ci/*@v1`
- [x] Alpine + Debian compatibility in all actions
- [x] Runner image Dockerfiles: base, go, node, docker, deploy, godot
- [x] Architecture doc: `tinqs/internal/architecture/ci-runner-architecture.md`

## Next: Runner Images

Build and push purpose-built images to ECR. Each workflow type gets a lean image.

| Image | ECR name | Contents | Priority |
|-------|----------|----------|----------|
| base | tinqs-runner-base | Alpine + git + AWS CLI + SSH | High |
| go | tinqs-runner-go | base + Go 1.26 | High |
| node | tinqs-runner-node | base + Node 22 + pnpm | High |
| docker | tinqs-runner-docker | dind + Go + AWS CLI | High |
| deploy | tinqs-runner-deploy | base only | Medium |
| godot | tinqs-runner-godot | base + headless Godot 4.6 | Low (future) |

**Blocker:** No Docker on Forge, Lightsail unreachable. Options:
1. AWS CodeBuild project to build images from this repo
2. SSH to Lightsail when back online
3. Self-build: add a workflow here that builds images on the current runner

## Next: Label Routing

Once images exist:
1. Update ECS task definitions — one per image
2. Register runners with matching labels: `go`, `node`, `docker`, `deploy`
3. Update studio workflows: `runs-on: host` → specific labels
4. Lambda dispatcher (future): webhook → Fargate task with correct image

## Future: Lambda Dispatch + Cancel

Lambda code already exists in `tinqs-ltd/docs/lambda/` (ci-dispatch + ci-exec).
Move to `tinqs/studio/deploy/lambda/`, deploy with SAM.

- DynamoDB table for run tracking (`tinqs-ci-runs`)
- Cancel via `ecs:StopTask` on webhook or timeout
- EventBridge cron for stale task cleanup
- Deploy-only jobs run directly in Lambda (no Fargate needed)

See: `tinqs/internal/architecture/ci-runner-architecture.md`

## Future: More Actions

| Action | Purpose |
|--------|---------|
| `tinqs/ci/setup-python` | Python + pip/uv for ML pipelines |
| `tinqs/ci/deploy-ecs` | ECS update-service wrapper with wait |
| `tinqs/ci/deploy-s3` | S3 sync + CloudFront invalidation |
| `tinqs/ci/notify` | Post build status to Lobster GChat |
fix: Alpine compatibility + READMEs + roadmap 2026-05-22 18:06:11 +01:00			`# tinqs/ci — Roadmap`

			`## Done (2026-05-22)`

			- [x] Create `tinqs/ci` repo on tinqs.com
			`- [x] Composite actions: checkout, setup-go, setup-node, setup-aws`
			- [x] Wire all 6 studio workflows to `tinqs/ci/*@v1`
			`- [x] Alpine + Debian compatibility in all actions`
			`- [x] Runner image Dockerfiles: base, go, node, docker, deploy, godot`
			- [x] Architecture doc: `tinqs/internal/architecture/ci-runner-architecture.md`

			`## Next: Runner Images`

			`Build and push purpose-built images to ECR. Each workflow type gets a lean image.`

			`\| Image \| ECR name \| Contents \| Priority \|`
			`\|-------\|----------\|----------\|----------\|`
			`\| base \| tinqs-runner-base \| Alpine + git + AWS CLI + SSH \| High \|`
			`\| go \| tinqs-runner-go \| base + Go 1.26 \| High \|`
			`\| node \| tinqs-runner-node \| base + Node 22 + pnpm \| High \|`
			`\| docker \| tinqs-runner-docker \| dind + Go + AWS CLI \| High \|`
			`\| deploy \| tinqs-runner-deploy \| base only \| Medium \|`
			`\| godot \| tinqs-runner-godot \| base + headless Godot 4.6 \| Low (future) \|`

			`Blocker: No Docker on Forge, Lightsail unreachable. Options:`
			`1. AWS CodeBuild project to build images from this repo`
			`2. SSH to Lightsail when back online`
			`3. Self-build: add a workflow here that builds images on the current runner`

			`## Next: Label Routing`

			`Once images exist:`
			`1. Update ECS task definitions — one per image`
			2. Register runners with matching labels: `go`, `node`, `docker`, `deploy`
			3. Update studio workflows: `runs-on: host` → specific labels
			`4. Lambda dispatcher (future): webhook → Fargate task with correct image`

			`## Future: Lambda Dispatch + Cancel`

			Lambda code already exists in `tinqs-ltd/docs/lambda/` (ci-dispatch + ci-exec).
			Move to `tinqs/studio/deploy/lambda/`, deploy with SAM.

			- DynamoDB table for run tracking (`tinqs-ci-runs`)
			- Cancel via `ecs:StopTask` on webhook or timeout
			`- EventBridge cron for stale task cleanup`
			`- Deploy-only jobs run directly in Lambda (no Fargate needed)`

			See: `tinqs/internal/architecture/ci-runner-architecture.md`

			`## Future: More Actions`

			`\| Action \| Purpose \|`
			`\|--------\|---------\|`
			\| `tinqs/ci/setup-python` \| Python + pip/uv for ML pipelines \|
			\| `tinqs/ci/deploy-ecs` \| ECS update-service wrapper with wait \|
			\| `tinqs/ci/deploy-s3` \| S3 sync + CloudFront invalidation \|
			\| `tinqs/ci/notify` \| Post build status to Lobster GChat \|