Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Common-Case Freight + Rendered Branches
Short name: Common-case render
Catchy description: Stop manufacturing a fake build-lock commit. Let Kargo assemble the real monorepo commit and the real image into one Freight, then render stage branches from sparse checkouts of the huge repo.
Detailed Technical Description of Plan
This plan is the “use the real artifacts, not a synthetic release record” option. Kargo watches the actual app image in GHCR and the real
code-dot-orgGit history, then creates one Freight item only when those two match on the samegit-<full-commit-sha>identity. That means the release coordinate is not a warehouse file ink8s-gitops; it is the pairing of the published image and the source commit that produced it. The Warehouse logic is therefore the heart of the plan: if the image tag and Git commit do not line up exactly, there is no promotion candidate.On the GH action side, Helm CI only builds and publishes the immutable
git-<full-commit-sha>image tag, and it writes no package artifact and no Git Freight record.Promotion then uses that single Freight item to render deploy output into long-lived stage branches in
k8s-gitops. The critical implementation detail is that render-time input comes from a sparse checkout ofcode-dot-orgat the promoted commit, not from the movingstagingbranch tip. Kargo clonesk8s-gitopsonce for env policy and metadata, clonescode-dot-orgonce for the source package, renders the stage-specific output, and commits that rendered output tostage/<deployment>. The review stage is not a special case in architecture, only in Git behavior: production output gets rendered to a generated branch and opened as a PR againststage/productionso humans review the actual manifests before production sync.This plan differs from the thin-lock and snapshot families in where trust lives. The thin-lock family trusts a tiny build-lock file, and the snapshot family trusts a frozen copy of the package. Common-Case trusts the live source commit plus the live image tag, so the tricky part is making promotion deterministic without snapshotting anything into Freight. The hard implementation points are the exact
git-<full-commit-sha>pairing rule, the sparse checkout at the promoted source commit, and the Helm render inputs assembled fromk8s-gitopsenvType values plus the shared deployment metadata.common-case-rendered-branches
Sibling PR: code-dot-org/code-dot-org#71562