philipp/unrip
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
unrip/README.md
philipp 6e635c32e4
All checks were successful
deploy / deploy (push) Successful in 18s
Details
Harden deploy runner checkout
2026-04-01 01:19:25 +02:00

3.1 KiB
Raw Blame History

unrip project

This repository contains the unrip trading-system code and its project-specific deployment assets.

Contents

  • src/ — application code
  • package.json / package-lock.json — Node package manifest
  • Dockerfile / .dockerignore — app container build
  • .env.example — local app runtime example
  • compose.yml — local development stack
  • deploy/k8s/base/ — project-specific Kubernetes manifests
  • deploy/redpanda/rpk-topics.txt — project topic reference
  • docs/ — project-specific design and contract docs

Local development

npm install
cp .env.example .env
# edit .env

docker compose up -d --build

Useful commands:

docker compose ps
docker compose logs -f
docker compose logs -f near-intents-ingest dummy-reactor dummy-executor dummy-consumer
npm run near-intents:ingest
npm run dummy-reactor
npm run dummy-executor
npm run dummy-consumer

App image

The app image is now built from this directory.

Examples:

docker build -t unrip:dev .

Kubernetes manifests

Project manifests live under:

  • deploy/k8s/base/

The shared cluster/platform resources live in the separate infra repository.

Deployment

This repo is the app-side deployment repo. The shared Hetzner/k3s bootstrap, Forgejo runner, registry, and other platform services live in the separate platform repo.

See docs/deployment.md for the full operator path.

One-time app bootstrap

Bootstrap the app namespace, secrets, and Forgejo repo settings from this repo:

bash scripts/deploy/bootstrap.sh

That bootstrap also refreshes the local forgejo remote URL for HTTPS pushes when it has enough auth material to do so.

By default, the script uses the adjacent platform checkout at ../unrip3 for:

  • kubeconfig.yaml
  • kubeconfig.incluster.yaml
  • registry credentials
  • the NEAR_INTENTS_API_KEY fallback from ../unrip3/.env

If you are not using that local split, provide the values yourself via env vars such as KUBECONFIG_PATH, CI_KUBECONFIG_PATH, REGISTRY_HOST, REGISTRY_USERNAME, REGISTRY_PASSWORD, NEAR_INTENTS_API_KEY, and either FORGEJO_TOKEN or FORGEJO_ADMIN_USERNAME / FORGEJO_ADMIN_PASSWORD.

Routine deploy

After bootstrap, deployment is just a push to Forgejo main:

git push forgejo main

.forgejo/workflows/deploy.yml then:

  • applies deploy/k8s/base
  • builds the image from this repo root inside the cluster with Kaniko
  • pushes it to the shared registry
  • rolls the unrip deployments
  • uses a fresh temporary runner workspace on each run, so reruns do not require manual cleanup on the Forgejo runner

Observe rollout

KUBECONFIG=../unrip3/.state/hetzner/kubeconfig.yaml kubectl -n unrip get deploy,pods,job
KUBECONFIG=../unrip3/.state/hetzner/kubeconfig.yaml kubectl -n unrip rollout status deploy/near-intents-ingest
KUBECONFIG=../unrip3/.state/hetzner/kubeconfig.yaml kubectl -n unrip rollout status deploy/dummy-reactor
KUBECONFIG=../unrip3/.state/hetzner/kubeconfig.yaml kubectl -n unrip rollout status deploy/dummy-executor
KUBECONFIG=../unrip3/.state/hetzner/kubeconfig.yaml kubectl -n unrip rollout status deploy/dummy-consumer