# Plan: Deploy Platform Operator ## Context The platform-operator crate is fully built (3 controllers, 50 tests passing, deploy manifests, instance CRs) but has never been deployed. Currently all services (web-landing, web-api, txt, pics, bot-landing, chat, minio) are manually deployed. The operator will adopt management of these resources via server-side apply. There are a few code fixes needed before deployment, and a careful migration strategy to avoid downtime when the operator takes over. ## Part 1: Code Fixes ### 1.1 Fix MinIO image mismatch File: `crates/platform-operator/src/resources/deployment.rs:18` The operator hardcodes `quay.io/minio/minio:latest` but the cluster has `minio/minio:latest`. This would trigger an unnecessary pod restart during reconciliation. Change: `const MINIO_IMAGE: &str = "minio/minio:latest";` ### 1.2 Fix txt naming conflict The existing cluster resources are named `paste` (deployment, service, route) but the instance CR at `deploy/instances/txt.yaml` is named `txt`. The operator would create new `txt` resources and leave `paste` orphaned. Rename the existing cluster resources from `paste` to `txt` before the operator takes over: - Delete old: `oc delete deployment paste && oc delete service paste && oc delete route paste` - The operator will create `txt` deployment/service/route from the CR The BuildConfig also needs renaming from `paste` to `txt` so future builds produce the right image. Update `deploy/instances/txt.yaml` to reference the new image name once the BuildConfig is renamed. ### 1.3 Add bot instance CR File: `deploy/instances/bot.yaml` (new) The bot crate exists and MEMORY.md documents it but there's no instance CR. Create a WebService CR matching the bot's requirements (OIDC, DB, deploy/instances pattern). ### 1.4 Route-cert RBAC: add bot TLS secret File: `deploy/web-landing/route-cert-rbac.yaml` Add `irc-bot-tls` secret to the route-cert-reader Role's `resourceNames` list (the bot service will need the router SA to read its TLS secret). Actually, checking -- `irc-bot-tls` is already listed. No change needed. --- ## Part 2: Deploy Operator ### 2.1 Apply CRDs ```bash oc apply -f crates/platform-operator/deploy/crd.yaml ``` ### 2.2 Apply RBAC ```bash oc apply -f crates/platform-operator/deploy/rbac.yaml ``` ### 2.3 Build operator image ```bash tar czf /tmp/build.tar.gz --exclude='target' --exclude='.git' \ --exclude='irc-now-landing-page' --exclude='status' --exclude='design' \ --exclude='./docs' --exclude='notes' Cargo.toml Cargo.lock crates/ oc start-build platform-operator --from-archive=/tmp/build.tar.gz -n irc-josie-cloud --follow ``` ### 2.4 Migrate paste -> txt naming Before applying CRs, rename the existing resources: ```bash oc delete deployment paste -n irc-josie-cloud oc delete service paste -n irc-josie-cloud oc delete route paste -n irc-josie-cloud ``` Rename the BuildConfig: ```bash oc delete bc paste -n irc-josie-cloud ``` Create a new `txt` BuildConfig (or update `deploy/instances/txt.yaml` image ref). ### 2.5 Deploy operator ```bash oc apply -f crates/platform-operator/deploy/operator.yaml ``` ### 2.6 Apply instance CRs (one at a time, simplest first) ```bash oc apply -f deploy/instances/web-landing.yaml oc apply -f deploy/instances/bot-landing.yaml # verify both come up, check operator logs oc apply -f deploy/instances/chat.yaml oc apply -f deploy/instances/minio.yaml oc apply -f deploy/instances/txt.yaml oc apply -f deploy/instances/pics.yaml oc apply -f deploy/instances/web-api.yaml oc apply -f deploy/instances/bot.yaml ``` --- ## Part 3: Post-Deploy Cleanup ### 3.1 Remove manual deploy manifests The following are no longer needed once the operator manages these resources: - Any standalone Deployment/Service/Route/Certificate YAMLs that were previously applied manually - Keep `deploy/web-landing/route-cert-rbac.yaml` (operator doesn't manage this) ### 3.2 Verify all services ```bash oc get webservices -n irc-josie-cloud oc get chatservices -n irc-josie-cloud oc get minioinstances -n irc-josie-cloud # Check Ready condition on all CRs # curl each service endpoint ``` --- ## Files to Modify | File | Change | |------|--------| | `crates/platform-operator/src/resources/deployment.rs` | Fix MINIO_IMAGE to `minio/minio:latest` | | `deploy/instances/bot.yaml` | New: bot WebService CR | | `deploy/instances/txt.yaml` | Possibly update image ref after BC rename | ## Verification 1. `cargo test -p platform-operator` -- 50 tests pass 2. `cargo build --workspace` -- clean build 3. Apply CRDs, RBAC, build image, deploy operator 4. Apply CRs one at a time, check `oc logs deployment/platform-operator -f` 5. `oc get ws,chat,minio -n irc-josie-cloud` -- all show Ready=True 6. curl all endpoints: irc.now, irc.bot, my.irc.now, txt.irc.now, irc.pics, chat.irc.now 7. Verify operator handles re-reconciliation (delete a service, watch it recreate)