Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Source Snapshot (Kustomize) + Rendered Branches
Short name: Source snapshot + render
Catchy description: Freeze the deploy source package once per release, keep environment policy in GitOps, and let Kargo render stage-specific outputs from that frozen snapshot into reviewable rendered branches.
Detailed Technical Description of Plan
This plan is the middle ground between live-source rendering and a richer OCI release artifact: CI freezes the deploy package once, writes that snapshot into
warehouses/codeai/freight/git-<full-commit-sha>/, mirrors the exact same contents tocurrent/, and then Kargo renders every downstream stage from that frozen release record. Promotion does not chase the movingcode-dot-orgbranch tip. It readswarehouses/codeai/freight/current/freight.yaml, resolves the release identity and package type from there, and uses GitOps-side env policy to materialize the stage-specific output into a rendered branch. That gives you a release object that is still plain Git, still reviewable, and still easy to audit by path, but without the ambiguity of reconstructing release truth from live source during promotion.The snapshot is the durable
k8s/kustomize/tree, but promotion still does not render from that tree directly. Instead, Kargo assembles a temporary deploy wrapper fromk8s-gitops/apps/codeai/kargo/templates/deploy/, layers in the envTypeComponentfiles fromapps/codeai/envTypes/<envType>/, and points that wrapper at the frozenbase/andcomponents/payload in the snapshot before runningkustomize-build. The important implementation detail is that the snapshot stays literal while the stage branch becomes the only mutable review surface.The tricky part is not the rendering step itself; it is keeping the snapshot contract disciplined.
current/must remain an exact mirror of the historicalgit-<full-commit-sha>/directory in the same commit, because promotion reads onlycurrent/while humans and audit tooling may inspect the historical release directory. That makes this plan easier to reason about than the live-source plans, which must sparse-checkout the huge monorepo at the promoted commit, but less compact than the thin-lock family because it duplicates the deploy package into GitOps-adjacent Freight. In practice, this is the plan to choose when you want frozen release inputs and rendered-branch reviewability without introducing a second artifact system.source-snapshot-rendered-branches
Sibling PR: code-dot-org PR #71570