teleo/teleo-codex
8
0
Fork 0
Code Issues 22 Pull requests 3 Projects Releases Packages Wiki Activity Actions 1
teleo-codex/ops/deploy-manifest.md
m3taversal dbf9b07c62 ops: add deploy manifest, remove dead code, clean tracked artifacts 
- Add deploy manifest template (ops/deploy-manifest.md) — required checklist
  for all PRs touching VPS-deployed code
- Remove agents/logos/ — stale directory from Logos→Theseus rename
- Remove logos/* branch prefix from evaluate-trigger.sh domain routing
- Remove 298 .extraction-debug JSON files from version control
- Update .gitignore: add .extraction-debug/ and __pycache__ patterns

Pentagon-Agent: Theseus <24DE7DA0-E4D5-4023-B1A2-3F736AFF4EEE>
2026-03-28 21:21:26 +00:00

2.3 KiB
Raw Blame History

Deploy Manifest

Every PR that touches VPS-deployed code must include a deploy manifest — either in the PR description or as a comment before requesting deploy. Rhea can reject deploys without one.

Template

Copy this into your PR description and fill it in:

## Deploy Manifest

**Files changed:**
- path/to/file.py (new | modified | deleted)

**Services to restart:**
- teleo-bot.service
- teleo-eval.service

**New ReadWritePaths:** (leave blank if none)
- /opt/teleo-eval/data/new-directory

**Migration steps:** (leave blank if none)
- Run: sqlite3 pipeline.db < migrations/001-add-column.sql

**Endpoints affected:**
- GET /health
- GET /api/alerts

**Expected behavior after deploy:**
- /health returns 200 with new field X
- New cron runs every 5 minutes

What Counts as VPS-Deployed Code

File type Example Needs manifest?
Python application code bot.py, app.py, alerting.py Yes
Shell scripts on VPS extract-cron.sh, evaluate-trigger.sh Yes
systemd service/timer files teleo-bot.service Yes
Database migrations ALTER TABLE, new tables Yes
HTML/CSS/JS served by app dashboard.html, teleo-app Yes
Claim/source/entity markdown domains/ai-alignment/claim.md No
Schema definitions schemas/claim.md No (but see schema-change-protocol.md)
Agent identity/beliefs agents/theseus/identity.md No

Rules

  1. No deploy without manifest. If the PR lacks one, Rhea bounces it back.
  2. List every service that needs restart. "Just restart everything" is not acceptable — it causes unnecessary downtime.
  3. ReadWritePaths are mandatory. If your code writes to a new path, say so. Missing ReadWritePaths is the #1 cause of silent deploy failures.
  4. Endpoints affected enables verification. Argus uses this field to run post-deploy smoke tests. Without it, verification is guesswork.
  5. Migration steps must be idempotent. If the deploy is retried, the migration shouldn't break.

Post-Deploy Verification

After Rhea restarts the service:

  1. Argus hits every endpoint listed in "Endpoints affected"
  2. Argus checks systemd journal for errors in the last 60 seconds
  3. Argus reports pass/fail in the Engineering group chat

If verification fails, Rhea rolls back. The PR author fixes and resubmits.